Aller au contenu

a beluga

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    55

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par a beluga

  1. a beluga
    désolé, j'ai raté mes copier/coller hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 19:45:35, on 2006-06-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5D624400-B352-AD96-356A-0C001B5371B6} - C:\WINDOWS\yfesefmf.dll (file missing) O2 - BHO: (no name) - {ECB5AA73-873E-4845-B566-05CFA09B1321} - C:\Program Files\Internet Explorer\horemogex.dll (file missing) O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [Mfrwuztx] C:\Program Files\Atsl\Xyepn.exe O4 - HKLM\..\Run: [w0019b12.dll] RUNDLL32.EXE w0019b12.dll,I2 000eb10300019b12 O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-288B1E346E99} - C:\Program Files\FCAdvice\FCAdvice.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\rundll.dll O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\kt06l7ds1.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld (file missing)
  2. a beluga
    non je me suis juste trompé de fichier voici le bon L2mfix 051206 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Killing 'smss.exe' \SystemRoot\System32\smss.exe (516) Killing 'winlogon.exe' winlogon.exe (596) Killing 'explorer.exe' C:\WINDOWS\Explorer.EXE (3372) Killing 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\kt06l7ds1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] "Logon"="WLEventLogon" "Logoff"="WLEventLogoff" "Startup"="WLEventStartup" "Shutdown"="WLEventShutdown" "StartScreenSaver"="WLEventStartScreenSaver" "StopScreenSaver"="WLEventStopScreenSaver" "Lock"="WLEventLock" "Unlock"="WLEventUnlock" "StartShell"="WLEventStartShell" "PostShell"="WLEventPostShell" "Disconnect"="WLEventDisconnect" "Reconnect"="WLEventReconnect" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000000 "SafeMode"=dword:00000001 "MaxWait"=dword:ffffffff "DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Event"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\ 00,00,11,96,45,6d,e8,a1,9b,45,84,42,92,96,ce,7b,31,20,04,00,00,00,04,00,00,\ 00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,cc,12,ef,35,92,13,76,26,\ 15,eb,e6,3e,99,87,61,f2,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,23,\ 8e,f9,13,65,e5,ef,86,fb,d8,a5,09,cf,2f,0f,c1,08,06,00,00,52,a5,6e,7f,8d,63,\ 13,06,29,c3,f5,91,31,97,29,d6,87,ad,f7,7d,a4,ce,d3,61,4f,3c,4c,7d,56,35,04,\ e5,aa,07,24,25,a7,b0,5d,1e,13,f9,e6,06,ee,4c,7c,05,14,6c,05,45,5d,bc,a0,cc,\ fe,c3,c2,59,e6,46,aa,f8,3d,76,85,75,1e,e0,0a,d2,84,ab,9b,b4,1b,77,77,78,b9,\ 9e,6f,8d,c4,54,29,08,96,71,c7,69,5f,b0,1b,58,01,14,ac,c3,33,52,27,0d,14,d4,\ f8,ba,75,0f,55,40,4e,01,e9,5e,cb,f1,70,b1,c9,e3,98,d7,8b,b4,9d,ec,4e,0d,22,\ 2f,9a,e4,f5,25,fd,14,8d,ef,aa,a7,5e,9e,bd,04,6b,45,3c,b7,36,cc,67,9d,c8,63,\ 7a,59,1b,ba,3d,d0,f4,b3,ed,0f,f9,bb,10,24,8d,a6,ea,9f,43,88,8a,d2,8b,4b,0e,\ d3,dd,5e,af,fa,a1,a8,d9,b6,11,16,46,2b,85,eb,4f,03,28,2d,5d,e0,9d,63,51,3b,\ 50,96,e3,a3,a5,33,ef,f2,60,e5,3b,c7,77,c8,47,1e,98,7f,b6,db,65,e0,e5,af,9d,\ c6,cb,70,c4,60,15,4e,e3,78,58,27,e6,04,c5,b8,08,21,27,22,eb,35,fc,86,34,fc,\ e6,93,cd,b1,ac,3e,5a,ec,7e,a8,2d,8b,4f,fe,67,b3,9b,f8,4a,de,51,e5,06,36,51,\ 78,2a,1d,a2,fd,d0,4f,4e,97,96,cc,12,68,5e,71,bd,8c,d3,34,4f,39,01,2e,43,7d,\ 55,ee,33,b1,d8,81,84,8d,df,ec,54,1c,7c,88,d0,7c,ce,ee,de,94,5b,ce,24,45,01,\ 17,2b,33,f6,59,ed,06,3c,7a,2d,be,54,d4,d3,42,25,9b,e9,6d,d8,a7,cd,1a,4d,0a,\ 21,6b,97,33,f3,5f,17,47,68,8d,e4,fc,48,9b,e8,1d,4d,7e,0d,3b,4e,73,7b,c0,8a,\ 2b,93,e6,47,29,6d,ee,59,83,f6,49,15,3a,ae,3e,d9,a3,ea,4d,28,36,75,f0,5c,34,\ 47,05,34,1e,b1,72,99,7d,53,aa,ac,60,4b,8d,8d,f0,d2,59,74,af,c6,b1,f4,21,28,\ b7,3a,5f,f3,6e,58,39,ea,12,46,c3,51,38,5d,b0,bb,26,d6,e6,8c,44,fc,32,6d,28,\ 1c,ae,dd,c8,e4,db,aa,67,80,7d,ea,17,fe,58,2e,80,5b,53,79,88,7a,f9,2f,02,ba,\ fc,92,e4,48,fc,fe,d2,b9,0f,e0,bb,e1,24,ab,e6,57,8a,5b,fd,26,17,8d,6e,60,05,\ b3,d6,fa,9a,ab,54,c6,d3,09,1d,54,b9,b6,17,30,dc,01,9e,67,f5,95,0f,5d,ac,74,\ fe,2d,2a,61,9a,80,e3,4a,68,8d,6f,0c,ad,74,58,86,68,40,6a,b7,fe,4d,92,98,c7,\ 3f,48,83,80,e6,e9,92,f6,83,6f,50,13,b6,73,0a,c2,e0,9e,ea,82,bd,0f,a9,dd,7c,\ be,26,e7,e7,ab,70,88,7e,6a,db,db,66,a4,1d,88,ca,4e,e0,b1,57,b3,49,75,b0,26,\ 89,9a,a3,bb,54,48,1d,8f,72,ec,88,3c,61,31,2c,3a,98,d8,a5,c7,da,c4,63,55,15,\ d0,79,c8,1d,0b,8e,ea,8f,15,1b,80,2a,b5,d5,6e,14,7e,d3,4a,ac,1f,f3,84,9e,64,\ 85,2d,36,62,a0,73,7c,e7,b5,a9,52,38,95,fd,74,0c,bb,fc,2b,8f,68,99,4f,45,f0,\ 47,1e,50,a4,d4,5b,70,5e,50,fe,4f,25,e9,67,81,69,68,c7,3f,fc,90,c3,0b,c6,0b,\ 6d,2a,51,c8,30,a4,cf,db,fe,90,a3,b6,08,bd,1f,1d,7d,21,02,64,53,06,6f,1a,45,\ 94,e6,cb,74,8f,20,1e,bd,90,20,4a,cf,fd,75,70,04,dc,60,71,ad,bd,98,8d,d7,50,\ dc,5c,15,05,ea,5e,d9,d3,bd,28,f4,dc,c4,f8,1f,8a,b7,a1,74,4d,f2,af,04,65,b3,\ 25,f6,54,49,b5,d5,6d,2a,1b,be,7a,7c,00,5d,6b,f0,d9,b8,f4,80,15,34,36,2d,fc,\ 00,a3,9c,94,78,11,ce,4b,17,03,f1,9a,a5,e4,2b,4c,41,b5,f6,6b,d1,af,8b,dc,8f,\ 35,35,6e,fb,01,64,2c,42,b7,83,66,7f,21,7f,df,f7,3e,01,c7,63,95,2f,8b,e5,39,\ 74,51,64,04,27,e0,39,f2,df,d3,3f,52,0d,a1,94,86,e1,c4,ac,57,87,8d,24,ea,bd,\ 62,2f,c2,77,4a,ef,2e,e6,78,0c,49,15,33,fb,10,74,9b,5a,b8,f9,8e,0e,74,c1,b0,\ b3,b0,8f,3e,b7,90,de,92,6c,9c,e0,52,30,f4,06,45,28,eb,c0,2a,ab,d5,59,aa,40,\ 95,e9,df,f0,59,9a,98,78,cb,9e,d8,85,75,e2,46,ad,be,62,93,60,21,70,9c,37,71,\ 86,d5,e9,36,b1,31,46,8d,cc,17,a0,3f,f4,66,5f,c4,94,ab,37,58,f0,20,03,2a,cd,\ fa,00,08,30,7a,91,97,3b,09,d8,95,ae,02,5d,b6,29,cc,9d,af,1e,2b,0f,09,bf,dd,\ b5,f3,ff,d5,6d,49,5d,58,01,b7,5e,89,9c,77,2e,42,59,15,e4,95,38,25,c0,09,65,\ 7b,0e,44,60,31,3c,fa,50,85,51,e5,68,db,44,e2,9d,36,7c,78,5f,31,ea,40,17,85,\ 28,65,c4,48,76,22,3e,73,1a,aa,09,f9,84,42,84,7a,6e,11,a6,28,3d,be,0f,1e,f0,\ 39,a0,6e,86,c6,a7,39,32,ed,3d,a5,91,77,9c,4c,ae,64,be,43,c2,d9,e5,43,3e,e2,\ e5,c6,ed,bd,48,4e,46,e4,a8,85,b2,72,83,a0,34,bf,9f,b6,06,6b,1f,8c,2f,60,cc,\ 36,79,d5,c5,02,6e,6b,b9,ff,4b,af,3d,26,7d,c9,3b,af,f0,14,5f,91,16,f3,4f,24,\ 13,44,03,70,a0,dc,b5,05,17,c6,4b,27,9e,2c,da,03,60,e5,23,cb,48,03,94,34,bd,\ dd,24,61,1f,b2,bf,c6,ce,d0,7f,b1,52,67,fa,08,8b,06,1f,f6,2c,1a,f7,10,4a,97,\ ec,08,b4,89,0e,1e,5e,1d,70,ef,68,07,95,4c,87,52,fd,a4,37,80,a9,9d,1b,40,91,\ 24,c1,e0,10,d0,0e,81,20,ae,08,6b,f6,87,67,57,be,57,5f,07,2e,87,65,80,2e,57,\ 48,be,cc,40,cb,71,cc,45,8a,70,62,e2,9b,16,f5,2c,c1,07,3c,7d,7f,ce,7d,04,4b,\ f4,ef,59,24,22,c8,8e,b1,2f,cf,a9,ea,dd,be,4f,79,36,27,0b,4e,a7,5b,c6,1b,ca,\ 19,d0,8e,5b,8c,96,3e,14,03,a4,46,af,8c,ad,b6,45,d6,70,04,56,21,8a,81,8e,29,\ 0c,5d,09,ae,dc,ee,f2,52,c9,1c,7e,52,d0,6c,36,31,15,b9,fd,ae,2b,97,58,7d,ab,\ 79,f4,15,6a,e2,27,e3,a1,c2,9e,16,e5,5c,94,88,5b,eb,a6,47,a9,74,49,52,dd,2c,\ 9a,f7,10,f0,e7,69,a9,a3,27,2f,72,6d,7e,09,c8,31,c8,84,bf,19,7a,0d,5b,2a,3a,\ 7c,a1,98,ab,56,bd,27,60,99,54,76,97,74,c7,4c,79,f4,2a,a6,01,cd,a1,74,df,86,\ 4e,10,66,2f,fc,11,5f,bd,fa,9d,4e,f1,29,b7,2b,65,a8,8d,71,a0,fc,ea,8c,2a,03,\ 50,84,cb,cb,49,8f,89,5b,82,ce,d3,dc,f2,02,ac,8e,ed,54,67,87,76,53,19,0b,5a,\ 78,c1,32,d2,30,e3,7f,6d,d7,57,6e,d9,f1,27,f6,7c,e9,66,c6,6e,33,75,d3,9b,42,\ 04,0c,ab,8f,8c,79,f9,af,73,6a,a8,b4,4f,e2,14,7d,04,c0,b7,82,87,17,10,03,9b,\ 85,b3,ca,b2,cf,5f,1b,dc,5f,cb,a4,8d,38,14,00,00,00,94,29,75,cc,7a,a9,7f,ab,\ 2a,97,3c,cf,eb,f1,ac,f3,04,e7,2a,cc [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\InprocServer32] @="C:\\WINDOWS\\system32\\sgmpsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\InprocServer32] @="C:\\WINDOWS\\system32\\fedrclnr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\InprocServer32] @="C:\\WINDOWS\\system32\\mjiavi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\InprocServer32] @="C:\\WINDOWS\\system32\\sbobject.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\InprocServer32] @="C:\\WINDOWS\\system32\\kqdno1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\InprocServer32] @="C:\\WINDOWS\\system32\\wtbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\InprocServer32] @="C:\\WINDOWS\\system32\\wrbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\InprocServer32] @="C:\\WINDOWS\\system32\\dawave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\InprocServer32] @="C:\\WINDOWS\\system32\\dRtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\InprocServer32] @="C:\\WINDOWS\\system32\\wuploc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\InprocServer32] @="C:\\WINDOWS\\system32\\mwltus40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\InprocServer32] @="C:\\WINDOWS\\system32\\ndlanui2.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\InprocServer32] @="C:\\WINDOWS\\system32\\iWsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\InprocServer32] @="C:\\WINDOWS\\system32\\dxuiext.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\InprocServer32] @="C:\\WINDOWS\\system32\\iehlpapi.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\InprocServer32] @="C:\\WINDOWS\\system32\\mbcbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbc16gt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\InprocServer32] @="C:\\WINDOWS\\system32\\vqpodbc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\InprocServer32] @="C:\\WINDOWS\\system32\\idgutil.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\InprocServer32] @="C:\\WINDOWS\\system32\\xusp3res.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\InprocServer32] @="C:\\WINDOWS\\system32\\CnEKPolicy.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\InprocServer32] @="C:\\WINDOWS\\system32\\mTpistub.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\InprocServer32] @="C:\\WINDOWS\\system32\\cclbact.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\InprocServer32] @="C:\\WINDOWS\\system32\\pnchdprf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\InprocServer32] @="C:\\WINDOWS\\system32\\mmvcp50.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\InprocServer32] @="C:\\WINDOWS\\system32\\mgieftp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\InprocServer32] @="C:\\WINDOWS\\system32\\sulwid.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\InprocServer32] @="C:\\WINDOWS\\system32\\rfpcfgex.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\InprocServer32] @="C:\\WINDOWS\\system32\\mqxml2r.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\InprocServer32] @="C:\\WINDOWS\\system32\\cxfgnt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\InprocServer32] @="C:\\WINDOWS\\system32\\eftmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\InprocServer32] @="C:\\WINDOWS\\system32\\mqimg32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\InprocServer32] @="C:\\WINDOWS\\system32\\wahatm.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\InprocServer32] @="C:\\WINDOWS\\system32\\atcups.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\InprocServer32] @="C:\\WINDOWS\\system32\\aeferror.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}\InprocServer32] @="C:\\WINDOWS\\system32\\wtnscard.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}\InprocServer32] @="C:\\WINDOWS\\system32\\bddispl.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}\InprocServer32] @="C:\\WINDOWS\\system32\\uxrlbva.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}\InprocServer32] @="C:\\WINDOWS\\system32\\nO6qlej51ho.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}\InprocServer32] @="C:\\WINDOWS\\system32\\mvjetoledb40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{8EB98C67-E8C2-4FD7-8A72-29A443156D13}"=- "{B3B7B150-63F0-4B89-8C86-4D38DC40B800}"=- "{E66B587A-F7BE-42A0-89A6-249FE7248407}"=- "{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}"=- "{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}"=- "{F4B17A29-77D0-41B2-91A8-F434B3F8D377}"=- "{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}"=- "{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}"=- "{2CE994E2-0334-4BE5-A6E4-775C3126E855}"=- "{11246354-781C-4C9D-A154-10803096B595}"=- "{F4ADD824-A055-4D20-98F3-9BF93BC98D86}"=- "{7429B6CA-19C0-4828-8249-885014EB6117}"=- "{AB052CC8-5F2A-4586-B343-276A1D62A029}"=- "{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}"=- "{D758471C-6444-4902-A309-20FBB34C6C29}"=- "{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}"=- "{B869B8A3-5487-4E66-BD55-2D4F82113E55}"=- "{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}"=- "{CABB448D-B3C3-40B3-8999-755E27D87526}"=- "{41BB1CEC-2C98-4C72-A435-D8C992231B0F}"=- "{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}"=- "{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}"=- "{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}"=- "{8459987B-63AE-4EA7-940E-193E489BA8F0}"=- "{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}"=- "{E2F871BE-FC98-4A13-943B-9DED24511C59}"=- "{CE470917-6FC4-4089-BB89-6F0F3E67A197}"=- "{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}"=- "{7540EACD-2FD7-43E8-8B44-000073CCFB4B}"=- "{B52B295F-82AE-4490-AB4A-8E6AF5127556}"=- "{A32C087E-C42B-49F5-AAF5-740A2E8D314C}"=- "{472FC619-B096-49AF-ABDB-A090A35C41E3}"=- "{E58A79C8-1CB4-4A66-AADC-48C974D055E9}"=- "{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}"=- "{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}"=- "{446FB161-9D0A-45B3-923E-CE22184567E5}"=- "{15CC146B-EB35-4EFE-BC48-87257475C0AA}"=- "{200D56CC-88C9-4B91-B821-7D81D5480D1B}"=- "{E36D2EA3-A23E-4D06-A20F-472E8936CD17}"=- "{ACCD9FC6-F15A-4A63-8061-741401CA8156}"=- "{93ED735D-AC33-4CF2-AB89-11158A95E3A2}"=- "{A003E524-B123-4627-8267-5EFDFF2BD8F2}"=- "{67DEAD28-5920-4619-996F-2137F889ACB7}"=- "{4A969817-8060-431F-B52D-B0ADA7FA80FA}"=- "{5961D0EF-8FFA-414A-8B2D-28541654442D}"=- "{20600B15-C513-4275-B934-F303AE95303A}"=- "{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}"=- "{A303887A-3C9B-438C-83F5-0242029EB692}"=- "{60F86104-1781-4226-B88F-317ED3FDA8E7}"=- "{4846088B-CDF2-492C-A205-07FC4675DA1A}"=- "{AF02C913-4F87-48C3-9844-05455AFE12A3}"=- [-HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] [-HKEY_CLASSES_ROOT\CLSID\{B3B7B150-63F0-4B89-8C86-4D38DC40B800}] [-HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] [-HKEY_CLASSES_ROOT\CLSID\{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}] [-HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] [-HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] [-HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] [-HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] [-HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] [-HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] [-HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] [-HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] [-HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] [-HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] [-HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] [-HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] [-HKEY_CLASSES_ROOT\CLSID\{B869B8A3-5487-4E66-BD55-2D4F82113E55}] [-HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] [-HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] [-HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] [-HKEY_CLASSES_ROOT\CLSID\{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}] [-HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] [-HKEY_CLASSES_ROOT\CLSID\{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}] [-HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] [-HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] [-HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] [-HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] [-HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] [-HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] [-HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] [-HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] [-HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] [-HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] [-HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] [-HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] [-HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] [-HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] [-HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] [-HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] [-HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] [-HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] [-HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] [-HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] [-HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] [-HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] [-HKEY_CLASSES_ROOT\CLSID\{20600B15-C513-4275-B934-F303AE95303A}] [-HKEY_CLASSES_ROOT\CLSID\{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}] [-HKEY_CLASSES_ROOT\CLSID\{A303887A-3C9B-438C-83F5-0242029EB692}] [-HKEY_CLASSES_ROOT\CLSID\{60F86104-1781-4226-B88F-317ED3FDA8E7}] [-HKEY_CLASSES_ROOT\CLSID\{4846088B-CDF2-492C-A205-07FC4675DA1A}] [-HKEY_CLASSES_ROOT\CLSID\{AF02C913-4F87-48C3-9844-05455AFE12A3}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: zip warning: name not matched: dlls\*.* zip error: Nothing to do! (backup.zip) adding: backregs/11246354-781C-4C9D-A154-10803096B595.reg (188 bytes security) (deflated 70%) adding: backregs/15CC146B-EB35-4EFE-BC48-87257475C0AA.reg (188 bytes security) (deflated 70%) adding: backregs/200D56CC-88C9-4B91-B821-7D81D5480D1B.reg (188 bytes security) (deflated 70%) adding: backregs/20600B15-C513-4275-B934-F303AE95303A.reg (188 bytes security) (deflated 70%) adding: backregs/289C6D1D-7E13-4C02-BCB8-FECEB004D33A.reg (188 bytes security) (deflated 70%) adding: backregs/2ADBA32B-0262-4B79-B7EE-4D2B0099578B.reg (188 bytes security) (deflated 69%) adding: backregs/2CE994E2-0334-4BE5-A6E4-775C3126E855.reg (188 bytes security) (deflated 70%) adding: backregs/2ECADAEA-88CA-4443-BD2C-5B943575A1EC.reg (188 bytes security) (deflated 70%) adding: backregs/3C2C0A7F-8E09-48D1-928C-DCFE65C1B527.reg (188 bytes security) (deflated 70%) adding: backregs/41BB1CEC-2C98-4C72-A435-D8C992231B0F.reg (188 bytes security) (deflated 70%) adding: backregs/446FB161-9D0A-45B3-923E-CE22184567E5.reg (188 bytes security) (deflated 70%) adding: backregs/472FC619-B096-49AF-ABDB-A090A35C41E3.reg (188 bytes security) (deflated 69%) adding: backregs/4846088B-CDF2-492C-A205-07FC4675DA1A.reg (188 bytes security) (deflated 70%) adding: backregs/4A969817-8060-431F-B52D-B0ADA7FA80FA.reg (188 bytes security) (deflated 69%) adding: backregs/5961D0EF-8FFA-414A-8B2D-28541654442D.reg (188 bytes security) (deflated 69%) adding: backregs/5F16AE66-0DBF-48C4-9C29-6073C411BD0E.reg (188 bytes security) (deflated 70%) adding: backregs/5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0.reg (188 bytes security) (deflated 70%) adding: backregs/60F86104-1781-4226-B88F-317ED3FDA8E7.reg (188 bytes security) (deflated 70%) adding: backregs/67DEAD28-5920-4619-996F-2137F889ACB7.reg (188 bytes security) (deflated 70%) adding: backregs/7429B6CA-19C0-4828-8249-885014EB6117.reg (188 bytes security) (deflated 70%) adding: backregs/7540EACD-2FD7-43E8-8B44-000073CCFB4B.reg (188 bytes security) (deflated 70%) adding: backregs/8459987B-63AE-4EA7-940E-193E489BA8F0.reg (188 bytes security) (deflated 70%) adding: backregs/8691BCF2-5CE9-4C38-9F75-E0C44E9AE272.reg (188 bytes security) (deflated 70%) adding: backregs/8EB98C67-E8C2-4FD7-8A72-29A443156D13.reg (188 bytes security) (deflated 69%) adding: backregs/93ED735D-AC33-4CF2-AB89-11158A95E3A2.reg (188 bytes security) (deflated 70%) adding: backregs/A003E524-B123-4627-8267-5EFDFF2BD8F2.reg (188 bytes security) (deflated 70%) adding: backregs/A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C.reg (188 bytes security) (deflated 70%) adding: backregs/A303887A-3C9B-438C-83F5-0242029EB692.reg (188 bytes security) (deflated 70%) adding: backregs/A32C087E-C42B-49F5-AAF5-740A2E8D314C.reg (188 bytes security) (deflated 70%) adding: backregs/AB052CC8-5F2A-4586-B343-276A1D62A029.reg (188 bytes security) (deflated 70%) adding: backregs/ACCD9FC6-F15A-4A63-8061-741401CA8156.reg (188 bytes security) (deflated 70%) adding: backregs/AF02C913-4F87-48C3-9844-05455AFE12A3.reg (188 bytes security) (deflated 70%) adding: backregs/B52B295F-82AE-4490-AB4A-8E6AF5127556.reg (188 bytes security) (deflated 70%) adding: backregs/C05A972E-5277-4C47-9BD2-405D3C2FD1A4.reg (188 bytes security) (deflated 70%) adding: backregs/CABB448D-B3C3-40B3-8999-755E27D87526.reg (188 bytes security) (deflated 70%) adding: backregs/CC87F4BA-7E7B-480F-B53C-DA4F8212C40D.reg (188 bytes security) (deflated 70%) adding: backregs/CE470917-6FC4-4089-BB89-6F0F3E67A197.reg (188 bytes security) (deflated 70%) adding: backregs/D758471C-6444-4902-A309-20FBB34C6C29.reg (188 bytes security) (deflated 70%) adding: backregs/DBE7166E-3EFE-4BCB-BC65-194D37C29A63.reg (188 bytes security) (deflated 70%) adding: backregs/DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA.reg (188 bytes security) (deflated 69%) adding: backregs/E2F871BE-FC98-4A13-943B-9DED24511C59.reg (188 bytes security) (deflated 70%) adding: backregs/E36D2EA3-A23E-4D06-A20F-472E8936CD17.reg (188 bytes security) (deflated 70%) adding: backregs/E58A79C8-1CB4-4A66-AADC-48C974D055E9.reg (188 bytes security) (deflated 70%) adding: backregs/E66B587A-F7BE-42A0-89A6-249FE7248407.reg (188 bytes security) (deflated 70%) adding: backregs/F4ADD824-A055-4D20-98F3-9BF93BC98D86.reg (188 bytes security) (deflated 70%) adding: backregs/F4B17A29-77D0-41B2-91A8-F434B3F8D377.reg (188 bytes security) (deflated 70%) adding: backregs/notibac.reg (164 bytes security) (deflated 79%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) voici le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 19:35:32, on 2006-06-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5D624400-B352-AD96-356A-0C001B5371B6} - C:\WINDOWS\yfesefmf.dll (file missing) O2 - BHO: (no name) - {ECB5AA73-873E-4845-B566-05CFA09B1321} - C:\Program Files\Internet Explorer\horemogex.dll (file missing) O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [Mfrwuztx] C:\Program Files\Atsl\Xyepn.exe O4 - HKLM\..\Run: [w0019b12.dll] RUNDLL32.EXE w0019b12.dll,I2 000eb10300019b12 O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra
  3. a beluga
    merci de prendre le temps de m'aider voici mon rapport : L2MFIX find log 051206 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\kt06l7ds1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] "Logon"="WLEventLogon" "Logoff"="WLEventLogoff" "Startup"="WLEventStartup" "Shutdown"="WLEventShutdown" "StartScreenSaver"="WLEventStartScreenSaver" "StopScreenSaver"="WLEventStopScreenSaver" "Lock"="WLEventLock" "Unlock"="WLEventUnlock" "StartShell"="WLEventStartShell" "PostShell"="WLEventPostShell" "Disconnect"="WLEventDisconnect" "Reconnect"="WLEventReconnect" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000000 "SafeMode"=dword:00000001 "MaxWait"=dword:ffffffff "DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Event"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\ 00,00,11,96,45,6d,e8,a1,9b,45,84,42,92,96,ce,7b,31,20,04,00,00,00,04,00,00,\ 00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,34,5c,01,18,00,ee,1b,ce,\ ae,78,c9,71,b8,53,dd,6d,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,3a,\ ff,d4,e5,58,46,a7,62,93,4c,9a,3e,a8,d3,39,54,08,06,00,00,0a,00,31,64,54,83,\ 77,b8,ed,8a,c6,34,33,0b,fc,f1,c4,c2,26,19,25,1f,24,fd,fd,7a,bb,11,cb,44,98,\ b9,78,32,8d,90,31,c5,60,3f,82,e1,8c,d1,e1,79,65,11,e7,52,98,b2,29,52,9a,12,\ 9a,a5,00,95,6b,c7,ef,b3,28,ea,d2,ac,3d,68,b9,ff,bd,e4,3c,43,2e,8a,63,97,68,\ d6,02,73,d0,d8,b0,8c,0e,30,e3,82,be,4c,04,2d,53,26,8a,f9,1a,ac,12,fa,9d,4e,\ 44,9c,62,c2,6e,10,10,53,c8,19,22,f3,5f,d2,4e,5a,7d,01,c0,21,06,46,c3,f0,fc,\ 1e,78,6e,06,e9,5f,97,f4,fb,21,d2,4f,8c,c2,82,41,5e,55,a0,41,c0,44,1e,e4,2f,\ 41,43,37,5a,40,9c,2a,9c,2f,19,9a,17,d9,1c,3c,1a,9e,96,20,40,1a,6e,e2,32,2a,\ 26,43,a4,d6,3a,be,fd,da,6b,cb,65,00,4d,5e,62,fa,d4,ff,66,01,9f,cb,c7,ea,c6,\ fd,0a,d7,5a,5b,a2,3e,f9,9c,fd,bc,80,0a,9e,0b,62,84,bb,41,28,fe,77,78,a6,66,\ b2,2b,71,62,d8,cd,bf,c1,ed,1e,26,7b,82,87,f7,1b,6f,07,da,82,00,83,69,05,50,\ 1b,34,86,5d,a3,b3,d9,44,8d,3e,78,7b,8a,42,aa,e7,63,f2,0d,87,2c,24,df,1d,da,\ db,84,c4,27,99,02,97,a7,9d,7e,ca,58,15,73,41,09,f5,ea,28,ea,07,a1,ae,bb,80,\ 84,87,48,7b,28,2e,59,cc,6d,2c,56,dd,da,dd,60,dd,5b,ef,22,05,7e,59,b0,be,2c,\ 65,c2,99,1a,13,15,67,0f,ad,d3,dd,c0,c3,48,a4,39,ec,a1,99,0e,bc,1c,b6,19,76,\ 86,cd,ad,17,f0,20,60,f6,9e,93,5e,df,ac,49,af,75,2f,ef,19,50,c3,92,c1,bf,9f,\ 40,95,1e,ba,e0,dc,98,1c,fb,a7,9b,93,12,b9,60,59,46,70,09,5f,f0,77,04,e9,ec,\ 13,20,bb,af,ec,ac,d8,71,42,36,d9,5c,cd,7f,f2,2c,86,3a,0c,69,cb,39,c8,c6,7d,\ 1c,3b,17,1d,89,9c,94,bb,eb,9d,a2,93,1c,30,9d,6c,35,fa,80,73,0c,69,da,6d,5f,\ 0b,e9,9a,82,28,5e,38,f4,77,62,45,2d,e5,c9,ff,8a,c8,8b,27,60,ad,cc,2e,fa,bf,\ d1,47,7a,25,df,0d,57,fc,2a,61,2b,1b,3b,9a,3c,ca,16,f0,4d,2c,2e,49,07,c3,89,\ b1,c5,56,32,ef,24,fa,2d,46,4e,27,d6,e5,26,f5,ef,2d,7a,61,26,0e,c8,fd,10,dd,\ f8,8d,d3,2a,49,05,da,f2,71,7d,fd,05,3e,d0,64,8a,d5,e7,56,ef,9f,37,b1,4a,d1,\ 07,49,b0,9e,93,eb,4d,06,ed,49,8f,2d,2c,e6,ae,98,21,b7,d8,67,87,4c,9d,a2,58,\ c7,00,e4,27,87,8d,89,37,23,e8,38,36,bb,ca,23,92,1e,97,c6,9b,1d,13,93,b6,0f,\ a3,10,1d,e1,81,16,c4,65,3a,1c,44,30,0c,31,45,4b,04,85,43,74,a0,81,4d,9a,d9,\ 31,c5,e7,06,66,d2,7c,a1,e9,b8,f9,af,03,53,a4,e7,23,01,ec,93,52,20,93,2e,d0,\ 9a,c4,7d,6e,3c,1d,18,2c,cd,c9,36,76,9e,c6,71,60,cd,a7,93,d0,e7,13,c3,f6,82,\ df,46,8d,e9,68,81,7e,c9,06,bf,c9,6d,8e,3d,9a,0d,0a,84,b0,58,f6,82,c9,6e,a8,\ 9e,7c,4e,c4,8c,81,17,85,07,2b,cc,4f,09,8d,6c,d1,5b,83,aa,1b,26,a6,e2,c9,09,\ 72,f2,91,06,9b,01,92,92,39,97,5f,5e,0b,98,a3,78,ef,94,18,68,be,63,af,85,ac,\ 88,ea,19,ce,a0,e9,d2,0f,6e,c2,d0,f2,8c,7a,a8,f7,c0,22,02,c1,c8,72,33,67,2b,\ 8e,8b,fb,9c,60,d1,64,69,9b,d5,08,3d,1a,51,11,cf,06,cb,7f,3b,50,8b,85,43,f3,\ bf,1c,ee,51,86,26,aa,fc,72,63,60,6c,75,55,dd,20,16,05,f0,f5,c9,aa,79,46,45,\ 5a,04,62,bd,70,d1,69,83,87,38,0f,ec,e4,85,e8,a9,1b,28,a3,9b,83,7c,8b,21,5f,\ f0,8d,a7,dd,1a,9b,e0,d2,ea,c9,91,58,c9,32,30,f6,53,1e,1b,17,0c,7d,ac,ca,38,\ 41,24,a2,d6,dc,98,20,f4,1c,6c,0f,cd,37,e3,5c,fa,6d,f3,33,d4,ae,21,90,71,11,\ ae,1c,47,34,64,49,ad,25,32,91,4a,74,f9,08,2f,7c,7e,3d,0c,1b,84,4a,54,db,4a,\ 0b,5b,89,8b,9a,5e,07,de,bb,df,21,52,a0,6f,e9,c5,29,0c,6b,d6,12,3f,6d,ca,42,\ f4,86,08,ed,f1,25,e9,f0,46,09,1f,ee,6b,ad,49,c7,0d,09,08,e5,4c,fd,a1,bb,9a,\ 2a,07,3d,5e,8b,96,22,e9,e9,07,3a,e0,d3,7b,35,bb,30,f0,98,17,4e,38,fb,78,1c,\ cd,68,aa,6b,cd,97,5d,c5,39,06,23,15,a6,a0,c2,3f,47,3f,9e,39,40,4f,1c,72,38,\ 70,87,f2,73,a4,0f,33,83,47,ab,d0,36,77,f4,bd,e3,ab,3c,5f,2b,44,13,f6,06,2c,\ da,3f,f2,4b,ae,a8,1b,b0,01,db,1c,d6,0c,89,5a,d1,5a,ce,b8,87,2f,b7,51,f0,6a,\ 0d,e9,13,8a,25,df,91,69,63,a7,21,79,48,ea,fb,6f,8b,16,d8,e0,c8,ff,ca,47,5a,\ 66,cf,c1,ec,ad,17,36,db,3e,77,86,18,f4,32,b7,d4,f8,0a,44,6a,c6,a1,cc,35,a9,\ f2,66,91,4c,98,f6,a2,e1,98,fd,09,54,c5,57,13,4f,bb,f5,76,63,5d,1b,d2,71,fd,\ ec,5c,e0,f0,71,e8,73,7e,00,3c,4a,38,44,75,e6,5e,bb,5e,3c,9e,24,e8,cc,e0,55,\ 60,0d,44,42,41,12,ba,34,fb,5d,e1,da,20,e1,39,1f,94,e5,2d,c9,e3,ca,0a,61,b2,\ 80,3a,7e,f2,ad,f9,b1,4d,69,7c,79,eb,7f,bb,b6,d5,a3,1b,ab,51,35,f2,18,ac,72,\ ed,6f,af,60,63,6e,c7,2e,c8,01,34,17,b4,40,4c,1a,2b,86,ed,7c,41,c6,9f,f8,62,\ 64,2f,13,c4,fd,f1,dd,5f,1c,54,ae,fc,8d,94,80,f4,52,a1,d3,1a,f0,92,35,8d,92,\ a4,e4,2c,88,cf,15,37,14,5a,fc,24,38,b0,08,48,ad,be,7f,7a,7e,fd,f7,1b,a4,46,\ a8,bb,20,3a,1a,e4,44,65,e5,98,97,81,7e,6d,b2,d6,0b,0c,d7,78,2c,7e,ad,b6,d3,\ 56,29,fd,f4,b1,11,69,62,88,0f,9c,e7,4d,1e,53,06,13,fc,f3,09,d2,4b,8b,9f,b2,\ b9,fb,ee,dd,4f,82,80,76,45,b9,b4,ef,1e,c9,d3,65,99,c1,eb,8c,32,52,26,d9,bf,\ 75,4f,29,0e,d5,c4,3e,ec,f3,f2,81,9d,b7,4d,c2,10,bc,c6,02,42,5f,b2,15,4d,85,\ 30,54,2b,55,d8,1d,ff,d8,50,06,b4,2d,01,59,43,4d,5a,fe,4d,e2,af,db,fe,33,6e,\ 09,51,5c,a3,11,67,d6,ca,2d,f6,dc,55,20,fc,24,11,8d,81,bb,b8,7d,04,16,8d,6e,\ 00,81,64,04,fc,55,4f,3f,5f,71,2f,54,ec,dc,b5,2a,71,1d,fa,fb,b1,25,de,37,e3,\ 88,99,f5,07,42,77,7c,a3,ce,2b,34,9e,2d,5e,2b,46,84,5a,a6,60,a9,6b,d3,64,48,\ ef,a5,a3,bf,b6,a7,84,5d,83,27,84,b7,1e,d9,f2,3a,29,be,95,16,3d,2b,b3,0a,07,\ 4f,6a,39,f5,0a,b8,19,5f,4a,81,22,ab,f5,14,00,00,00,9b,20,a5,e3,22,dc,bf,cc,\ 74,2e,75,11,c5,f9,d1,a2,40,df,0e,c4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{89162F0C-C796-E9D3-10B6-FD0DAF56AF8E}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices" "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu" "{9ED66769-A198-41FE-8615-601691C68846}"="TouchPad Property Sheet" "{DEE12703-6333-4D4E-8F34-738C4DCC2E04}"="RecordNow! SendToExt" "{E91B2703-013E-4A99-AD33-2B6FB00AA356}"="RecordNow! ContextMenuExt" "{5CA3D70E-1895-11CF-8E15-001234567890}"="DriveLetterAccess" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References" "{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"="OpenOffice.org Column Handler" "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}"="OpenOffice.org Infotip Handler" "{63542C48-9552-494A-84F7-73AA6A7C99C1}"="OpenOffice.org Property Sheet Handler" "{3B092F0C-7696-40E3-A80F-68D74DA84210}"="OpenOffice.org Thumbnail Viewer" "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes" "{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band" "{E0D79304-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79305-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79306-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79307-84BE-11CE-9641-444553540000}"="WinZip" "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player" "{8EB98C67-E8C2-4FD7-8A72-29A443156D13}"="" "{B3B7B150-63F0-4B89-8C86-4D38DC40B800}"="" "{E66B587A-F7BE-42A0-89A6-249FE7248407}"="" "{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}"="" "{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}"="" "{F4B17A29-77D0-41B2-91A8-F434B3F8D377}"="" "{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}"="" "{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}"="" "{2CE994E2-0334-4BE5-A6E4-775C3126E855}"="" "{11246354-781C-4C9D-A154-10803096B595}"="" "{F4ADD824-A055-4D20-98F3-9BF93BC98D86}"="" "{7429B6CA-19C0-4828-8249-885014EB6117}"="" "{AB052CC8-5F2A-4586-B343-276A1D62A029}"="" "{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}"="" "{D758471C-6444-4902-A309-20FBB34C6C29}"="" "{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}"="" "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning" "{B869B8A3-5487-4E66-BD55-2D4F82113E55}"="" "{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}"="" "{CABB448D-B3C3-40B3-8999-755E27D87526}"="" "{41BB1CEC-2C98-4C72-A435-D8C992231B0F}"="" "{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}"="" "{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}"="" "{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}"="" "{8459987B-63AE-4EA7-940E-193E489BA8F0}"="" "{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}"="" "{E2F871BE-FC98-4A13-943B-9DED24511C59}"="" "{CE470917-6FC4-4089-BB89-6F0F3E67A197}"="" "{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}"="" "{7540EACD-2FD7-43E8-8B44-000073CCFB4B}"="" "{B52B295F-82AE-4490-AB4A-8E6AF5127556}"="" "{A32C087E-C42B-49F5-AAF5-740A2E8D314C}"="" "{472FC619-B096-49AF-ABDB-A090A35C41E3}"="" "{E58A79C8-1CB4-4A66-AADC-48C974D055E9}"="" "{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}"="" "{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}"="" "{446FB161-9D0A-45B3-923E-CE22184567E5}"="" "{15CC146B-EB35-4EFE-BC48-87257475C0AA}"="" "{200D56CC-88C9-4B91-B821-7D81D5480D1B}"="" "{E36D2EA3-A23E-4D06-A20F-472E8936CD17}"="" "{ACCD9FC6-F15A-4A63-8061-741401CA8156}"="" "{93ED735D-AC33-4CF2-AB89-11158A95E3A2}"="" "{A003E524-B123-4627-8267-5EFDFF2BD8F2}"="" "{67DEAD28-5920-4619-996F-2137F889ACB7}"="" "{4A969817-8060-431F-B52D-B0ADA7FA80FA}"="" "{5961D0EF-8FFA-414A-8B2D-28541654442D}"="" "{20600B15-C513-4275-B934-F303AE95303A}"="" "{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}"="" "{A303887A-3C9B-438C-83F5-0242029EB692}"="" "{60F86104-1781-4226-B88F-317ED3FDA8E7}"="" "{4846088B-CDF2-492C-A205-07FC4675DA1A}"="" "{AF02C913-4F87-48C3-9844-05455AFE12A3}"="" "{906b0e6e-61ce-11d3-8ee2-0060080a7242}"="QuickSFV Shell Extension" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\InprocServer32] @="C:\\WINDOWS\\system32\\sgmpsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\InprocServer32] @="C:\\WINDOWS\\system32\\fedrclnr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\InprocServer32] @="C:\\WINDOWS\\system32\\mjiavi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\InprocServer32] @="C:\\WINDOWS\\system32\\sbobject.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\InprocServer32] @="C:\\WINDOWS\\system32\\kqdno1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\InprocServer32] @="C:\\WINDOWS\\system32\\wtbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\InprocServer32] @="C:\\WINDOWS\\system32\\wrbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\InprocServer32] @="C:\\WINDOWS\\system32\\dawave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\InprocServer32] @="C:\\WINDOWS\\system32\\dRtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\InprocServer32] @="C:\\WINDOWS\\system32\\wuploc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\InprocServer32] @="C:\\WINDOWS\\system32\\mwltus40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\InprocServer32] @="C:\\WINDOWS\\system32\\ndlanui2.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\InprocServer32] @="C:\\WINDOWS\\system32\\iWsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\InprocServer32] @="C:\\WINDOWS\\system32\\dxuiext.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\InprocServer32] @="C:\\WINDOWS\\system32\\iehlpapi.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\InprocServer32] @="C:\\WINDOWS\\system32\\mbcbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbc16gt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\InprocServer32] @="C:\\WINDOWS\\system32\\vqpodbc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\InprocServer32] @="C:\\WINDOWS\\system32\\idgutil.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\InprocServer32] @="C:\\WINDOWS\\system32\\xusp3res.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\InprocServer32] @="C:\\WINDOWS\\system32\\CnEKPolicy.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\InprocServer32] @="C:\\WINDOWS\\system32\\mTpistub.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\InprocServer32] @="C:\\WINDOWS\\system32\\cclbact.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\InprocServer32] @="C:\\WINDOWS\\system32\\pnchdprf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\InprocServer32] @="C:\\WINDOWS\\system32\\mmvcp50.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\InprocServer32] @="C:\\WINDOWS\\system32\\mgieftp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\InprocServer32] @="C:\\WINDOWS\\system32\\sulwid.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\InprocServer32] @="C:\\WINDOWS\\system32\\rfpcfgex.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\InprocServer32] @="C:\\WINDOWS\\system32\\mqxml2r.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\InprocServer32] @="C:\\WINDOWS\\system32\\cxfgnt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\InprocServer32] @="C:\\WINDOWS\\system32\\eftmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\InprocServer32] @="C:\\WINDOWS\\system32\\mqimg32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\InprocServer32] @="C:\\WINDOWS\\system32\\wahatm.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\InprocServer32] @="C:\\WINDOWS\\system32\\atcups.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories]
  4. a beluga
    voici mon rapport : L2MFIX find log 051206 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\kt06l7ds1.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] "Logon"="WLEventLogon" "Logoff"="WLEventLogoff" "Startup"="WLEventStartup" "Shutdown"="WLEventShutdown" "StartScreenSaver"="WLEventStartScreenSaver" "StopScreenSaver"="WLEventStopScreenSaver" "Lock"="WLEventLock" "Unlock"="WLEventUnlock" "StartShell"="WLEventStartShell" "PostShell"="WLEventPostShell" "Disconnect"="WLEventDisconnect" "Reconnect"="WLEventReconnect" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000000 "SafeMode"=dword:00000001 "MaxWait"=dword:ffffffff "DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Event"=dword:00000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings] "Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\ 00,00,11,96,45,6d,e8,a1,9b,45,84,42,92,96,ce,7b,31,20,04,00,00,00,04,00,00,\ 00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,34,5c,01,18,00,ee,1b,ce,\ ae,78,c9,71,b8,53,dd,6d,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,3a,\ ff,d4,e5,58,46,a7,62,93,4c,9a,3e,a8,d3,39,54,08,06,00,00,0a,00,31,64,54,83,\ 77,b8,ed,8a,c6,34,33,0b,fc,f1,c4,c2,26,19,25,1f,24,fd,fd,7a,bb,11,cb,44,98,\ b9,78,32,8d,90,31,c5,60,3f,82,e1,8c,d1,e1,79,65,11,e7,52,98,b2,29,52,9a,12,\ 9a,a5,00,95,6b,c7,ef,b3,28,ea,d2,ac,3d,68,b9,ff,bd,e4,3c,43,2e,8a,63,97,68,\ d6,02,73,d0,d8,b0,8c,0e,30,e3,82,be,4c,04,2d,53,26,8a,f9,1a,ac,12,fa,9d,4e,\ 44,9c,62,c2,6e,10,10,53,c8,19,22,f3,5f,d2,4e,5a,7d,01,c0,21,06,46,c3,f0,fc,\ 1e,78,6e,06,e9,5f,97,f4,fb,21,d2,4f,8c,c2,82,41,5e,55,a0,41,c0,44,1e,e4,2f,\ 41,43,37,5a,40,9c,2a,9c,2f,19,9a,17,d9,1c,3c,1a,9e,96,20,40,1a,6e,e2,32,2a,\ 26,43,a4,d6,3a,be,fd,da,6b,cb,65,00,4d,5e,62,fa,d4,ff,66,01,9f,cb,c7,ea,c6,\ fd,0a,d7,5a,5b,a2,3e,f9,9c,fd,bc,80,0a,9e,0b,62,84,bb,41,28,fe,77,78,a6,66,\ b2,2b,71,62,d8,cd,bf,c1,ed,1e,26,7b,82,87,f7,1b,6f,07,da,82,00,83,69,05,50,\ 1b,34,86,5d,a3,b3,d9,44,8d,3e,78,7b,8a,42,aa,e7,63,f2,0d,87,2c,24,df,1d,da,\ db,84,c4,27,99,02,97,a7,9d,7e,ca,58,15,73,41,09,f5,ea,28,ea,07,a1,ae,bb,80,\ 84,87,48,7b,28,2e,59,cc,6d,2c,56,dd,da,dd,60,dd,5b,ef,22,05,7e,59,b0,be,2c,\ 65,c2,99,1a,13,15,67,0f,ad,d3,dd,c0,c3,48,a4,39,ec,a1,99,0e,bc,1c,b6,19,76,\ 86,cd,ad,17,f0,20,60,f6,9e,93,5e,df,ac,49,af,75,2f,ef,19,50,c3,92,c1,bf,9f,\ 40,95,1e,ba,e0,dc,98,1c,fb,a7,9b,93,12,b9,60,59,46,70,09,5f,f0,77,04,e9,ec,\ 13,20,bb,af,ec,ac,d8,71,42,36,d9,5c,cd,7f,f2,2c,86,3a,0c,69,cb,39,c8,c6,7d,\ 1c,3b,17,1d,89,9c,94,bb,eb,9d,a2,93,1c,30,9d,6c,35,fa,80,73,0c,69,da,6d,5f,\ 0b,e9,9a,82,28,5e,38,f4,77,62,45,2d,e5,c9,ff,8a,c8,8b,27,60,ad,cc,2e,fa,bf,\ d1,47,7a,25,df,0d,57,fc,2a,61,2b,1b,3b,9a,3c,ca,16,f0,4d,2c,2e,49,07,c3,89,\ b1,c5,56,32,ef,24,fa,2d,46,4e,27,d6,e5,26,f5,ef,2d,7a,61,26,0e,c8,fd,10,dd,\ f8,8d,d3,2a,49,05,da,f2,71,7d,fd,05,3e,d0,64,8a,d5,e7,56,ef,9f,37,b1,4a,d1,\ 07,49,b0,9e,93,eb,4d,06,ed,49,8f,2d,2c,e6,ae,98,21,b7,d8,67,87,4c,9d,a2,58,\ c7,00,e4,27,87,8d,89,37,23,e8,38,36,bb,ca,23,92,1e,97,c6,9b,1d,13,93,b6,0f,\ a3,10,1d,e1,81,16,c4,65,3a,1c,44,30,0c,31,45,4b,04,85,43,74,a0,81,4d,9a,d9,\ 31,c5,e7,06,66,d2,7c,a1,e9,b8,f9,af,03,53,a4,e7,23,01,ec,93,52,20,93,2e,d0,\ 9a,c4,7d,6e,3c,1d,18,2c,cd,c9,36,76,9e,c6,71,60,cd,a7,93,d0,e7,13,c3,f6,82,\ df,46,8d,e9,68,81,7e,c9,06,bf,c9,6d,8e,3d,9a,0d,0a,84,b0,58,f6,82,c9,6e,a8,\ 9e,7c,4e,c4,8c,81,17,85,07,2b,cc,4f,09,8d,6c,d1,5b,83,aa,1b,26,a6,e2,c9,09,\ 72,f2,91,06,9b,01,92,92,39,97,5f,5e,0b,98,a3,78,ef,94,18,68,be,63,af,85,ac,\ 88,ea,19,ce,a0,e9,d2,0f,6e,c2,d0,f2,8c,7a,a8,f7,c0,22,02,c1,c8,72,33,67,2b,\ 8e,8b,fb,9c,60,d1,64,69,9b,d5,08,3d,1a,51,11,cf,06,cb,7f,3b,50,8b,85,43,f3,\ bf,1c,ee,51,86,26,aa,fc,72,63,60,6c,75,55,dd,20,16,05,f0,f5,c9,aa,79,46,45,\ 5a,04,62,bd,70,d1,69,83,87,38,0f,ec,e4,85,e8,a9,1b,28,a3,9b,83,7c,8b,21,5f,\ f0,8d,a7,dd,1a,9b,e0,d2,ea,c9,91,58,c9,32,30,f6,53,1e,1b,17,0c,7d,ac,ca,38,\ 41,24,a2,d6,dc,98,20,f4,1c,6c,0f,cd,37,e3,5c,fa,6d,f3,33,d4,ae,21,90,71,11,\ ae,1c,47,34,64,49,ad,25,32,91,4a,74,f9,08,2f,7c,7e,3d,0c,1b,84,4a,54,db,4a,\ 0b,5b,89,8b,9a,5e,07,de,bb,df,21,52,a0,6f,e9,c5,29,0c,6b,d6,12,3f,6d,ca,42,\ f4,86,08,ed,f1,25,e9,f0,46,09,1f,ee,6b,ad,49,c7,0d,09,08,e5,4c,fd,a1,bb,9a,\ 2a,07,3d,5e,8b,96,22,e9,e9,07,3a,e0,d3,7b,35,bb,30,f0,98,17,4e,38,fb,78,1c,\ cd,68,aa,6b,cd,97,5d,c5,39,06,23,15,a6,a0,c2,3f,47,3f,9e,39,40,4f,1c,72,38,\ 70,87,f2,73,a4,0f,33,83,47,ab,d0,36,77,f4,bd,e3,ab,3c,5f,2b,44,13,f6,06,2c,\ da,3f,f2,4b,ae,a8,1b,b0,01,db,1c,d6,0c,89,5a,d1,5a,ce,b8,87,2f,b7,51,f0,6a,\ 0d,e9,13,8a,25,df,91,69,63,a7,21,79,48,ea,fb,6f,8b,16,d8,e0,c8,ff,ca,47,5a,\ 66,cf,c1,ec,ad,17,36,db,3e,77,86,18,f4,32,b7,d4,f8,0a,44,6a,c6,a1,cc,35,a9,\ f2,66,91,4c,98,f6,a2,e1,98,fd,09,54,c5,57,13,4f,bb,f5,76,63,5d,1b,d2,71,fd,\ ec,5c,e0,f0,71,e8,73,7e,00,3c,4a,38,44,75,e6,5e,bb,5e,3c,9e,24,e8,cc,e0,55,\ 60,0d,44,42,41,12,ba,34,fb,5d,e1,da,20,e1,39,1f,94,e5,2d,c9,e3,ca,0a,61,b2,\ 80,3a,7e,f2,ad,f9,b1,4d,69,7c,79,eb,7f,bb,b6,d5,a3,1b,ab,51,35,f2,18,ac,72,\ ed,6f,af,60,63,6e,c7,2e,c8,01,34,17,b4,40,4c,1a,2b,86,ed,7c,41,c6,9f,f8,62,\ 64,2f,13,c4,fd,f1,dd,5f,1c,54,ae,fc,8d,94,80,f4,52,a1,d3,1a,f0,92,35,8d,92,\ a4,e4,2c,88,cf,15,37,14,5a,fc,24,38,b0,08,48,ad,be,7f,7a,7e,fd,f7,1b,a4,46,\ a8,bb,20,3a,1a,e4,44,65,e5,98,97,81,7e,6d,b2,d6,0b,0c,d7,78,2c,7e,ad,b6,d3,\ 56,29,fd,f4,b1,11,69,62,88,0f,9c,e7,4d,1e,53,06,13,fc,f3,09,d2,4b,8b,9f,b2,\ b9,fb,ee,dd,4f,82,80,76,45,b9,b4,ef,1e,c9,d3,65,99,c1,eb,8c,32,52,26,d9,bf,\ 75,4f,29,0e,d5,c4,3e,ec,f3,f2,81,9d,b7,4d,c2,10,bc,c6,02,42,5f,b2,15,4d,85,\ 30,54,2b,55,d8,1d,ff,d8,50,06,b4,2d,01,59,43,4d,5a,fe,4d,e2,af,db,fe,33,6e,\ 09,51,5c,a3,11,67,d6,ca,2d,f6,dc,55,20,fc,24,11,8d,81,bb,b8,7d,04,16,8d,6e,\ 00,81,64,04,fc,55,4f,3f,5f,71,2f,54,ec,dc,b5,2a,71,1d,fa,fb,b1,25,de,37,e3,\ 88,99,f5,07,42,77,7c,a3,ce,2b,34,9e,2d,5e,2b,46,84,5a,a6,60,a9,6b,d3,64,48,\ ef,a5,a3,bf,b6,a7,84,5d,83,27,84,b7,1e,d9,f2,3a,29,be,95,16,3d,2b,b3,0a,07,\ 4f,6a,39,f5,0a,b8,19,5f,4a,81,22,ab,f5,14,00,00,00,9b,20,a5,e3,22,dc,bf,cc,\ 74,2e,75,11,c5,f9,d1,a2,40,df,0e,c4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{89162F0C-C796-E9D3-10B6-FD0DAF56AF8E}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices" "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu" "{9ED66769-A198-41FE-8615-601691C68846}"="TouchPad Property Sheet" "{DEE12703-6333-4D4E-8F34-738C4DCC2E04}"="RecordNow! SendToExt" "{E91B2703-013E-4A99-AD33-2B6FB00AA356}"="RecordNow! ContextMenuExt" "{5CA3D70E-1895-11CF-8E15-001234567890}"="DriveLetterAccess" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References" "{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"="OpenOffice.org Column Handler" "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}"="OpenOffice.org Infotip Handler" "{63542C48-9552-494A-84F7-73AA6A7C99C1}"="OpenOffice.org Property Sheet Handler" "{3B092F0C-7696-40E3-A80F-68D74DA84210}"="OpenOffice.org Thumbnail Viewer" "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes" "{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band" "{E0D79304-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79305-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79306-84BE-11CE-9641-444553540000}"="WinZip" "{E0D79307-84BE-11CE-9641-444553540000}"="WinZip" "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player" "{8EB98C67-E8C2-4FD7-8A72-29A443156D13}"="" "{B3B7B150-63F0-4B89-8C86-4D38DC40B800}"="" "{E66B587A-F7BE-42A0-89A6-249FE7248407}"="" "{35B4B170-4DA9-4ED0-9143-04E2496EA8EF}"="" "{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}"="" "{F4B17A29-77D0-41B2-91A8-F434B3F8D377}"="" "{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}"="" "{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}"="" "{2CE994E2-0334-4BE5-A6E4-775C3126E855}"="" "{11246354-781C-4C9D-A154-10803096B595}"="" "{F4ADD824-A055-4D20-98F3-9BF93BC98D86}"="" "{7429B6CA-19C0-4828-8249-885014EB6117}"="" "{AB052CC8-5F2A-4586-B343-276A1D62A029}"="" "{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}"="" "{D758471C-6444-4902-A309-20FBB34C6C29}"="" "{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}"="" "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning" "{B869B8A3-5487-4E66-BD55-2D4F82113E55}"="" "{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}"="" "{CABB448D-B3C3-40B3-8999-755E27D87526}"="" "{41BB1CEC-2C98-4C72-A435-D8C992231B0F}"="" "{AE554076-DC24-4DDF-8B33-EE8E40C5CD03}"="" "{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}"="" "{F2E75A9B-1CA6-43EA-B4B8-0EBC6C6C2F26}"="" "{8459987B-63AE-4EA7-940E-193E489BA8F0}"="" "{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}"="" "{E2F871BE-FC98-4A13-943B-9DED24511C59}"="" "{CE470917-6FC4-4089-BB89-6F0F3E67A197}"="" "{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}"="" "{7540EACD-2FD7-43E8-8B44-000073CCFB4B}"="" "{B52B295F-82AE-4490-AB4A-8E6AF5127556}"="" "{A32C087E-C42B-49F5-AAF5-740A2E8D314C}"="" "{472FC619-B096-49AF-ABDB-A090A35C41E3}"="" "{E58A79C8-1CB4-4A66-AADC-48C974D055E9}"="" "{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}"="" "{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}"="" "{446FB161-9D0A-45B3-923E-CE22184567E5}"="" "{15CC146B-EB35-4EFE-BC48-87257475C0AA}"="" "{200D56CC-88C9-4B91-B821-7D81D5480D1B}"="" "{E36D2EA3-A23E-4D06-A20F-472E8936CD17}"="" "{ACCD9FC6-F15A-4A63-8061-741401CA8156}"="" "{93ED735D-AC33-4CF2-AB89-11158A95E3A2}"="" "{A003E524-B123-4627-8267-5EFDFF2BD8F2}"="" "{67DEAD28-5920-4619-996F-2137F889ACB7}"="" "{4A969817-8060-431F-B52D-B0ADA7FA80FA}"="" "{5961D0EF-8FFA-414A-8B2D-28541654442D}"="" "{20600B15-C513-4275-B934-F303AE95303A}"="" "{5FF6AAEB-0710-457E-9DAC-ECD6FD2F78D0}"="" "{A303887A-3C9B-438C-83F5-0242029EB692}"="" "{60F86104-1781-4226-B88F-317ED3FDA8E7}"="" "{4846088B-CDF2-492C-A205-07FC4675DA1A}"="" "{AF02C913-4F87-48C3-9844-05455AFE12A3}"="" "{906b0e6e-61ce-11d3-8ee2-0060080a7242}"="QuickSFV Shell Extension" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8EB98C67-E8C2-4FD7-8A72-29A443156D13}\InprocServer32] @="C:\\WINDOWS\\system32\\sgmpsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E66B587A-F7BE-42A0-89A6-249FE7248407}\InprocServer32] @="C:\\WINDOWS\\system32\\fedrclnr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CC87F4BA-7E7B-480F-B53C-DA4F8212C40D}\InprocServer32] @="C:\\WINDOWS\\system32\\mjiavi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4B17A29-77D0-41B2-91A8-F434B3F8D377}\InprocServer32] @="C:\\WINDOWS\\system32\\sbobject.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C05A972E-5277-4C47-9BD2-405D3C2FD1A4}\InprocServer32] @="C:\\WINDOWS\\system32\\kqdno1.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DD4B16BB-FF88-4DA3-83FC-072E5C6F5BCA}\InprocServer32] @="C:\\WINDOWS\\system32\\wtbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2CE994E2-0334-4BE5-A6E4-775C3126E855}\InprocServer32] @="C:\\WINDOWS\\system32\\wrbhits.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{11246354-781C-4C9D-A154-10803096B595}\InprocServer32] @="C:\\WINDOWS\\system32\\dawave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{F4ADD824-A055-4D20-98F3-9BF93BC98D86}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7429B6CA-19C0-4828-8249-885014EB6117}\InprocServer32] @="C:\\WINDOWS\\system32\\dRtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AB052CC8-5F2A-4586-B343-276A1D62A029}\InprocServer32] @="C:\\WINDOWS\\system32\\wuploc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F16AE66-0DBF-48C4-9C29-6073C411BD0E}\InprocServer32] @="C:\\WINDOWS\\system32\\mwltus40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D758471C-6444-4902-A309-20FBB34C6C29}\InprocServer32] @="C:\\WINDOWS\\system32\\ndlanui2.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8691BCF2-5CE9-4C38-9F75-E0C44E9AE272}\InprocServer32] @="C:\\WINDOWS\\system32\\iWsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{289C6D1D-7E13-4C02-BCB8-FECEB004D33A}\InprocServer32] @="C:\\WINDOWS\\system32\\dxuiext.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CABB448D-B3C3-40B3-8999-755E27D87526}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{41BB1CEC-2C98-4C72-A435-D8C992231B0F}\InprocServer32] @="C:\\WINDOWS\\system32\\iehlpapi.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{3C2C0A7F-8E09-48D1-928C-DCFE65C1B527}\InprocServer32] @="C:\\WINDOWS\\system32\\mbcbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8459987B-63AE-4EA7-940E-193E489BA8F0}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbc16gt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DBE7166E-3EFE-4BCB-BC65-194D37C29A63}\InprocServer32] @="C:\\WINDOWS\\system32\\vqpodbc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E2F871BE-FC98-4A13-943B-9DED24511C59}\InprocServer32] @="C:\\WINDOWS\\system32\\idgutil.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CE470917-6FC4-4089-BB89-6F0F3E67A197}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ECADAEA-88CA-4443-BD2C-5B943575A1EC}\InprocServer32] @="C:\\WINDOWS\\system32\\xusp3res.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7540EACD-2FD7-43E8-8B44-000073CCFB4B}\InprocServer32] @="C:\\WINDOWS\\system32\\CnEKPolicy.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B52B295F-82AE-4490-AB4A-8E6AF5127556}\InprocServer32] @="C:\\WINDOWS\\system32\\mTpistub.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A32C087E-C42B-49F5-AAF5-740A2E8D314C}\InprocServer32] @="C:\\WINDOWS\\system32\\cclbact.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{472FC619-B096-49AF-ABDB-A090A35C41E3}\InprocServer32] @="C:\\WINDOWS\\system32\\pnchdprf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E58A79C8-1CB4-4A66-AADC-48C974D055E9}\InprocServer32] @="C:\\WINDOWS\\system32\\mmvcp50.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A13F424C-CE4F-4D1D-BBF2-7CDC1134EF8C}\InprocServer32] @="C:\\WINDOWS\\system32\\mgieftp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2ADBA32B-0262-4B79-B7EE-4D2B0099578B}\InprocServer32] @="C:\\WINDOWS\\system32\\sulwid.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{446FB161-9D0A-45B3-923E-CE22184567E5}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{15CC146B-EB35-4EFE-BC48-87257475C0AA}\InprocServer32] @="C:\\WINDOWS\\system32\\rfpcfgex.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{200D56CC-88C9-4B91-B821-7D81D5480D1B}\InprocServer32] @="C:\\WINDOWS\\system32\\mqxml2r.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E36D2EA3-A23E-4D06-A20F-472E8936CD17}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{ACCD9FC6-F15A-4A63-8061-741401CA8156}\InprocServer32] @="C:\\WINDOWS\\system32\\cxfgnt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93ED735D-AC33-4CF2-AB89-11158A95E3A2}\InprocServer32] @="C:\\WINDOWS\\system32\\eftmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A003E524-B123-4627-8267-5EFDFF2BD8F2}\InprocServer32] @="C:\\WINDOWS\\system32\\mqimg32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{67DEAD28-5920-4619-996F-2137F889ACB7}\InprocServer32] @="C:\\WINDOWS\\system32\\wahatm.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4A969817-8060-431F-B52D-B0ADA7FA80FA}\InprocServer32] @="C:\\WINDOWS\\system32\\atcups.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}] @="" "IDEx"="AD" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5961D0EF-8FFA-414A-8B2D-28541654442D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @=&
  5. a beluga
    voici mon log de hjt j'ai un problème avec command service et surf side kick. pouvez-vous m'aidez? merci! Logfile of HijackThis v1.99.1 Scan saved at 21:55:16, on 2006-06-06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\wamp\apache2\bin\Apache.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\wamp\wampserver.exe C:\Program Files\AntiVir PersonalEdition Classic\avnotify.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.shoptoshiba.ca/welcome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - (no file) O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5D624400-B352-AD96-356A-0C001B5371B6} - C:\WINDOWS\yfesefmf.dll (file missing) O2 - BHO: (no name) - {ECB5AA73-873E-4845-B566-05CFA09B1321} - C:\Program Files\Internet Explorer\horemogex.dll (file missing) O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [Mfrwuztx] C:\Program Files\Atsl\Xyepn.exe O4 - HKLM\..\Run: [w0019b12.dll] RUNDLL32.EXE w0019b12.dll,I2 000eb10300019b12 O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-288B1E346E99} - C:\Program Files\FCAdvice\FCAdvice.dll O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\kt06l7ds1.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe" "--defaults-file=C:\Program Files\wamp\mysql\my.ini" wampmysqld (file missing)
×
×
  • Créer...