Aller au contenu

beljean44

Membres
  • Compteur de contenus

    25
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de beljean44

  • Rang
    Member
  • Date de naissance 23/01/1960

Contact Methods

  • MSN
    BELJEAN44
  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Localisation
    SAINT-NAZAIRE
  1. beljean44

    Demande Analyse rapports hijackthis

    Pages explorer qui s'ouvrent sur des sites peu recommandable!
  2. beljean44

    Demande Analyse rapports hijackthis

    Pardon, sincères excuses oublié le bonjour.
  3. Logfile of HijackThis v1.99.1 Scan saved at 17:28:59, on 09/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\UAService7.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\ABoard.exe C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\apps\ABoard\AOSD.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe C:\APPS\skype\phone\Skype.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB002" /M "Stylus DX3800" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB002" /M "Stylus DX3800" O4 - HKLM\..\Run: [Thunk Site More Dog] D:\Documents and Settings\All Users\Application Data\activefilethunksite\Vc log.exe O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe O4 - HKCU\..\Run: [skype] "C:\APPS\skype\phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKCU\..\Run: [Plus Deaf] D:\DOCUME~1\fabrice\APPLIC~1\STARTP~1\first32jump.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ? O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZS O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?039145aa7cda40ee97ebf6e599b1563f O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?039145aa7cda40ee97ebf6e599b1563f O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1148321809750 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
  4. beljean44

    spyware

    Bonjour, bien suivi instructions, voici le rapport Logfile of HijackThis v1.99.1 Scan saved at 16:54:48, on 05/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\EasyBox\apache\apache.exe C:\WINDOWS\system32\E_S00RP1.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe C:\WINDOWS\system32\SAgent4.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\EasyBox\apache\apache.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\hphmon06.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://officebeta.iponet.net/officeupdate/content/opuc4.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EasyModApache - Unknown owner - C:\Program Files\EasyBox\apache\apache.exe" -k runservice (file missing) O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
  5. beljean44

    spyware

    Bonjour, je n'ai pas rétabli les élément d' affichage des dossiers, dois-je le faire ? Voici le rapport F-Secure Blacklight: 12/04/06 10:19:07 [info]: BlackLight Engine 1.0.47 initialized 12/04/06 10:19:07 [info]: OS: 5.1 build 2600 (Service Pack 2) 12/04/06 10:19:07 [Note]: 7019 4 12/04/06 10:19:07 [Note]: 7005 0 12/04/06 10:19:17 [Note]: 7006 0 12/04/06 10:19:17 [Note]: 7011 3968 12/04/06 10:19:17 [Note]: 7026 0 12/04/06 10:19:17 [Note]: 7026 0 12/04/06 10:19:18 [Note]: 7024 3 12/04/06 10:19:18 [info]: Hidden process: C:\windows\system32\xprkaevexh.exe 12/04/06 10:19:18 [Note]: FSRAW library version 1.7.1020 12/04/06 10:29:54 [Note]: 4020 192197 65536 12/04/06 10:29:54 [Note]: 4022 192197 12/04/06 10:29:54 [Note]: 4020 192197 65536 12/04/06 10:29:54 [Note]: 4022 192197 12/04/06 10:29:54 [Note]: 4020 192197 65536 12/04/06 10:29:54 [Note]: 4022 192197 12/04/06 10:29:54 [Note]: 4020 192197 65536 12/04/06 10:29:54 [Note]: 4022 192197 12/04/06 10:29:54 [Note]: 4020 192197 65536 12/04/06 10:29:54 [Note]: 4022 192197 12/04/06 10:29:54 [Note]: 4020 192196 65536 12/04/06 10:29:54 [Note]: 4022 192196 12/04/06 10:29:54 [Note]: 4020 192195 65536 12/04/06 10:29:54 [Note]: 4022 192195 12/04/06 10:29:54 [Note]: 4020 192194 65536 12/04/06 10:29:54 [Note]: 4018 192194 65536 12/04/06 10:29:54 [Note]: 4020 192194 65536 12/04/06 10:29:54 [Note]: 4018 192194 65536 12/04/06 10:33:48 [info]: Hidden file: c:\WINDOWS\system32\xprkaevexh_nav.dat 12/04/06 10:33:48 [Note]: 10002 1 12/04/06 10:33:48 [info]: Hidden file: c:\WINDOWS\system32\xprkaevexh_navps.dat 12/04/06 10:33:48 [Note]: 10002 1 12/04/06 10:33:49 [info]: Hidden file: c:\WINDOWS\system32\xprkaevexh.dat 12/04/06 10:33:49 [Note]: 10002 1 12/04/06 10:33:49 [info]: Hidden file: C:\windows\system32\xprkaevexh.exe 12/04/06 10:33:49 [Note]: 10002 1 12/04/06 10:34:02 [info]: Hidden file: c:\WINDOWS\Prefetch\XPRKAEVEXH.EXE-0E59813D.pf 12/04/06 10:34:02 [Note]: 10002 1 12/04/06 10:41:13 [Note]: 7007 0
  6. beljean44

    spyware

    Re Je n'ai pu mettre à jour, AVG AS (connection serveur impossible). Pas eu besoin de faire de suppression les fichiers avaient été enlevés après avoir executé hijackthis. Voici les rapports, bonne lecture. Logfile of HijackThis v1.99.1 Scan saved at 17:00:10, on 03/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [xprkaevexh] c:\windows\system32\xprkaevexh.exe xprkaevexh O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://officebeta.iponet.net/officeupdate/content/opuc4.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EasyModApache - Unknown owner - C:\Program Files\EasyBox\apache\apache.exe" -k runservice (file missing) O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:58:47 03/12/2006 + Résultat de l'analyse: HKU\S-1-5-21-2818375779-2610417581-3683820815-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0D4C7057-EAD2-44C6-AD18-9092905F28F1} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D123AED6C340E304988D0F6852B28775 -> Adware.MediaMotor : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127451.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127452.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127453.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127456.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127458.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127459.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP791\A0127460.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127463.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127465.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127468.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127475.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\kswlhmhr.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\yxjoxlch.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.7\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\CONFLICT.8\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\UERSV_0001_N91S2108NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\WINDOWS\Downloaded Program Files\UWA6PV_0001_N91M2107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127464.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127466.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127467.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127469.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127471.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\hjhjkdsa.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\leijmbny.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\lgtddgqc.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\ofawfbhs.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\VundoFix Backups\phjmuvra.exe.bad -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127470.exe -> Trojan.Small.ju : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127472.exe -> Trojan.Small.ju : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP792\A0127473.exe -> Trojan.Small.ju : Nettoyé et sauvegardé (mise en quarantaine). Fin du rapport
  7. beljean44

    spyware

    Merci, toujours au top, voici le deux rapports. VundoFix V6.2.13 Checking Java version... Java version is 1.5.0.4 Java version is 1.5.0.6 Scan started at 13:51:09 03/12/2006 Listing files found while scanning.... C:\WINDOWS\system32\cpybilqs.exe C:\WINDOWS\system32\hjhjkdsa.exe C:\WINDOWS\system32\kswlhmhr.exe C:\WINDOWS\system32\leijmbny.exe C:\WINDOWS\system32\lgtddgqc.exe C:\WINDOWS\system32\mdoyomld.exe C:\WINDOWS\system32\ofawfbhs.exe C:\WINDOWS\system32\oftatitr.exe C:\WINDOWS\system32\phjmuvra.exe C:\WINDOWS\system32\xrjycjls.exe C:\WINDOWS\system32\xtidcnmo.exe C:\WINDOWS\system32\ywobyfvb.exe C:\WINDOWS\system32\yxjoxlch.exe C:\WINDOWS\addins\natiyss.dll C:\WINDOWS\addins\ssyitan.ini C:\WINDOWS\addins\ssyitan.bak1 C:\WINDOWS\addins\ssyitan.bak2 C:\WINDOWS\addins\ssyitan.ini2 C:\WINDOWS\addins\ssyitan.tmp Beginning removal... Attempting to delete C:\WINDOWS\system32\cpybilqs.exe C:\WINDOWS\system32\cpybilqs.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\hjhjkdsa.exe C:\WINDOWS\system32\hjhjkdsa.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\kswlhmhr.exe C:\WINDOWS\system32\kswlhmhr.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\leijmbny.exe C:\WINDOWS\system32\leijmbny.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\lgtddgqc.exe C:\WINDOWS\system32\lgtddgqc.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\mdoyomld.exe C:\WINDOWS\system32\mdoyomld.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\ofawfbhs.exe C:\WINDOWS\system32\ofawfbhs.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\oftatitr.exe C:\WINDOWS\system32\oftatitr.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\phjmuvra.exe C:\WINDOWS\system32\phjmuvra.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\xrjycjls.exe C:\WINDOWS\system32\xrjycjls.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\xtidcnmo.exe C:\WINDOWS\system32\xtidcnmo.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\ywobyfvb.exe C:\WINDOWS\system32\ywobyfvb.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\yxjoxlch.exe C:\WINDOWS\system32\yxjoxlch.exe Has been deleted! Attempting to delete C:\WINDOWS\addins\natiyss.dll C:\WINDOWS\addins\natiyss.dll Has been deleted! Attempting to delete C:\WINDOWS\addins\ssyitan.ini C:\WINDOWS\addins\ssyitan.ini Has been deleted! Attempting to delete C:\WINDOWS\addins\ssyitan.bak1 C:\WINDOWS\addins\ssyitan.bak1 Has been deleted! Attempting to delete C:\WINDOWS\addins\ssyitan.bak2 C:\WINDOWS\addins\ssyitan.bak2 Has been deleted! Attempting to delete C:\WINDOWS\addins\ssyitan.ini2 C:\WINDOWS\addins\ssyitan.ini2 Has been deleted! Attempting to delete C:\WINDOWS\addins\ssyitan.tmp C:\WINDOWS\addins\ssyitan.tmp Has been deleted! Performing Repairs to the registry. Done! Logfile of HijackThis v1.99.1 Scan saved at 14:09:08, on 03/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\EasyBox\apache\apache.exe C:\WINDOWS\system32\E_S00RP1.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe C:\Program Files\EasyBox\apache\apache.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe C:\WINDOWS\system32\SAgent4.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\hphmon06.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O2 - BHO: (no name) - {288DDDD3-7D4E-461C-8627-C369371FE995} - C:\WINDOWS\system32\ehiwasaj.dll O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\xgkesikv.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6EA65CD5-88CC-46A5-8B66-154268928AC2} - C:\WINDOWS\system32\ehiwasaj.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {EC1332F8-7DBE-4502-8CF4-F78C2E8ACF55} - C:\WINDOWS\addins\natiyss.dll (file missing) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://officebeta.iponet.net/officeupdate/content/opuc4.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EasyModApache - Unknown owner - C:\Program Files\EasyBox\apache\apache.exe" -k runservice (file missing) O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe Vois-tu autre chose à faire ? Tu es vraiment le BEST! Sincères remerciements. Jean
  8. beljean44

    spyware

    Bonjour, je n'arrive pas même en utilisant hijackthis a éradiquer une BHO. C:\windows\addins\natiyss.dll {261333EB-DEAC-45EC-8314-212C8AGC1D79} Ligne 020 du rapport hijackthis : 020-Winlogon Notify :C:\WINDOWS\addins\natiyss.dll Logfile of HijackThis v1.99.1 Scan saved at 13:40:26, on 03/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\EasyBox\apache\apache.exe C:\WINDOWS\system32\E_S00RP1.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\EasyBox\apache\apache.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe C:\WINDOWS\system32\SAgent4.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\hphmon06.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O2 - BHO: (no name) - {288DDDD3-7D4E-461C-8627-C369371FE995} - C:\WINDOWS\system32\ehiwasaj.dll O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\system32\xgkesikv.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {6EA65CD5-88CC-46A5-8B66-154268928AC2} - C:\WINDOWS\system32\ehiwasaj.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {EC1332F8-7DBE-4502-8CF4-F78C2E8ACF55} - C:\WINDOWS\addins\natiyss.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\QTSystem\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe" O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://officebeta.iponet.net/officeupdate/content/opuc4.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: natiyss - C:\WINDOWS\addins\natiyss.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EasyModApache - Unknown owner - C:\Program Files\EasyBox\apache\apache.exe" -k runservice (file missing) O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe Pouvez-vous me guider ?
  9. beljean44

    Demande d'analyse

    je suis ok, surtout qu'il est lent au demarrage et a l'arrêt.
  10. beljean44

    Demande d'analyse

    Jen'ai plus Mcaffe seulement le firewall. Hier soir petit problème écran noir, obligation d'éteindre au bouton, je trouve qu'il est lent au démarage et arrêt. Serat'il nécessaire de renouveler l'opération souvent? Vois-tu autre chose que je pourrais faire, pour améliorer mon pc? Merci pour tous tes conseils et explications de mises en oeuvre, très claire et il n'y a qu'a suivre tes instructions. Bonne continuation.
  11. beljean44

    Demande d'analyse

    Merci j'ai passé du temps mais tout est fait! Faudrat'il le faire souvent ? --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 17:46:56, 13/05/2006 + Somme de contrôle: 7B42190B + Résultats du scan: :mozilla.18:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\5us1po6w.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.19:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\5us1po6w.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.20:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\5us1po6w.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.23:C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\5us1po6w.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/alsmsext.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/cbutil.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ciseqchk.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/cnmres.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dcserver.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/DF240.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dicpmon.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dsvx_xx11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dunetlib.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dvsec.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dwu11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/dyvx_xx07.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ELircles.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ennsl1571.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ewfpixguid.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/fhsdrv.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/fhsst.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/fndrclnr.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/gp2ml3f11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/guard.tmp -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/hlzjrd01.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/hrlu0539e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/htgt34tk.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/hyd.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/HZODXPAT.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/i8420ihoe84c0.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ifl11.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ins.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/iu50_qc.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ixeistor12.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/jnaw400.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/jrpl400.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/jtr8079ue.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/jtrs0797e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kddno1.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kiddv.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kndtuq.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kqdla.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kt2ol7f31.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ktdtuf.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ktr0l79m1.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/kydkyr.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/letif70n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/LGDIS11n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/lgpcd10N.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/llcmp13n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/lmpng13n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/lreps11n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/Lrpng11n.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/lv8o09l3e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/lwthk10w.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/m428lefu1h28.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/MBCMCFR.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/MBRTEDIT.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mfhtmled.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mgnetobj.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/MHRDO20.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mioert2.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mjc40.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/MJJINT35.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mloert2.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mmcoree.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mmicda.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mosap.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mpvcp71.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/MRC71DEU.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mvacm.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mvlml9311.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mxaudite.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mxutilse.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/mzw3prt.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/n2r20c9oef.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/naprint.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/nfmssvc.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/nitapi32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/njtrap.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/nvtapi32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/nvvdmd.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/omeaut32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/OPFMNT40.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/otbctrac.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/pch.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/pfcrt.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/qbv.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/rCsadhlp.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/rgutetab.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/RMBios32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/rOsman.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/saclogon.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/scellstyle.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/sforprop.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/SGntfNT.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/SiyWeb.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ssvsvc.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/tIembed.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/ugimdmat.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/VD5DB.DLL -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wan87em.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wapcd.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wE2time.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wfhelp2.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wiv9vcm.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wL2time.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/WLDRMdev.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wopshell.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wqdconns.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/WWDRMdev.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wwpasf.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/wynmp32.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\HP_Propriétaire\Bureau\Mes logiciels\l2mfix\backup.zip/dlls/xzsp1res.dll -> Adware.Look2Me : Nettoyer et sauvegarder ::Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 17:54:46, on 13/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\hphmon06.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\E_S00RP1.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe C:\WINDOWS\system32\SAgent4.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - c:\program files\LAB\msdxm.ocx O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Global Startup: Corel Colleagues & Contacts Reminders.LNK = C:\Program Files\Corel\Print Office\cffrem.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
  12. beljean44

    Demande d'analyse

    voici le rapport L2mfix 032106 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 560 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 648 'winlogon.exe' Killing PID 648 'winlogon.exe' Killing PID 648 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1636 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 2840 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\ktr0l79m1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/alsmsext.dll (164 bytes security) (deflated 5%) adding: dlls/cbutil.dll (164 bytes security) (deflated 4%) adding: dlls/ciseqchk.dll (164 bytes security) (deflated 5%) adding: dlls/cnmres.dll (164 bytes security) (deflated 5%) adding: dlls/dcserver.dll (164 bytes security) (deflated 5%) adding: dlls/DF240.dll (164 bytes security) (deflated 4%) adding: dlls/dicpmon.dll (164 bytes security) (deflated 5%) adding: dlls/dsvx_xx11.dll (164 bytes security) (deflated 5%) adding: dlls/dunetlib.dll (164 bytes security) (deflated 5%) adding: dlls/dvsec.dll (164 bytes security) (deflated 5%) adding: dlls/dwu11.dll (164 bytes security) (deflated 5%) adding: dlls/dyvx_xx07.dll (164 bytes security) (deflated 4%) adding: dlls/ELircles.dll (164 bytes security) (deflated 5%) adding: dlls/ennsl1571.dll (164 bytes security) (deflated 5%) adding: dlls/ewfpixguid.dll (164 bytes security) (deflated 5%) adding: dlls/fhsdrv.dll (164 bytes security) (deflated 5%) adding: dlls/fhsst.dll (164 bytes security) (deflated 4%) adding: dlls/fndrclnr.dll (164 bytes security) (deflated 5%) adding: dlls/gp2ml3f11.dll (164 bytes security) (deflated 5%) adding: dlls/guard.tmp (164 bytes security) (deflated 4%) adding: dlls/hlzjrd01.dll (164 bytes security) (deflated 5%) adding: dlls/hrlu0539e.dll (164 bytes security) (deflated 4%) adding: dlls/htgt34tk.dll (164 bytes security) (deflated 5%) adding: dlls/hyd.dll (164 bytes security) (deflated 4%) adding: dlls/HZODXPAT.DLL (164 bytes security) (deflated 4%) adding: dlls/i8420ihoe84c0.dll (164 bytes security) (deflated 5%) adding: dlls/ifl11.dll (164 bytes security) (deflated 5%) adding: dlls/ins.dll (164 bytes security) (deflated 5%) adding: dlls/iu50_qc.dll (164 bytes security) (deflated 5%) adding: dlls/ixeistor12.dll (164 bytes security) (deflated 5%) adding: dlls/jnaw400.dll (164 bytes security) (deflated 5%) adding: dlls/jrpl400.dll (164 bytes security) (deflated 5%) adding: dlls/jtr8079ue.dll (164 bytes security) (deflated 5%) adding: dlls/jtrs0797e.dll (164 bytes security) (deflated 5%) adding: dlls/kddno1.dll (164 bytes security) (deflated 5%) adding: dlls/kiddv.dll (164 bytes security) (deflated 5%) adding: dlls/kndtuq.dll (164 bytes security) (deflated 4%) adding: dlls/kqdla.dll (164 bytes security) (deflated 5%) adding: dlls/kt2ol7f31.dll (164 bytes security) (deflated 4%) adding: dlls/ktdtuf.dll (164 bytes security) (deflated 5%) adding: dlls/ktr0l79m1.dll (164 bytes security) (deflated 5%) adding: dlls/kydkyr.dll (164 bytes security) (deflated 5%) adding: dlls/letif70n.dll (164 bytes security) (deflated 5%) adding: dlls/LGDIS11n.dll (164 bytes security) (deflated 5%) adding: dlls/lgpcd10N.dll (164 bytes security) (deflated 5%) adding: dlls/llcmp13n.dll (164 bytes security) (deflated 4%) adding: dlls/lmpng13n.dll (164 bytes security) (deflated 5%) adding: dlls/lreps11n.dll (164 bytes security) (deflated 5%) adding: dlls/Lrpng11n.dll (164 bytes security) (deflated 5%) adding: dlls/lv8o09l3e.dll (164 bytes security) (deflated 5%) adding: dlls/lwthk10w.dll (164 bytes security) (deflated 5%) adding: dlls/m428lefu1h28.dll (164 bytes security) (deflated 5%) adding: dlls/MBCMCFR.DLL (164 bytes security) (deflated 4%) adding: dlls/MBRTEDIT.DLL (164 bytes security) (deflated 5%) adding: dlls/mfhtmled.dll (164 bytes security) (deflated 4%) adding: dlls/mgnetobj.dll (164 bytes security) (deflated 5%) adding: dlls/MHRDO20.DLL (164 bytes security) (deflated 4%) adding: dlls/mioert2.dll (164 bytes security) (deflated 4%) adding: dlls/mjc40.dll (164 bytes security) (deflated 5%) adding: dlls/MJJINT35.DLL (164 bytes security) (deflated 5%) adding: dlls/mloert2.dll (164 bytes security) (deflated 5%) adding: dlls/mmcoree.dll (164 bytes security) (deflated 5%) adding: dlls/mmicda.dll (164 bytes security) (deflated 4%) adding: dlls/mosap.dll (164 bytes security) (deflated 5%) adding: dlls/mpvcp71.dll (164 bytes security) (deflated 5%) adding: dlls/MRC71DEU.DLL (164 bytes security) (deflated 5%) adding: dlls/mvacm.dll (164 bytes security) (deflated 4%) adding: dlls/mvlml9311.dll (164 bytes security) (deflated 5%) adding: dlls/mxaudite.dll (164 bytes security) (deflated 5%) adding: dlls/mxutilse.dll (164 bytes security) (deflated 5%) adding: dlls/mzw3prt.dll (164 bytes security) (deflated 5%) adding: dlls/n2r20c9oef.dll (164 bytes security) (deflated 5%) adding: dlls/naprint.dll (164 bytes security) (deflated 5%) adding: dlls/nfmssvc.dll (164 bytes security) (deflated 5%) adding: dlls/nitapi32.dll (164 bytes security) (deflated 5%) adding: dlls/njtrap.dll (164 bytes security) (deflated 5%) adding: dlls/nvtapi32.dll (164 bytes security) (deflated 4%) adding: dlls/nvvdmd.dll (164 bytes security) (deflated 4%) adding: dlls/omeaut32.dll (164 bytes security) (deflated 5%) adding: dlls/OPFMNT40.DLL (164 bytes security) (deflated 5%) adding: dlls/otbctrac.dll (164 bytes security) (deflated 5%) adding: dlls/pch.dll (164 bytes security) (deflated 4%) adding: dlls/pfcrt.dll (164 bytes security) (deflated 5%) adding: dlls/qbv.dll (164 bytes security) (deflated 5%) adding: dlls/rCsadhlp.dll (164 bytes security) (deflated 5%) adding: dlls/rgutetab.dll (164 bytes security) (deflated 5%) adding: dlls/RMBios32.dll (164 bytes security) (deflated 5%) adding: dlls/rOsman.dll (164 bytes security) (deflated 5%) adding: dlls/saclogon.dll (164 bytes security) (deflated 4%) adding: dlls/scellstyle.dll (164 bytes security) (deflated 5%) adding: dlls/sforprop.dll (164 bytes security) (deflated 5%) adding: dlls/SGntfNT.dll (164 bytes security) (deflated 5%) adding: dlls/SiyWeb.dll (164 bytes security) (deflated 4%) adding: dlls/ssvsvc.dll (164 bytes security) (deflated 5%) adding: dlls/tIembed.dll (164 bytes security) (deflated 5%) adding: dlls/ugimdmat.dll (164 bytes security) (deflated 5%) adding: dlls/VD5DB.DLL (164 bytes security) (deflated 5%) adding: dlls/wan87em.dll (164 bytes security) (deflated 4%) adding: dlls/wapcd.dll (164 bytes security) (deflated 5%) adding: dlls/wE2time.dll (164 bytes security) (deflated 5%) adding: dlls/wfhelp2.dll (164 bytes security) (deflated 4%) adding: dlls/wiv9vcm.dll (164 bytes security) (deflated 5%) adding: dlls/wL2time.dll (164 bytes security) (deflated 5%) adding: dlls/WLDRMdev.dll (164 bytes security) (deflated 5%) adding: dlls/wopshell.dll (164 bytes security) (deflated 5%) adding: dlls/wqdconns.dll (164 bytes security) (deflated 4%) adding: dlls/WWDRMdev.dll (164 bytes security) (deflated 5%) adding: dlls/wwpasf.dll (164 bytes security) (deflated 5%) adding: dlls/wynmp32.dll (164 bytes security) (deflated 4%) adding: dlls/xzsp1res.dll (164 bytes security) (deflated 4%) adding: backregs/03346DA5-1265-4290-BA70-6083543ACCD4.reg (188 bytes security) (deflated 70%) adding: backregs/0676560E-CC19-49C3-8559-1293AF6B05C8.reg (188 bytes security) (deflated 70%) adding: backregs/09909F9F-8165-474C-B04A-BF16342E522A.reg (188 bytes security) (deflated 70%) adding: backregs/0C548398-E096-4105-B3DA-B2C8ECF91069.reg (188 bytes security) (deflated 70%) adding: backregs/0E6330F6-BFA8-4BE0-8001-71D192567406.reg (188 bytes security) (deflated 70%) adding: backregs/1354B4F4-BAF1-46AE-B371-223134D02442.reg (188 bytes security) (deflated 70%) adding: backregs/182E2F4A-D98A-4A89-A266-83768B66E8B2.reg (188 bytes security) (deflated 70%) adding: backregs/1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD.reg (188 bytes security) (deflated 70%) adding: backregs/1E8911D0-E92C-4BEE-B204-D1F850C7B0E0.reg (188 bytes security) (deflated 70%) adding: backregs/21F211F8-3C60-4841-8E1B-A43B42B00209.reg (188 bytes security) (deflated 70%) adding: backregs/262319EE-4E2A-49C4-9918-27CEECB074C9.reg (188 bytes security) (deflated 70%) adding: backregs/282C1291-7BBA-41F4-B2F2-88C867A178D9.reg (188 bytes security) (deflated 70%) adding: backregs/313F59BF-912B-4D2E-B028-9B7E1448C404.reg (188 bytes security) (deflated 70%) adding: backregs/354F31EF-A6A5-458B-AA6D-A58A39035EBD.reg (188 bytes security) (deflated 70%) adding: backregs/37C51321-B50A-49D2-8617-3EED48B2B847.reg (188 bytes security) (deflated 70%) adding: backregs/38AE3054-4EC4-48B3-BF4A-3106CF4BD83E.reg (188 bytes security) (deflated 70%) adding: backregs/3A58173B-1324-459F-84A8-73A33B64F852.reg (188 bytes security) (deflated 70%) adding: backregs/3E4CA3D6-F10D-4340-98B4-3DB4E324BC99.reg (188 bytes security) (deflated 70%) adding: backregs/3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D.reg (188 bytes security) (deflated 70%) adding: backregs/404D7322-6686-4EA8-A8F0-A6DB0325CD2C.reg (188 bytes security) (deflated 70%) adding: backregs/429B3113-72C9-41C0-BEFA-9A0A341844DD.reg (188 bytes security) (deflated 70%) adding: backregs/48263081-4C14-4286-B788-4741BBBE4FA9.reg (188 bytes security) (deflated 70%) adding: backregs/48DB4B93-10A1-46A6-B6D1-3C7B9807C943.reg (188 bytes security) (deflated 70%) adding: backregs/5408DAF4-1DD3-4922-B297-090CECE784F4.reg (188 bytes security) (deflated 70%) adding: backregs/5444E411-0437-429E-BB55-55EC5A4B625B.reg (188 bytes security) (deflated 70%) adding: backregs/57C6A1EF-EBEA-492C-9812-EAFF1946D266.reg (188 bytes security) (deflated 70%) adding: backregs/59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC.reg (188 bytes security) (deflated 70%) adding: backregs/5E6FA893-7BBF-4933-B922-0050647BE014.reg (188 bytes security) (deflated 70%) adding: backregs/60883F8C-EF44-42F6-ACBB-5424DEF4D776.reg (188 bytes security) (deflated 70%) adding: backregs/632D606D-267E-4341-B227-B1073E04D468.reg (188 bytes security) (deflated 70%) adding: backregs/636C7D0F-497B-49DE-8FEB-C5617428A0B7.reg (188 bytes security) (deflated 70%) adding: backregs/692B3DD0-A9C1-48C1-AB1B-5983D2FD8359.reg (188 bytes security) (deflated 70%) adding: backregs/69426D2A-FDBB-44AB-B04C-7CC6436FE3EE.reg (188 bytes security) (deflated 70%) adding: backregs/6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A.reg (188 bytes security) (deflated 70%) adding: backregs/75F2D348-18E7-4B16-A1CB-0FE07C73F27D.reg (188 bytes security) (deflated 70%) adding: backregs/7AA51A39-E103-43FA-9BCD-4DFD49C24F13.reg (188 bytes security) (deflated 70%) adding: backregs/7C18CB56-BD54-44FE-A8DE-04E13B85A05F.reg (188 bytes security) (deflated 70%) adding: backregs/839A5F88-7350-45F7-8D85-E021E6C9BD2C.reg (188 bytes security) (deflated 70%) adding: backregs/88AB5EAA-760D-4302-B27B-68D2933CC18B.reg (188 bytes security) (deflated 70%) adding: backregs/8F78BD50-29A3-4019-B3BF-36D6FD9F8B23.reg (188 bytes security) (deflated 70%) adding: backregs/92AE5027-9048-44F9-9DBC-D292BB2A7139.reg (188 bytes security) (deflated 70%) adding: backregs/95626FC9-3001-4872-ACED-3A58254F30BD.reg (188 bytes security) (deflated 70%) adding: backregs/97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E.reg (188 bytes security) (deflated 70%) adding: backregs/9898819B-A802-4DA7-BA05-0C132C2EFEA4.reg (188 bytes security) (deflated 70%) adding: backregs/9CDFE966-7D4B-41AD-B083-DD230D384A86.reg (188 bytes security) (deflated 70%) adding: backregs/9D312335-AAAF-4736-81D4-D8D427FE03BB.reg (188 bytes security) (deflated 70%) adding: backregs/9D4511C2-1C4C-4F86-997C-57B84BF4FBC1.reg (188 bytes security) (deflated 70%) adding: backregs/AF05E395-5C1D-492D-8046-7844974E99E4.reg (188 bytes security) (deflated 70%) adding: backregs/B44261A3-51AC-40E2-A653-53EECCA2B0C8.reg (188 bytes security) (deflated 70%) adding: backregs/BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA.reg (188 bytes security) (deflated 70%) adding: backregs/BA7066AE-8C1F-4262-8ED9-D1185B452A7A.reg (188 bytes security) (deflated 70%) adding: backregs/BDBA8414-2946-4CB9-82D8-65F7B598436E.reg (188 bytes security) (deflated 70%) adding: backregs/BE2A6E6C-E671-4947-B6D8-430654FFDC26.reg (188 bytes security) (deflated 70%) adding: backregs/C88655F5-7F7E-4E45-B7EB-83730F2BE99A.reg (188 bytes security) (deflated 70%) adding: backregs/CC05471C-B104-4CBE-9053-73B998695EC9.reg (188 bytes security) (deflated 70%) adding: backregs/D8848DB1-40F7-44F4-B98A-A7F3C28830F2.reg (188 bytes security) (deflated 70%) adding: backregs/D9453B9A-1A55-446D-90E8-499FF3DDD078.reg (188 bytes security) (deflated 70%) adding: backregs/DBB37E8F-04A7-4E53-B025-04E99ABC24F2.reg (188 bytes security) (deflated 70%) adding: backregs/DBF4B6DB-2FDF-4422-868A-910BF06938D7.reg (188 bytes security) (deflated 70%) adding: backregs/DDE3B61F-3006-4FD1-A649-22715F641A78.reg (188 bytes security) (deflated 70%) adding: backregs/DF0ECDA5-5E9E-4AD3-8150-36953293B3FF.reg (188 bytes security) (deflated 70%) adding: backregs/E1B5CED1-583A-40DB-BB6E-E72EC692CDD4.reg (188 bytes security) (deflated 70%) adding: backregs/E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4.reg (188 bytes security) (deflated 70%) adding: backregs/E6C8F1D0-BD58-47C5-9F13-283EA870E015.reg (188 bytes security) (deflated 70%) adding: backregs/E6F5B696-FFB0-4078-9184-F6B2CB3FFF68.reg (188 bytes security) (deflated 70%) adding: backregs/E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC.reg (188 bytes security) (deflated 70%) adding: backregs/F16E83FF-71C7-48B3-90DF-85A0121921D5.reg (188 bytes security) (deflated 70%) adding: backregs/F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0.reg (188 bytes security) (deflated 70%) adding: backregs/F385CAA6-C3E1-46FD-8CC3-74D762B93858.reg (188 bytes security) (deflated 70%) adding: backregs/F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2.reg (188 bytes security) (deflated 70%) adding: backregs/F47E15AF-2FC4-4A23-B097-87F48D3F5287.reg (188 bytes security) (deflated 69%) adding: backregs/notibac.reg (164 bytes security) (deflated 87%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) Logfile of HijackThis v1.99.1 Scan saved at 14:20:11, on 12/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\E_S00RP1.EXE c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe C:\WINDOWS\system32\SAgent4.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\windows\system\hpsysdrv.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\hphmon06.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HIJACKTHIS VF\hijackthis vf.exe O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - c:\program files\LAB\msdxm.ocx O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - Global Startup: Corel Colleagues & Contacts Reminders.LNK = C:\Program Files\Corel\Print Office\cffrem.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?377dbe06489742689f17f45bbb437856 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {596AF4AC-40A0-474A-9F86-33F0A90F0FD6} (PictureItLauncher Class) - http://photos.msn.fr/resources/neutral/controls/DigWebX2.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFna...acComposant.cab O20 - Winlogon Notify: Run - C:\WINDOWS\system32\ktr0l79m1.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe O23 - Service: Epson Printer Status Agent4 (StatusAgent4) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\SAgent4.exe
  13. beljean44

    Demande d'analyse

    Il semblerait qu'il manque cette partie Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F16E83FF-71C7-48B3-90DF-85A0121921D5}] @="" [HKEY_CLASSES_ROOT\CLSID\{F16E83FF-71C7-48B3-90DF-85A0121921D5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F16E83FF-71C7-48B3-90DF-85A0121921D5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F16E83FF-71C7-48B3-90DF-85A0121921D5}\InprocServer32] @="C:\\WINDOWS\\system32\\dsvx_xx11.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DF0ECDA5-5E9E-4AD3-8150-36953293B3FF}] @="" [HKEY_CLASSES_ROOT\CLSID\{DF0ECDA5-5E9E-4AD3-8150-36953293B3FF}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DF0ECDA5-5E9E-4AD3-8150-36953293B3FF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DF0ECDA5-5E9E-4AD3-8150-36953293B3FF}\InprocServer32] @="C:\\WINDOWS\\system32\\mmicda.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CC05471C-B104-4CBE-9053-73B998695EC9}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC05471C-B104-4CBE-9053-73B998695EC9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CC05471C-B104-4CBE-9053-73B998695EC9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC05471C-B104-4CBE-9053-73B998695EC9}\InprocServer32] @="C:\\WINDOWS\\system32\\rCsadhlp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC}] @="" [HKEY_CLASSES_ROOT\CLSID\{59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC}\InprocServer32] @="C:\\WINDOWS\\system32\\wan87em.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{48263081-4C14-4286-B788-4741BBBE4FA9}] @="" [HKEY_CLASSES_ROOT\CLSID\{48263081-4C14-4286-B788-4741BBBE4FA9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{48263081-4C14-4286-B788-4741BBBE4FA9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{48263081-4C14-4286-B788-4741BBBE4FA9}\InprocServer32] @="C:\\WINDOWS\\system32\\mxutilse.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DDE3B61F-3006-4FD1-A649-22715F641A78}] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE3B61F-3006-4FD1-A649-22715F641A78}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE3B61F-3006-4FD1-A649-22715F641A78}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE3B61F-3006-4FD1-A649-22715F641A78}\InprocServer32] @="C:\\WINDOWS\\system32\\nvvdmd.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{839A5F88-7350-45F7-8D85-E021E6C9BD2C}] @="" [HKEY_CLASSES_ROOT\CLSID\{839A5F88-7350-45F7-8D85-E021E6C9BD2C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{839A5F88-7350-45F7-8D85-E021E6C9BD2C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{839A5F88-7350-45F7-8D85-E021E6C9BD2C}\InprocServer32] @="C:\\WINDOWS\\system32\\kydkyr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{09909F9F-8165-474C-B04A-BF16342E522A}] @="" [HKEY_CLASSES_ROOT\CLSID\{09909F9F-8165-474C-B04A-BF16342E522A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{09909F9F-8165-474C-B04A-BF16342E522A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{09909F9F-8165-474C-B04A-BF16342E522A}\InprocServer32] @="C:\\WINDOWS\\system32\\cbutil.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7AA51A39-E103-43FA-9BCD-4DFD49C24F13}] @="" [HKEY_CLASSES_ROOT\CLSID\{7AA51A39-E103-43FA-9BCD-4DFD49C24F13}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7AA51A39-E103-43FA-9BCD-4DFD49C24F13}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7AA51A39-E103-43FA-9BCD-4DFD49C24F13}\InprocServer32] @="C:\\WINDOWS\\system32\\LGDIS11n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D}] @="" [HKEY_CLASSES_ROOT\CLSID\{3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D}\InprocServer32] @="C:\\WINDOWS\\system32\\MBCMCFR.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3A58173B-1324-459F-84A8-73A33B64F852}] @="" [HKEY_CLASSES_ROOT\CLSID\{3A58173B-1324-459F-84A8-73A33B64F852}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3A58173B-1324-459F-84A8-73A33B64F852}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3A58173B-1324-459F-84A8-73A33B64F852}\InprocServer32] @="C:\\WINDOWS\\system32\\iu50_qc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5408DAF4-1DD3-4922-B297-090CECE784F4}] @="" [HKEY_CLASSES_ROOT\CLSID\{5408DAF4-1DD3-4922-B297-090CECE784F4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5408DAF4-1DD3-4922-B297-090CECE784F4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5408DAF4-1DD3-4922-B297-090CECE784F4}\InprocServer32] @="C:\\WINDOWS\\system32\\nvtapi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{92AE5027-9048-44F9-9DBC-D292BB2A7139}] @="" [HKEY_CLASSES_ROOT\CLSID\{92AE5027-9048-44F9-9DBC-D292BB2A7139}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{92AE5027-9048-44F9-9DBC-D292BB2A7139}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{92AE5027-9048-44F9-9DBC-D292BB2A7139}\InprocServer32] @="C:\\WINDOWS\\system32\\mzw3prt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5E6FA893-7BBF-4933-B922-0050647BE014}] @="" [HKEY_CLASSES_ROOT\CLSID\{5E6FA893-7BBF-4933-B922-0050647BE014}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5E6FA893-7BBF-4933-B922-0050647BE014}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5E6FA893-7BBF-4933-B922-0050647BE014}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{692B3DD0-A9C1-48C1-AB1B-5983D2FD8359}] @="" [HKEY_CLASSES_ROOT\CLSID\{692B3DD0-A9C1-48C1-AB1B-5983D2FD8359}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{692B3DD0-A9C1-48C1-AB1B-5983D2FD8359}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{692B3DD0-A9C1-48C1-AB1B-5983D2FD8359}\InprocServer32] @="C:\\WINDOWS\\system32\\lreps11n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD}] @="" [HKEY_CLASSES_ROOT\CLSID\{1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD}\InprocServer32] @="C:\\WINDOWS\\system32\\ugimdmat.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ alsmsext.dll Fri 31 Mar 2006 10:19:24 ..S.R 236 523 230,98 K browseui.dll Sat 4 Mar 2006 5:34:58 A.... 1 023 488 999,50 K cbutil.dll Sat 6 May 2006 8:52:00 ..S.R 234 135 228,64 K cdfview.dll Sat 4 Mar 2006 5:34:58 A.... 152 064 148,50 K ciseqchk.dll Fri 14 Apr 2006 8:42:14 ..S.R 236 523 230,98 K cnmres.dll Mon 10 Apr 2006 7:08:08 ..S.R 236 523 230,98 K danim.dll Sat 4 Mar 2006 5:34:58 A.... 1 056 768 1,01 M dcserver.dll Fri 21 Apr 2006 6:31:10 ..S.R 236 523 230,98 K df240.dll Thu 27 Apr 2006 6:31:20 ..S.R 234 135 228,64 K dicpmon.dll Fri 31 Mar 2006 19:48:50 ..S.R 236 523 230,98 K dsvx_x~1.dll Mon 1 May 2006 10:45:02 ..S.R 235 104 229,59 K dunetlib.dll Tue 4 Apr 2006 14:48:24 ..S.R 236 523 230,98 K dvsec.dll Sun 2 Apr 2006 10:06:36 ..S.R 236 523 230,98 K dwu11.dll Sat 8 Apr 2006 16:22:50 ..S.R 236 523 230,98 K dxtrans.dll Sat 4 Mar 2006 5:34:58 A.... 205 312 200,50 K dyvx_x~1.dll Sat 15 Apr 2006 8:45:16 ..S.R 234 135 228,64 K elircles.dll Fri 31 Mar 2006 7:02:36 ..S.R 236 523 230,98 K ennsl1~1.dll Sat 22 Apr 2006 16:49:20 ..S.R 236 523 230,98 K ewfpix~1.dll Sun 9 Apr 2006 10:36:12 ..S.R 236 523 230,98 K extmgr.dll Sat 4 Mar 2006 5:34:58 A.... 55 808 54,50 K fhsdrv.dll Tue 11 Apr 2006 7:04:38 ..S.R 236 523 230,98 K fhsst.dll Sun 30 Apr 2006 12:59:36 ..S.R 234 135 228,64 K fndrclnr.dll Tue 25 Apr 2006 15:54:20 ..S.R 235 874 230,34 K gp2ml3~1.dll Tue 21 Mar 2006 0:01:00 ..S.R 235 499 229,98 K hlzjrd01.dll Sun 26 Mar 2006 11:07:04 ..S.R 235 730 230,20 K hrlu05~1.dll Mon 27 Mar 2006 21:41:30 A.... 233 715 228,23 K htgt34tk.dll Mon 24 Apr 2006 7:31:56 ..S.R 235 874 230,34 K hyd.dll Thu 13 Apr 2006 7:53:40 ..S.R 234 135 228,64 K hzodxpat.dll Sun 16 Apr 2006 23:24:06 ..S.R 234 135 228,64 K i8420i~1.dll Mon 27 Mar 2006 21:41:28 ..S.R 236 796 231,25 K iepeers.dll Sat 4 Mar 2006 5:34:58 A.... 251 392 245,50 K ifl11.dll Sat 29 Apr 2006 10:27:02 ..S.R 235 874 230,34 K inetcomm.dll Fri 17 Mar 2006 11:11:46 A.... 679 424 663,50 K ins.dll Tue 11 Apr 2006 16:21:20 ..S.R 236 523 230,98 K inseng.dll Sat 4 Mar 2006 5:34:58 A.... 96 768 94,50 K iu50_qc.dll Mon 8 May 2006 9:45:36 ..S.R 235 104 229,59 K ixeist~1.dll Tue 11 Apr 2006 15:58:02 ..S.R 236 523 230,98 K jgldog11.dll Mon 13 Mar 2006 21:34:08 A.... 16 0,02 K jnaw400.dll Tue 28 Mar 2006 8:43:58 ..S.R 235 730 230,20 K jrpl400.dll Wed 19 Apr 2006 6:43:30 ..S.R 236 523 230,98 K jtr807~1.dll Thu 23 Mar 2006 18:42:28 ..S.R 236 627 231,08 K jtrs07~1.dll Thu 30 Mar 2006 12:04:30 ..S.R 235 730 230,20 K kddno1.dll Thu 30 Mar 2006 16:06:06 ..S.R 236 523 230,98 K kiddv.dll Sat 8 Apr 2006 8:02:30 ..S.R 236 523 230,98 K kndtuq.dll Thu 20 Apr 2006 16:11:08 ..S.R 234 135 228,64 K kqdla.dll Wed 29 Mar 2006 15:47:06 ..S.R 236 523 230,98 K kt2ol7~1.dll Tue 9 May 2006 18:22:18 ..S.R 234 135 228,64 K ktdtuf.dll Fri 7 Apr 2006 15:27:02 ..S.R 236 523 230,98 K ktr0l7~1.dll Wed 10 May 2006 19:52:26 ..S.R 236 308 230,77 K kydkyr.dll Fri 5 May 2006 8:29:22 ..S.R 235 104 229,59 K letif70n.dll Mon 24 Apr 2006 20:50:00 ..S.R 235 874 230,34 K lgdis11n.dll Sun 7 May 2006 9:29:32 ..S.R 235 104 229,59 K lgpcd10n.dll Fri 24 Mar 2006 8:04:22 ..S.R 235 730 230,20 K llcmp13n.dll Fri 21 Apr 2006 21:40:18 ..S.R 234 135 228,64 K lmpng13n.dll Thu 6 Apr 2006 7:06:52 ..S.R 236 523 230,98 K lreps11n.dll Thu 11 May 2006 7:11:46 ..S.R 235 104 229,59 K lrpng11n.dll Sun 16 Apr 2006 10:23:58 ..S.R 236 523 230,98 K lv8o09~1.dll Sat 29 Apr 2006 17:23:02 ..S.R 235 874 230,34 K lwthk10w.dll Tue 9 May 2006 22:41:42 ..S.R 235 943 230,41 K m428le~1.dll Thu 11 May 2006 22:28:48 ..S.R 235 104 229,59 K mbcmcfr.dll Sun 7 May 2006 15:27:16 ..S.R 234 135 228,64 K mbrtedit.dll Fri 31 Mar 2006 10:23:52 ..S.R 236 523 230,98 K mfhtmled.dll Sat 22 Apr 2006 20:54:42 ..S.R 234 135 228,64 K mgnetobj.dll Wed 12 Apr 2006 15:35:56 ..S.R 236 523 230,98 K mhrdo20.dll Sun 23 Apr 2006 20:17:34 ..S.R 234 135 228,64 K mioert2.dll Wed 19 Apr 2006 15:56:06 ..S.R 234 135 228,64 K mjc40.dll Tue 9 May 2006 22:17:32 ..S.R 235 104 229,59 K mjjint35.dll Thu 23 Mar 2006 16:22:32 ..S.R 235 730 230,20 K mloert2.dll Mon 20 Mar 2006 21:19:58 ..S.R 235 499 229,98 K mmcoree.dll Sat 25 Mar 2006 11:42:20 ..S.R 235 730 230,20 K mmicda.dll Tue 2 May 2006 8:09:40 ..S.R 234 135 228,64 K mosap.dll Thu 6 Apr 2006 15:29:46 ..S.R 236 523 230,98 K mpvcp71.dll Thu 20 Apr 2006 6:32:18 ..S.R 236 523 230,98 K mrc71deu.dll Mon 27 Mar 2006 19:19:28 ..S.R 236 796 231,25 K msdtcprx.dll Wed 1 Mar 2006 21:43:50 A.... 426 496 416,50 K msdtctm.dll Wed 1 Mar 2006 21:43:50 A.... 956 416 934,00 K msdtcuiu.dll Wed 1 Mar 2006 21:43:52 A.... 161 280 157,50 K mshtml.dll Thu 23 Mar 2006 22:35:42 A.... 3 074 560 2,93 M mshtmled.dll Sat 4 Mar 2006 5:35:00 A.... 448 512 438,00 K msrating.dll Sat 4 Mar 2006 5:35:00 A.... 146 432 143,00 K mstime.dll Sat 4 Mar 2006 5:35:02 A.... 532 480 520,00 K mtxclu.dll Wed 1 Mar 2006 21:43:52 A.... 66 560 65,00 K mtxoci.dll Wed 1 Mar 2006 21:43:52 A.... 91 136 89,00 K mvacm.dll Sat 22 Apr 2006 17:04:04 ..S.R 234 135 228,64 K mvlml9~1.dll Tue 9 May 2006 18:52:24 ..S.R 235 680 230,16 K mxaudite.dll Thu 13 Apr 2006 16:02:00 ..S.R 236 523 230,98 K mxutilse.dll Wed 3 May 2006 8:35:14 ..S.R 235 104 229,59 K mzw3prt.dll Wed 10 May 2006 10:21:40 ..S.R 235 104 229,59 K n2r20c~1.dll Sun 26 Mar 2006 0:26:20 ..S.R 235 730 230,20 K naprint.dll Wed 5 Apr 2006 7:59:12 ..S.R 236 523 230,98 K nfmssvc.dll Thu 23 Mar 2006 8:08:46 ..S.R 235 730 230,20 K nitapi32.dll Wed 5 Apr 2006 15:57:38 ..S.R 236 523 230,98 K njtrap.dll Fri 31 Mar 2006 8:51:28 ..S.R 236 523 230,98 K nvtapi32.dll Tue 9 May 2006 8:30:14 ..S.R 234 135 228,64 K nvvdmd.dll Thu 4 May 2006 9:10:24 ..S.R 234 135 228,64 K omeaut32.dll Tue 28 Mar 2006 7:08:18 ..S.R 235 730 230,20 K opfmnt40.dll Fri 28 Apr 2006 15:47:04 ..S.R 235 874 230,34 K otbctrac.dll Mon 20 Mar 2006 19:35:12 ..S.R 236 124 230,59 K pch.dll Sat 29 Apr 2006 18:36:04 ..S.R 234 135 228,64 K pfcrt.dll Wed 26 Apr 2006 15:44:12 ..S.R 235 874 230,34 K pngfilt.dll Sat 4 Mar 2006 5:35:02 A.... 39 424 38,50 K qbv.dll Mon 20 Mar 2006 15:16:46 ..S.R 236 124 230,59 K rcsadhlp.dll Tue 2 May 2006 16:01:32 ..S.R 235 104 229,59 K rgutetab.dll Tue 9 May 2006 18:52:00 ..S.R 235 104 229,59 K rmbios32.dll Tue 4 Apr 2006 7:02:20 ..S.R 236 523 230,98 K rosman.dll Sun 26 Mar 2006 20:25:04 ..S.R 235 730 230,20 K saclogon.dll Wed 26 Apr 2006 7:31:00 ..S.R 234 135 228,64 K scells~1.dll Thu 27 Apr 2006 15:54:40 ..S.R 235 874 230,34 K sforprop.dll Mon 27 Mar 2006 7:27:10 ..S.R 236 796 231,25 K sgntfnt.dll Mon 17 Apr 2006 10:11:08 ..S.R 236 523 230,98 K shdocvw.dll Thu 30 Mar 2006 11:26:12 A.... 1 492 992 1,42 M shell32.dll Fri 17 Mar 2006 6:07:40 A.... 8 508 416 8,11 M shlwapi.dll Sat 4 Mar 2006 5:35:02 A.... 474 624 463,50 K sirenacm.dll Fri 17 Feb 2006 11:17:14 A.... 60 104 58,70 K siyweb.dll Thu 13 Apr 2006 16:59:02 ..S.R 234 135 228,64 K ssvsvc.dll Thu 30 Mar 2006 7:11:30 ..S.R 235 730 230,20 K tiembed.dll Sat 22 Apr 2006 9:16:20 ..S.R 236 523 230,98 K ugimdmat.dll Fri 12 May 2006 7:07:48 ..S.R 236 308 230,77 K urlmon.dll Sat 18 Mar 2006 13:09:54 A.... 615 424 601,00 K vd5db.dll Sun 23 Apr 2006 9:26:50 ..S.R 235 874 230,34 K wan87em.dll Tue 2 May 2006 16:59:04 ..S.R 234 135 228,64 K wapcd.dll Tue 28 Mar 2006 16:03:10 ..S.R 236 523 230,98 K we2time.dll Fri 7 Apr 2006 7:24:40 ..S.R 236 523 230,98 K wfhelp2.dll Tue 25 Apr 2006 6:34:40 ..S.R 234 135 228,64 K wininet.dll Sat 4 Mar 2006 5:35:02 A.... 662 528 647,00 K wiv9vcm.dll Mon 27 Mar 2006 15:05:10 ..S.R 235 730 230,20 K wl2time.dll Mon 3 Apr 2006 16:13:26 ..S.R 236 523 230,98 K wldrmdev.dll Thu 23 Mar 2006 18:42:28 ..S.R 235 730 230,20 K wmp.dll Fri 10 Mar 2006 6:09:14 A.... 5 533 696 5,28 M wopshell.dll Tue 9 May 2006 21:40:52 ..S.R 235 104 229,59 K wqdconns.dll Fri 28 Apr 2006 6:31:54 ..S.R 234 135 228,64 K wwdrmdev.dll Mon 10 Apr 2006 14:42:12 ..S.R 236 523 230,98 K wwpasf.dll Sat 1 Apr 2006 9:30:20 ..S.R 236 523 230,98 K wynmp32.dll Tue 18 Apr 2006 7:43:26 ..S.R 234 135 228,64 K xolehlp.dll Wed 1 Mar 2006 21:43:52 A.... 11 776 11,50 K xpsp3res.dll Thu 30 Mar 2006 3:16:46 A.... 17 920 17,50 K xzsp1res.dll Mon 24 Apr 2006 15:59:30 ..S.R 234 135 228,64 K 137 items found: 137 files (108 H/S), 0 directories. Total of file sizes: 52 523 361 bytes 50,09 M Locate .tmp files: C:\WINDOWS\SYSTEM32\ guard.tmp Fri 12 May 2006 7:07:58 A.... 234 212 228,72 K 1 item found: 1 file, 0 directories. Total of file sizes: 234 212 bytes 228,72 K ********************************************************************************** Directory Listing of system files: Le volume dans le lecteur C s'appelle HP_PAVILION Le num‚ro de s‚rie du volume est 5C86-00D2 R‚pertoire de C:\WINDOWS\System32 12/05/2006 07:07 236ÿ308 ugimdmat.dll 11/05/2006 22:28 235ÿ104 m428lefu1h28.dll 11/05/2006 07:11 235ÿ104 lreps11n.dll 10/05/2006 19:52 236ÿ308 ktr0l79m1.dll 10/05/2006 10:21 235ÿ104 mzw3prt.dll 09/05/2006 22:41 235ÿ943 lwthk10w.dll 09/05/2006 22:17 235ÿ104 mjc40.dll 09/05/2006 21:40 235ÿ104 wopshell.dll 09/05/2006 18:52 235ÿ680 mvlml9311.dll 09/05/2006 18:51 235ÿ104 rgutetab.dll 09/05/2006 18:22 234ÿ135 kt2ol7f31.dll 09/05/2006 08:30 234ÿ135 nvtapi32.dll 08/05/2006 09:45 235ÿ104 iu50_qc.dll 07/05/2006 15:27 234ÿ135 MBCMCFR.DLL 07/05/2006 09:29 235ÿ104 LGDIS11n.dll 06/05/2006 08:51 234ÿ135 cbutil.dll 05/05/2006 08:29 235ÿ104 kydkyr.dll 04/05/2006 09:10 234ÿ135 nvvdmd.dll 03/05/2006 08:35 235ÿ104 mxutilse.dll 02/05/2006 16:59 234ÿ135 wan87em.dll 02/05/2006 16:01 235ÿ104 rCsadhlp.dll 02/05/2006 08:09 234ÿ135 mmicda.dll 01/05/2006 10:45 235ÿ104 dsvx_xx11.dll 30/04/2006 14:31 11ÿ776 Thumbs.db 30/04/2006 12:59 234ÿ135 fhsst.dll 29/04/2006 18:36 234ÿ135 pch.dll 29/04/2006 17:23 235ÿ874 lv8o09l3e.dll 29/04/2006 10:27 235ÿ874 ifl11.dll 28/04/2006 15:47 235ÿ874 OPFMNT40.DLL 28/04/2006 06:31 234ÿ135 wqdconns.dll 27/04/2006 15:54 235ÿ874 scellstyle.dll 27/04/2006 06:31 234ÿ135 DF240.dll 26/04/2006 15:44 235ÿ874 pfcrt.dll 26/04/2006 07:30 234ÿ135 saclogon.dll 25/04/2006 15:54 235ÿ874 fndrclnr.dll 25/04/2006 06:34 234ÿ135 wfhelp2.dll 24/04/2006 20:49 235ÿ874 letif70n.dll 24/04/2006 15:59 234ÿ135 xzsp1res.dll 24/04/2006 07:31 235ÿ874 htgt34tk.dll 23/04/2006 20:17 234ÿ135 MHRDO20.DLL 23/04/2006 09:26 235ÿ874 VD5DB.DLL 22/04/2006 20:54 234ÿ135 mfhtmled.dll 22/04/2006 17:04 234ÿ135 mvacm.dll 22/04/2006 16:49 236ÿ523 ennsl1571.dll 22/04/2006 09:16 236ÿ523 tIembed.dll 21/04/2006 21:40 234ÿ135 llcmp13n.dll 21/04/2006 06:31 236ÿ523 dcserver.dll 20/04/2006 16:11 234ÿ135 kndtuq.dll 20/04/2006 06:32 236ÿ523 mpvcp71.dll 19/04/2006 15:56 234ÿ135 mioert2.dll 19/04/2006 06:43 236ÿ523 jrpl400.dll 18/04/2006 07:43 234ÿ135 wynmp32.dll 17/04/2006 10:11 236ÿ523 SGntfNT.dll 16/04/2006 23:24 234ÿ135 HZODXPAT.DLL 16/04/2006 10:23 236ÿ523 Lrpng11n.dll 15/04/2006 08:45 234ÿ135 dyvx_xx07.dll 14/04/2006 08:42 236ÿ523 ciseqchk.dll 13/04/2006 16:59 234ÿ135 SiyWeb.dll 13/04/2006 16:01 236ÿ523 mxaudite.dll 13/04/2006 07:53 234ÿ135 hyd.dll 12/04/2006 15:35 236ÿ523 mgnetobj.dll 11/04/2006 16:21 236ÿ523 ins.dll 11/04/2006 15:58 236ÿ523 ixeistor12.dll 11/04/2006 07:04 236ÿ523 fhsdrv.dll 10/04/2006 14:42 236ÿ523 WWDRMdev.dll 10/04/2006 07:08 236ÿ523 cnmres.dll 09/04/2006 10:36 236ÿ523 ewfpixguid.dll 08/04/2006 16:22 236ÿ523 dwu11.dll 08/04/2006 08:02 236ÿ523 kiddv.dll 07/04/2006 15:27 236ÿ523 ktdtuf.dll 07/04/2006 07:24 236ÿ523 wE2time.dll 06/04/2006 15:29 236ÿ523 mosap.dll 06/04/2006 07:06 236ÿ523 lmpng13n.dll 05/04/2006 15:57 236ÿ523 nitapi32.dll 05/04/2006 07:59 236ÿ523 naprint.dll 04/04/2006 14:48 236ÿ523 dunetlib.dll 04/04/2006 07:02 236ÿ523 RMBios32.dll 03/04/2006 16:13 236ÿ523 wL2time.dll 02/04/2006 10:06 236ÿ523 dvsec.dll 01/04/2006 09:30 236ÿ523 wwpasf.dll 31/03/2006 19:48 236ÿ523 dicpmon.dll 31/03/2006 10:23 236ÿ523 MBRTEDIT.DLL 31/03/2006 10:19 236ÿ523 alsmsext.dll 31/03/2006 08:51 236ÿ523 njtrap.dll 31/03/2006 07:02 236ÿ523 ELircles.dll 30/03/2006 16:06 236ÿ523 kddno1.dll 30/03/2006 12:04 235ÿ730 jtrs0797e.dll 30/03/2006 07:11 235ÿ730 ssvsvc.dll 29/03/2006 15:47 236ÿ523 kqdla.dll 28/03/2006 16:03 236ÿ523 wapcd.dll 28/03/2006 08:43 235ÿ730 jnaw400.dll 28/03/2006 07:08 235ÿ730 omeaut32.dll 27/03/2006 21:41 236ÿ796 i8420ihoe84c0.dll 27/03/2006 19:19 236ÿ796 MRC71DEU.DLL 27/03/2006 15:05 235ÿ730 wiv9vcm.dll 27/03/2006 07:27 236ÿ796 sforprop.dll 26/03/2006 20:25 235ÿ730 rOsman.dll 26/03/2006 11:07 235ÿ730 hlzjrd01.dll 26/03/2006 00:26 235ÿ730 n2r20c9oef.dll 25/03/2006 11:42 235ÿ730 mmcoree.dll 24/03/2006 08:04 235ÿ730 lgpcd10N.dll 23/03/2006 18:42 235ÿ730 WLDRMdev.dll 23/03/2006 18:42 236ÿ627 jtr8079ue.dll 23/03/2006 16:22 235ÿ730 MJJINT35.DLL 23/03/2006 08:08 235ÿ730 nfmssvc.dll 21/03/2006 00:00 235ÿ499 gp2ml3f11.dll 20/03/2006 21:19 235ÿ499 mloert2.dll 20/03/2006 19:35 236ÿ124 otbctrac.dll 20/03/2006 15:16 236ÿ124 qbv.dll 28/09/2005 17:44 56 D5A21A6D4F.sys 110 fichier(s) 25ÿ459ÿ662 octets 0 R‚p(s) 105ÿ396ÿ596ÿ736 octets libres
  14. beljean44

    Demande d'analyse

    il semberait qu'il manque cette partie. Windows Registry Editor Version 5.00
  15. beljean44

    Demande d'analyse

    Bonjour, je vais de nouveau le reprendre, mais ne serait'il pas trop long ? pourrais-je savoir en quoi consiste cette analyse ?L2MFIX find log 032106 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] "Asynchronous"=dword:00000000 "DllName"="" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\ktr0l79m1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{364EA763-C619-C3CB-A7B5-A8B5604703E2}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices" "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu" "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}"="SampleView" "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes" "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player" "{63542C48-9552-494A-84F7-73AA6A7C99C1}"="OpenOffice Property Sheet Handler" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{F2185E5D-720E-4956-90D9-75F6AC141575}"="Idea2 SidebarIconHandler Class" "{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler" "{40E69241-5D1A-11D1-81CB-727272727FFF}"="Quick Register Context Menu Shell Extension" "{73B24247-042E-4EF5-ADC2-42F62E6FD654}"="ICQ Lite Shell Extension" "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders" "{e57ce731-33e8-4c51-8354-bb4de9d215d1}"="P‚riph‚riques Plug and Play universels" "{8CE111D7-EC76-4BCC-94A3-BD708A78BDEC}"="" "{DF9D1B19-66DE-4BDE-B1A0-5EF3D1E609C5}"="" "{472083B0-C522-11CF-8763-00608CC02F24}"="avast" "{F5C43654-F4D3-4BEB-8B88-6D03E2AE9772}"="" "{0DAE5E89-E6F7-4600-A063-236B6ADE95A0}"="" "{91C78347-AA35-46BF-AF5A-BAF12C3DD8C3}"="" "{F37FAFC2-257E-4724-B914-A5583E03BC13}"="" "{63CBABD7-9A0E-4FBD-A751-A70C48AEB3EE}"="" "{2EBBFCBA-C79E-4584-A366-3B802C663DC0}"="" "{21F211F8-3C60-4841-8E1B-A43B42B00209}"="" "{404D7322-6686-4EA8-A8F0-A6DB0325CD2C}"="" "{86017CA7-6EDE-4692-8BFB-98CADEACE4A8}"="" "{262319EE-4E2A-49C4-9918-27CEECB074C9}"="" "{13E7F612-F261-4391-BEA2-39DF4F3FA311}"="Windows Desktop Search" "{97090E2F-3062-4459-855B-014F0D3CDBB1}"="MSN Deskbar" "{DBF4B6DB-2FDF-4422-868A-910BF06938D7}"="" "{BDBA8414-2946-4CB9-82D8-65F7B598436E}"="" "{1E8911D0-E92C-4BEE-B204-D1F850C7B0E0}"="" "{182E2F4A-D98A-4A89-A266-83768B66E8B2}"="" "{7C18CB56-BD54-44FE-A8DE-04E13B85A05F}"="" "{0C548398-E096-4105-B3DA-B2C8ECF91069}"="" "{0676560E-CC19-49C3-8559-1293AF6B05C8}"="" "{DBB37E8F-04A7-4E53-B025-04E99ABC24F2}"="" "{48DB4B93-10A1-46A6-B6D1-3C7B9807C943}"="" "{4C664A23-FDB0-46F0-985E-E5B342CEA5C4}"="" "{03346DA5-1265-4290-BA70-6083543ACCD4}"="" "{E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC}"="" "{BE2A6E6C-E671-4947-B6D8-430654FFDC26}"="" "{38AE3054-4EC4-48B3-BF4A-3106CF4BD83E}"="" "{75F2D348-18E7-4B16-A1CB-0FE07C73F27D}"="" "{282C1291-7BBA-41F4-B2F2-88C867A178D9}"="" "{6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A}"="" "{95626FC9-3001-4872-ACED-3A58254F30BD}"="" "{B44261A3-51AC-40E2-A653-53EECCA2B0C8}"="" "{BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA}"="" "{97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E}"="" "{5444E411-0437-429E-BB55-55EC5A4B625B}"="" "{1354B4F4-BAF1-46AE-B371-223134D02442}"="" "{F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0}"="" "{F47E15AF-2FC4-4A23-B097-87F48D3F5287}"="" "{BA7066AE-8C1F-4262-8ED9-D1185B452A7A}"="" "{429B3113-72C9-41C0-BEFA-9A0A341844DD}"="" "{636C7D0F-497B-49DE-8FEB-C5617428A0B7}"="" "{3E4CA3D6-F10D-4340-98B4-3DB4E324BC99}"="" "{F385CAA6-C3E1-46FD-8CC3-74D762B93858}"="" "{60883F8C-EF44-42F6-ACBB-5424DEF4D776}"="" "{69426D2A-FDBB-44AB-B04C-7CC6436FE3EE}"="" "{632D606D-267E-4341-B227-B1073E04D468}"="" "{0E6330F6-BFA8-4BE0-8001-71D192567406}"="" "{D0D38042-4758-4E29-A13D-DA111A9BB378}"="" "{9D4511C2-1C4C-4F86-997C-57B84BF4FBC1}"="" "{37C51321-B50A-49D2-8617-3EED48B2B847}"="" "{354F31EF-A6A5-458B-AA6D-A58A39035EBD}"="" "{C88655F5-7F7E-4E45-B7EB-83730F2BE99A}"="" "{E6F5B696-FFB0-4078-9184-F6B2CB3FFF68}"="" "{D9453B9A-1A55-446D-90E8-499FF3DDD078}"="" "{E1B5CED1-583A-40DB-BB6E-E72EC692CDD4}"="" "{E6C8F1D0-BD58-47C5-9F13-283EA870E015}"="" "{AF05E395-5C1D-492D-8046-7844974E99E4}"="" "{8F78BD50-29A3-4019-B3BF-36D6FD9F8B23}"="" "{9CDFE966-7D4B-41AD-B083-DD230D384A86}"="" "{D8848DB1-40F7-44F4-B98A-A7F3C28830F2}"="" "{E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4}"="" "{57C6A1EF-EBEA-492C-9812-EAFF1946D266}"="" "{9898819B-A802-4DA7-BA05-0C132C2EFEA4}"="" "{F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2}"="" "{9D312335-AAAF-4736-81D4-D8D427FE03BB}"="" "{88AB5EAA-760D-4302-B27B-68D2933CC18B}"="" "{313F59BF-912B-4D2E-B028-9B7E1448C404}"="" "{4759A9C5-EBAC-4472-8BF8-A1C39FDD7198}"="" "{F16E83FF-71C7-48B3-90DF-85A0121921D5}"="" "{DF0ECDA5-5E9E-4AD3-8150-36953293B3FF}"="" "{CC05471C-B104-4CBE-9053-73B998695EC9}"="" "{59474C9F-73BF-41E8-8DD4-D7ECBCEFA2BC}"="" "{48263081-4C14-4286-B788-4741BBBE4FA9}"="" "{DDE3B61F-3006-4FD1-A649-22715F641A78}"="" "{839A5F88-7350-45F7-8D85-E021E6C9BD2C}"="" "{09909F9F-8165-474C-B04A-BF16342E522A}"="" "{7AA51A39-E103-43FA-9BCD-4DFD49C24F13}"="" "{3EB26B5E-35E8-4950-A3EF-F4A5BF470A9D}"="" "{3A58173B-1324-459F-84A8-73A33B64F852}"="" "{5408DAF4-1DD3-4922-B297-090CECE784F4}"="" "{92AE5027-9048-44F9-9DBC-D292BB2A7139}"="" "{5E6FA893-7BBF-4933-B922-0050647BE014}"="" "{692B3DD0-A9C1-48C1-AB1B-5983D2FD8359}"="" "{1DACD6AB-F9E3-4FC3-90D7-BCC7DCE059BD}"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D426CFD0-87FC-4906-98D9-A23F5D515D61}] @="MSN Desktop Search Outlook Express ISearchFolder Class" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{21F211F8-3C60-4841-8E1B-A43B42B00209}] @="" [HKEY_CLASSES_ROOT\CLSID\{21F211F8-3C60-4841-8E1B-A43B42B00209}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{21F211F8-3C60-4841-8E1B-A43B42B00209}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{21F211F8-3C60-4841-8E1B-A43B42B00209}\InprocServer32] @="C:\\WINDOWS\\system32\\nfmssvc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{404D7322-6686-4EA8-A8F0-A6DB0325CD2C}] @="" [HKEY_CLASSES_ROOT\CLSID\{404D7322-6686-4EA8-A8F0-A6DB0325CD2C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{404D7322-6686-4EA8-A8F0-A6DB0325CD2C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{404D7322-6686-4EA8-A8F0-A6DB0325CD2C}\InprocServer32] @="C:\\WINDOWS\\system32\\MJJINT35.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{262319EE-4E2A-49C4-9918-27CEECB074C9}] @="" [HKEY_CLASSES_ROOT\CLSID\{262319EE-4E2A-49C4-9918-27CEECB074C9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{262319EE-4E2A-49C4-9918-27CEECB074C9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{262319EE-4E2A-49C4-9918-27CEECB074C9}\InprocServer32] @="C:\\WINDOWS\\system32\\WLDRMdev.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBF4B6DB-2FDF-4422-868A-910BF06938D7}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBF4B6DB-2FDF-4422-868A-910BF06938D7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBF4B6DB-2FDF-4422-868A-910BF06938D7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBF4B6DB-2FDF-4422-868A-910BF06938D7}\InprocServer32] @="C:\\WINDOWS\\system32\\lgpcd10N.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BDBA8414-2946-4CB9-82D8-65F7B598436E}] @="" [HKEY_CLASSES_ROOT\CLSID\{BDBA8414-2946-4CB9-82D8-65F7B598436E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BDBA8414-2946-4CB9-82D8-65F7B598436E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BDBA8414-2946-4CB9-82D8-65F7B598436E}\InprocServer32] @="C:\\WINDOWS\\system32\\mmcoree.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1E8911D0-E92C-4BEE-B204-D1F850C7B0E0}] @="" [HKEY_CLASSES_ROOT\CLSID\{1E8911D0-E92C-4BEE-B204-D1F850C7B0E0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1E8911D0-E92C-4BEE-B204-D1F850C7B0E0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1E8911D0-E92C-4BEE-B204-D1F850C7B0E0}\InprocServer32] @="C:\\WINDOWS\\system32\\rOsman.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{182E2F4A-D98A-4A89-A266-83768B66E8B2}] @="" [HKEY_CLASSES_ROOT\CLSID\{182E2F4A-D98A-4A89-A266-83768B66E8B2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{182E2F4A-D98A-4A89-A266-83768B66E8B2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{182E2F4A-D98A-4A89-A266-83768B66E8B2}\InprocServer32] @="C:\\WINDOWS\\system32\\sforprop.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7C18CB56-BD54-44FE-A8DE-04E13B85A05F}] @="" [HKEY_CLASSES_ROOT\CLSID\{7C18CB56-BD54-44FE-A8DE-04E13B85A05F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7C18CB56-BD54-44FE-A8DE-04E13B85A05F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7C18CB56-BD54-44FE-A8DE-04E13B85A05F}\InprocServer32] @="C:\\WINDOWS\\system32\\wiv9vcm.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0C548398-E096-4105-B3DA-B2C8ECF91069}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C548398-E096-4105-B3DA-B2C8ECF91069}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0C548398-E096-4105-B3DA-B2C8ECF91069}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C548398-E096-4105-B3DA-B2C8ECF91069}\InprocServer32] @="C:\\WINDOWS\\system32\\MRC71DEU.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0676560E-CC19-49C3-8559-1293AF6B05C8}] @="" [HKEY_CLASSES_ROOT\CLSID\{0676560E-CC19-49C3-8559-1293AF6B05C8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0676560E-CC19-49C3-8559-1293AF6B05C8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0676560E-CC19-49C3-8559-1293AF6B05C8}\InprocServer32] @="C:\\WINDOWS\\system32\\jnaw400.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBB37E8F-04A7-4E53-B025-04E99ABC24F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBB37E8F-04A7-4E53-B025-04E99ABC24F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBB37E8F-04A7-4E53-B025-04E99ABC24F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBB37E8F-04A7-4E53-B025-04E99ABC24F2}\InprocServer32] @="C:\\WINDOWS\\system32\\ssvsvc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{48DB4B93-10A1-46A6-B6D1-3C7B9807C943}] @="" [HKEY_CLASSES_ROOT\CLSID\{48DB4B93-10A1-46A6-B6D1-3C7B9807C943}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{48DB4B93-10A1-46A6-B6D1-3C7B9807C943}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{48DB4B93-10A1-46A6-B6D1-3C7B9807C943}\InprocServer32] @="C:\\WINDOWS\\system32\\kddno1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{03346DA5-1265-4290-BA70-6083543ACCD4}] @="" [HKEY_CLASSES_ROOT\CLSID\{03346DA5-1265-4290-BA70-6083543ACCD4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{03346DA5-1265-4290-BA70-6083543ACCD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{03346DA5-1265-4290-BA70-6083543ACCD4}\InprocServer32] @="C:\\WINDOWS\\system32\\ELircles.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC}] @="" [HKEY_CLASSES_ROOT\CLSID\{E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E75CBF25-3F4F-4721-AAAD-FFADF4B51EDC}\InprocServer32] @="C:\\WINDOWS\\system32\\njtrap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BE2A6E6C-E671-4947-B6D8-430654FFDC26}] @="" [HKEY_CLASSES_ROOT\CLSID\{BE2A6E6C-E671-4947-B6D8-430654FFDC26}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BE2A6E6C-E671-4947-B6D8-430654FFDC26}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BE2A6E6C-E671-4947-B6D8-430654FFDC26}\InprocServer32] @="C:\\WINDOWS\\system32\\alsmsext.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{38AE3054-4EC4-48B3-BF4A-3106CF4BD83E}] @="" [HKEY_CLASSES_ROOT\CLSID\{38AE3054-4EC4-48B3-BF4A-3106CF4BD83E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{38AE3054-4EC4-48B3-BF4A-3106CF4BD83E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{38AE3054-4EC4-48B3-BF4A-3106CF4BD83E}\InprocServer32] @="C:\\WINDOWS\\system32\\MBRTEDIT.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{75F2D348-18E7-4B16-A1CB-0FE07C73F27D}] @="" [HKEY_CLASSES_ROOT\CLSID\{75F2D348-18E7-4B16-A1CB-0FE07C73F27D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{75F2D348-18E7-4B16-A1CB-0FE07C73F27D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{75F2D348-18E7-4B16-A1CB-0FE07C73F27D}\InprocServer32] @="C:\\WINDOWS\\system32\\dicpmon.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{282C1291-7BBA-41F4-B2F2-88C867A178D9}] @="" [HKEY_CLASSES_ROOT\CLSID\{282C1291-7BBA-41F4-B2F2-88C867A178D9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{282C1291-7BBA-41F4-B2F2-88C867A178D9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{282C1291-7BBA-41F4-B2F2-88C867A178D9}\InprocServer32] @="C:\\WINDOWS\\system32\\wwpasf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A}] @="" [HKEY_CLASSES_ROOT\CLSID\{6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{6ABB0760-2A0C-4E37-A7A5-3F69BAF2B35A}\InprocServer32] @="C:\\WINDOWS\\system32\\wL2time.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{95626FC9-3001-4872-ACED-3A58254F30BD}] @="" [HKEY_CLASSES_ROOT\CLSID\{95626FC9-3001-4872-ACED-3A58254F30BD}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{95626FC9-3001-4872-ACED-3A58254F30BD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{95626FC9-3001-4872-ACED-3A58254F30BD}\InprocServer32] @="C:\\WINDOWS\\system32\\RMBios32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B44261A3-51AC-40E2-A653-53EECCA2B0C8}] @="" [HKEY_CLASSES_ROOT\CLSID\{B44261A3-51AC-40E2-A653-53EECCA2B0C8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B44261A3-51AC-40E2-A653-53EECCA2B0C8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B44261A3-51AC-40E2-A653-53EECCA2B0C8}\InprocServer32] @="C:\\WINDOWS\\system32\\naprint.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA1700C1-B67D-4A87-8FC1-01DC3FB53CDA}\InprocServer32] @="C:\\WINDOWS\\system32\\nitapi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E}] @="" [HKEY_CLASSES_ROOT\CLSID\{97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{97F05A9C-10B9-43D8-9E64-0D3E8E4B5A4E}\InprocServer32] @="C:\\WINDOWS\\system32\\lmpng13n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5444E411-0437-429E-BB55-55EC5A4B625B}] @="" [HKEY_CLASSES_ROOT\CLSID\{5444E411-0437-429E-BB55-55EC5A4B625B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5444E411-0437-429E-BB55-55EC5A4B625B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5444E411-0437-429E-BB55-55EC5A4B625B}\InprocServer32] @="C:\\WINDOWS\\system32\\wE2time.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1354B4F4-BAF1-46AE-B371-223134D02442}] @="" [HKEY_CLASSES_ROOT\CLSID\{1354B4F4-BAF1-46AE-B371-223134D02442}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1354B4F4-BAF1-46AE-B371-223134D02442}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1354B4F4-BAF1-46AE-B371-223134D02442}\InprocServer32] @="C:\\WINDOWS\\system32\\ktdtuf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0}] @="" [HKEY_CLASSES_ROOT\CLSID\{F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F227D8C7-8DEF-417F-B4E6-88BB9E3F94C0}\InprocServer32] @="C:\\WINDOWS\\system32\\kiddv.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F47E15AF-2FC4-4A23-B097-87F48D3F5287}] @="" [HKEY_CLASSES_ROOT\CLSID\{F47E15AF-2FC4-4A23-B097-87F48D3F5287}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F47E15AF-2FC4-4A23-B097-87F48D3F5287}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F47E15AF-2FC4-4A23-B097-87F48D3F5287}\InprocServer32] @="C:\\WINDOWS\\system32\\ewfpixguid.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BA7066AE-8C1F-4262-8ED9-D1185B452A7A}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA7066AE-8C1F-4262-8ED9-D1185B452A7A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BA7066AE-8C1F-4262-8ED9-D1185B452A7A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA7066AE-8C1F-4262-8ED9-D1185B452A7A}\InprocServer32] @="C:\\WINDOWS\\system32\\cnmres.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{429B3113-72C9-41C0-BEFA-9A0A341844DD}] @="" [HKEY_CLASSES_ROOT\CLSID\{429B3113-72C9-41C0-BEFA-9A0A341844DD}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{429B3113-72C9-41C0-BEFA-9A0A341844DD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{429B3113-72C9-41C0-BEFA-9A0A341844DD}\InprocServer32] @="C:\\WINDOWS\\system32\\WWDRMdev.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{636C7D0F-497B-49DE-8FEB-C5617428A0B7}] @="" [HKEY_CLASSES_ROOT\CLSID\{636C7D0F-497B-49DE-8FEB-C5617428A0B7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{636C7D0F-497B-49DE-8FEB-C5617428A0B7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{636C7D0F-497B-49DE-8FEB-C5617428A0B7}\InprocServer32] @="C:\\WINDOWS\\system32\\fhsdrv.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3E4CA3D6-F10D-4340-98B4-3DB4E324BC99}] @="" [HKEY_CLASSES_ROOT\CLSID\{3E4CA3D6-F10D-4340-98B4-3DB4E324BC99}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3E4CA3D6-F10D-4340-98B4-3DB4E324BC99}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3E4CA3D6-F10D-4340-98B4-3DB4E324BC99}\InprocServer32] @="C:\\WINDOWS\\system32\\ixeistor12.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F385CAA6-C3E1-46FD-8CC3-74D762B93858}] @="" [HKEY_CLASSES_ROOT\CLSID\{F385CAA6-C3E1-46FD-8CC3-74D762B93858}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F385CAA6-C3E1-46FD-8CC3-74D762B93858}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F385CAA6-C3E1-46FD-8CC3-74D762B93858}\InprocServer32] @="C:\\WINDOWS\\system32\\mgnetobj.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{60883F8C-EF44-42F6-ACBB-5424DEF4D776}] @="" [HKEY_CLASSES_ROOT\CLSID\{60883F8C-EF44-42F6-ACBB-5424DEF4D776}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{60883F8C-EF44-42F6-ACBB-5424DEF4D776}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{60883F8C-EF44-42F6-ACBB-5424DEF4D776}\InprocServer32] @="C:\\WINDOWS\\system32\\mxaudite.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{69426D2A-FDBB-44AB-B04C-7CC6436FE3EE}] @="" [HKEY_CLASSES_ROOT\CLSID\{69426D2A-FDBB-44AB-B04C-7CC6436FE3EE}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{69426D2A-FDBB-44AB-B04C-7CC6436FE3EE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{69426D2A-FDBB-44AB-B04C-7CC6436FE3EE}\InprocServer32] @="C:\\WINDOWS\\system32\\SiyWeb.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{632D606D-267E-4341-B227-B1073E04D468}] @="" [HKEY_CLASSES_ROOT\CLSID\{632D606D-267E-4341-B227-B1073E04D468}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{632D606D-267E-4341-B227-B1073E04D468}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{632D606D-267E-4341-B227-B1073E04D468}\InprocServer32] @="C:\\WINDOWS\\system32\\ciseqchk.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0E6330F6-BFA8-4BE0-8001-71D192567406}] @="" [HKEY_CLASSES_ROOT\CLSID\{0E6330F6-BFA8-4BE0-8001-71D192567406}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0E6330F6-BFA8-4BE0-8001-71D192567406}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0E6330F6-BFA8-4BE0-8001-71D192567406}\InprocServer32] @="C:\\WINDOWS\\system32\\dyvx_xx07.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9D4511C2-1C4C-4F86-997C-57B84BF4FBC1}] @="" [HKEY_CLASSES_ROOT\CLSID\{9D4511C2-1C4C-4F86-997C-57B84BF4FBC1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9D4511C2-1C4C-4F86-997C-57B84BF4FBC1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9D4511C2-1C4C-4F86-997C-57B84BF4FBC1}\InprocServer32] @="C:\\WINDOWS\\system32\\HZODXPAT.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{37C51321-B50A-49D2-8617-3EED48B2B847}] @="" [HKEY_CLASSES_ROOT\CLSID\{37C51321-B50A-49D2-8617-3EED48B2B847}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{37C51321-B50A-49D2-8617-3EED48B2B847}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{37C51321-B50A-49D2-8617-3EED48B2B847}\InprocServer32] @="C:\\WINDOWS\\system32\\SGntfNT.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{354F31EF-A6A5-458B-AA6D-A58A39035EBD}] @="" [HKEY_CLASSES_ROOT\CLSID\{354F31EF-A6A5-458B-AA6D-A58A39035EBD}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{354F31EF-A6A5-458B-AA6D-A58A39035EBD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{354F31EF-A6A5-458B-AA6D-A58A39035EBD}\InprocServer32] @="C:\\WINDOWS\\system32\\wynmp32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C88655F5-7F7E-4E45-B7EB-83730F2BE99A}] @="" [HKEY_CLASSES_ROOT\CLSID\{C88655F5-7F7E-4E45-B7EB-83730F2BE99A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C88655F5-7F7E-4E45-B7EB-83730F2BE99A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C88655F5-7F7E-4E45-B7EB-83730F2BE99A}\InprocServer32] @="C:\\WINDOWS\\system32\\jrpl400.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E6F5B696-FFB0-4078-9184-F6B2CB3FFF68}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6F5B696-FFB0-4078-9184-F6B2CB3FFF68}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E6F5B696-FFB0-4078-9184-F6B2CB3FFF68}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6F5B696-FFB0-4078-9184-F6B2CB3FFF68}\InprocServer32] @="C:\\WINDOWS\\system32\\mioert2.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D9453B9A-1A55-446D-90E8-499FF3DDD078}] @="" [HKEY_CLASSES_ROOT\CLSID\{D9453B9A-1A55-446D-90E8-499FF3DDD078}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D9453B9A-1A55-446D-90E8-499FF3DDD078}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D9453B9A-1A55-446D-90E8-499FF3DDD078}\InprocServer32] @="C:\\WINDOWS\\system32\\mpvcp71.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E1B5CED1-583A-40DB-BB6E-E72EC692CDD4}] @="" [HKEY_CLASSES_ROOT\CLSID\{E1B5CED1-583A-40DB-BB6E-E72EC692CDD4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E1B5CED1-583A-40DB-BB6E-E72EC692CDD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E1B5CED1-583A-40DB-BB6E-E72EC692CDD4}\InprocServer32] @="C:\\WINDOWS\\system32\\kndtuq.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E6C8F1D0-BD58-47C5-9F13-283EA870E015}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C8F1D0-BD58-47C5-9F13-283EA870E015}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C8F1D0-BD58-47C5-9F13-283EA870E015}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E6C8F1D0-BD58-47C5-9F13-283EA870E015}\InprocServer32] @="C:\\WINDOWS\\system32\\dcserver.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AF05E395-5C1D-492D-8046-7844974E99E4}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF05E395-5C1D-492D-8046-7844974E99E4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AF05E395-5C1D-492D-8046-7844974E99E4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF05E395-5C1D-492D-8046-7844974E99E4}\InprocServer32] @="C:\\WINDOWS\\system32\\llcmp13n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8F78BD50-29A3-4019-B3BF-36D6FD9F8B23}] @="" [HKEY_CLASSES_ROOT\CLSID\{8F78BD50-29A3-4019-B3BF-36D6FD9F8B23}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8F78BD50-29A3-4019-B3BF-36D6FD9F8B23}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8F78BD50-29A3-4019-B3BF-36D6FD9F8B23}\InprocServer32] @="C:\\WINDOWS\\system32\\tIembed.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9CDFE966-7D4B-41AD-B083-DD230D384A86}] @="" [HKEY_CLASSES_ROOT\CLSID\{9CDFE966-7D4B-41AD-B083-DD230D384A86}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9CDFE966-7D4B-41AD-B083-DD230D384A86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9CDFE966-7D4B-41AD-B083-DD230D384A86}\InprocServer32] @="C:\\WINDOWS\\system32\\mfhtmled.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D8848DB1-40F7-44F4-B98A-A7F3C28830F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{D8848DB1-40F7-44F4-B98A-A7F3C28830F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D8848DB1-40F7-44F4-B98A-A7F3C28830F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D8848DB1-40F7-44F4-B98A-A7F3C28830F2}\InprocServer32] @="C:\\WINDOWS\\system32\\MHRDO20.DLL" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4}] @="" [HKEY_CLASSES_ROOT\CLSID\{E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E3DFC9E7-014B-4FB6-BF9F-DEA8FE18D6B4}\InprocServer32] @="C:\\WINDOWS\\system32\\htgt34tk.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{57C6A1EF-EBEA-492C-9812-EAFF1946D266}] @="" [HKEY_CLASSES_ROOT\CLSID\{57C6A1EF-EBEA-492C-9812-EAFF1946D266}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{57C6A1EF-EBEA-492C-9812-EAFF1946D266}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{57C6A1EF-EBEA-492C-9812-EAFF1946D266}\InprocServer32] @="C:\\WINDOWS\\system32\\xzsp1res.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9898819B-A802-4DA7-BA05-0C132C2EFEA4}] @="" [HKEY_CLASSES_ROOT\CLSID\{9898819B-A802-4DA7-BA05-0C132C2EFEA4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9898819B-A802-4DA7-BA05-0C132C2EFEA4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9898819B-A802-4DA7-BA05-0C132C2EFEA4}\InprocServer32] @="C:\\WINDOWS\\system32\\letif70n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2}] @="" [HKEY_CLASSES_ROOT\CLSID\{F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F46B62BC-DFB0-4F0F-9F3D-A144B8A541A2}\InprocServer32] @="C:\\WINDOWS\\system32\\fndrclnr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9D312335-AAAF-4736-81D4-D8D427FE03BB}] @="" [HKEY_CLASSES_ROOT\CLSID\{9D312335-AAAF-4736-81D4-D8D427FE03BB}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9D312335-AAAF-4736-81D4-D8D427FE03BB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9D312335-AAAF-4736-81D4-D8D427FE03BB}\InprocServer32] @="C:\\WINDOWS\\system32\\saclogon.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{88AB5EAA-760D-4302-B27B-68D2933CC18B}] @="" [HKEY_CLASSES_ROOT\CLSID\{88AB5EAA-760D-4302-B27B-68D2933CC18B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{88AB5EAA-760D-4302-B27B-68D2933CC18B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{88AB5EAA-760D-4302-B27B-68D2933CC18B}\InprocServer32] @="C:\\WINDOWS\\system32\\scellstyle.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{313F59BF-912B-4D2E-B028-9B7E1448C404}] @="" [HKEY_CLASSES_ROOT\CLSID\{313F59BF-912B-4D2E-B028-9B7E1448C404}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{313F59BF-912B-4D2E-B028-9B7E1448C404}\Implemented Categories\{00021492-0000-0000-C000-000000000
×