Infection virus (window, windows-genuine-advantage, impression, cache)

prisa

17 Février 2006 17:47:28

bonjour à tous,

J'ai 2 problèmes sur mon PC:
- Des pop-up qui s'ouvrent tout le temps. J'ai passé des anti-virus et des anti-spyware qui ne trouvent rien...
- Lors du démarrage de mon PC ce message s'affiche "problème de chargement de C/progra-1/newdot-1/newdot-1.DLL module spécifié introuvable"

Je ne sais pas s'il y a un lien entre tout ça, en tout cas, voici mon rapport HijackThis, si quelqu'un pouvait me dire ce que je dois faire ou enlever, ce serait cool!!

Merci d'avance pour votre aide...

Logfile of HijackThis v1.99.1
Scan saved at 18:46:15, on 17/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\WINDOWS\blank.mht
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - http://www.checkspy.com/fr/FlowScan.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\hr2405fqe.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Autres pages sur : infection virus

| Etre averti des réponses
| Alerter

Répondre à prisa

Angeldark

17 Février 2006 17:52:07

Salut,

Tu as une infection de type Look2Me (ligne 020)
1/Télécharge L2Mfix

http://www.atribune.org/downloads/l2mfix.exe ou

Mets-le sur ton bureau.
Lance l’application
Clic sur Accept, ensuite sur Install

2/ Ouvre le dossier l2mfix créé sur le bureau puis double-clic sur L2Mfix.bat
Puis option 1, Entrée
Poste le 1er rapport.

3/ Ouvre le dossier l2mfix puis double-clic sur L2Mfix.bat
Ensuite choisis l'option 2 puis Entrée
Puis appuie sur n'importe quelle touche
L’ordinateur va redemarrer
Après redémarrage, le bureau et les icônes vont apparaître puis disparaître, c'est normal ! Et un nouveau rapport va apparaître à l'écran.
Si après redémarrage les icônes n'apparaissent/disparaissent pas ou si le rapport n'apparaît pas, ouvre le dossier l2mfix et lance un second.bat

4/ Poste un log HJT.

| Alerter

Répondre à Angeldark

prisa

17 Février 2006 18:20:03

1er rapport:

L2MFIX find log 010406
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
@=""
"DLLName"="igfxsrvc.dll"
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000001
"Unlock"="WinlogonUnlockEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
"Logoff"="SebringUserLogoff"
"Logon"="SebringUserLogon"
"Impersonate"=dword:00000000
"Dllname"="C:\\WINDOWS\\System32\\LgNotify.dll"
"Asynchronous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\hr2405fqe.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{266A9909-7394-128A-26D2-7A67B4024CEC}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{2F603045-309F-11CF-9774-0020AFD0CFF6}"="Synaptics Control Panel"
"{5E44E225-A408-11CF-B581-008029601108}"="Adaptec DirectCD Shell Extension"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{0D716399-908C-4A32-9A7D-3CC5B035D187}"=""
"{3CEAF629-341B-4795-831A-D0E7204795AB}"=""
"{8734E365-4868-48C0-9824-2E99D4BF0EBC}"=""
"{1883381C-6E1C-441D-8C1B-F45ED8DACB35}"=""
"{DDF68E0F-BD8F-4FF1-B63D-8D99927DBA46}"=""
"{5870FAAF-48DF-4CA9-A7BC-62149008E037}"=""
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
"{E7580BF8-9A08-49B7-B2FE-4089B104EBA9}"=""
"{02641871-F6C8-4161-8236-22D0E1AE1F87}"=""
"{A46DD87F-2E05-45FC-A9D4-121FB870142F}"=""
"{748A3820-D2CE-4DF3-9778-1A8F507A07FB}"=""
"{3503A4B1-3D73-408C-8F7E-2B4C2866F103}"=""
"{B81D109D-D669-44E3-BC7F-6EBA75D1F7FC}"=""
"{3CA7B5E5-E667-40E3-BAF8-0D580DA909DF}"=""
"{FB813718-EB98-434D-B51F-FE53005B8761}"=""
"{BA53727F-C936-4A38-9CDF-3119F03C2886}"=""
"{0F14CAF1-364C-47F2-ACB1-E0CC6F62B4DD}"=""
"{271CD4FB-8E80-491A-B192-1D1BA53939FF}"=""
"{1D0A13CF-8169-4818-8656-2DEE1C81154F}"=""
"{A1FA28AD-230D-4922-9922-1650CEE382D2}"=""
"{170BFE31-5D28-4C26-9295-66291012F03E}"=""
"{69693B5A-CFA2-4BEF-83CF-EB7FA9726819}"=""
"{6BA4637D-C3DB-4D2F-9F08-AD5F9E4E4DE0}"=""
"{DFA812CA-CF7D-4591-A449-F26CD1C632F2}"=""
"{6DBCDE73-2A73-4F82-B22E-245B4ABE37CF}"=""
"{1DD5B39B-6206-43B5-BEF8-DF37F29CF1C3}"=""
"{DFF49092-5C64-4DDC-B7B1-0A667E911BE0}"=""
"{27591E8E-0D2F-4597-ADF7-AAE96E0DFDDC}"=""
"{646DEB47-AB64-4BF3-84AD-76875278BC04}"=""
"{ADD60484-9B1B-4818-94F2-F9AF543AD314}"=""
"{D17FE0E7-BF91-48C5-B282-231FDE80A35A}"=""
"{69076332-6298-4903-8593-71B31D548D4D}"=""
"{394F5F84-0F78-4D35-B004-E4FB2F954EF5}"=""
"{EB23BE04-590F-4C89-82E0-18E3A7B746A1}"=""
"{6933D332-B414-43AB-A7A0-280E2F12E0C8}"=""
"{9E7CEFD3-AF9D-46B2-9631-524FF0F5F4F2}"=""
"{D715AAE1-DC9C-475A-A83D-234D3C5686A2}"=""
"{AB57B4EE-A92B-45C3-89CA-68CCFE309E60}"=""
"{CDB300EB-A332-40E7-ABB6-4E51FB89EE98}"=""
"{AEA5BD07-D4E7-4762-BA02-C4A1297F6957}"=""
"{37D97827-3A70-4443-9FA9-7DC465DAC433}"=""
"{6F4FE5E0-1D5F-4BBC-B891-8D1247109A57}"=""
"{39A0BEFD-3E3C-4B2B-9CE0-A425E1EEE6CB}"=""
"{2B16D756-814C-4A5E-8191-4A1DBA2D24CF}"=""
"{4624100C-12DB-4817-B21E-2A886459B589}"=""
"{D81D72E4-A9DE-4A78-BEDE-0E1843223BC6}"=""
"{5C5AB9BD-7EA0-456F-8560-9E3E43BDEB48}"=""
"{5CE98299-C60D-429B-9098-4456E06F8678}"=""
"{D26A6DD1-8384-4F9B-8E47-84274DB93351}"=""
"{DD40E61A-1DEA-4691-B476-15F355DF7C89}"=""
"{61083A5F-17B3-4A79-9F17-73CF8709A744}"=""
"{D729DF10-61D8-48D3-A3A1-C379A2931340}"=""
"{39E822C0-1068-4C04-AECA-61460705C459}"=""
"{5EBC8C1C-1D3C-4E13-865A-B7C1BF45A5FC}"=""
"{AB60A7F0-41DE-4A16-9D28-FA3B8F0CA394}"=""
"{C30B25FD-9964-4AC7-AE69-A9696E3BA912}"=""
"{F0BECD23-C34F-4A8F-B2E8-E624E4D6F289}"=""
"{1B0E1BBA-BC16-47AD-80A9-F47D813CAA5F}"=""
"{9C4BC277-405B-4C25-A30A-E1A448AE22AD}"=""
"{49FCDD11-AEC8-45FD-84DE-0EF8662C59D4}"=""
"{29AE4B28-5F2D-4F45-803C-714E05C13039}"=""
"{5C93EEA9-F019-4F6D-80CA-F8A9AB4D3811}"=""
"{A5A4F21A-9A34-40AD-8B09-962FA28F21E7}"=""
"{830B6C00-C751-42B7-BB94-0C5AFCA4134B}"=""
"{63A2E9D0-67CA-4744-8828-A60F2F4C8880}"=""
"{B09C5786-2360-4881-BD82-D17BE70D56F1}"=""
"{6A29527B-B7EA-40C3-956D-3077FF382C7F}"=""
"{EAB766AA-6F77-422C-B547-A15240A4DC57}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{0D716399-908C-4A32-9A7D-3CC5B035D187}]
@=""
"IDEx"="ADDR"

[HKEY_CLASSES_ROOT\CLSID\{0D716399-908C-4A32-9A7D-3CC5B035D187}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{0D716399-908C-4A32-9A7D-3CC5B035D187}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{0D716399-908C-4A32-9A7D-3CC5B035D187}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{8734E365-4868-48C0-9824-2E99D4BF0EBC}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{8734E365-4868-48C0-9824-2E99D4BF0EBC}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{8734E365-4868-48C0-9824-2E99D4BF0EBC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{8734E365-4868-48C0-9824-2E99D4BF0EBC}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{DDF68E0F-BD8F-4FF1-B63D-8D99927DBA46}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DDF68E0F-BD8F-4FF1-B63D-8D99927DBA46}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DDF68E0F-BD8F-4FF1-B63D-8D99927DBA46}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DDF68E0F-BD8F-4FF1-B63D-8D99927DBA46}\InprocServer32]
@="C:\\WINDOWS\\system32\\IT50_QC.DLL"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{5870FAAF-48DF-4CA9-A7BC-62149008E037}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5870FAAF-48DF-4CA9-A7BC-62149008E037}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5870FAAF-48DF-4CA9-A7BC-62149008E037}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5870FAAF-48DF-4CA9-A7BC-62149008E037}\InprocServer32]
@="C:\\WINDOWS\\system32\\CEMODEM.DLL"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{E7580BF8-9A08-49B7-B2FE-4089B104EBA9}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E7580BF8-9A08-49B7-B2FE-4089B104EBA9}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E7580BF8-9A08-49B7-B2FE-4089B104EBA9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E7580BF8-9A08-49B7-B2FE-4089B104EBA9}\InprocServer32]
@="C:\\WINDOWS\\system32\\wivdmoe.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{02641871-F6C8-4161-8236-22D0E1AE1F87}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{02641871-F6C8-4161-8236-22D0E1AE1F87}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{02641871-F6C8-4161-8236-22D0E1AE1F87}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{02641871-F6C8-4161-8236-22D0E1AE1F87}\InprocServer32]
@="C:\\WINDOWS\\system32\\ckrtmgr.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{A46DD87F-2E05-45FC-A9D4-121FB870142F}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A46DD87F-2E05-45FC-A9D4-121FB870142F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A46DD87F-2E05-45FC-A9D4-121FB870142F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A46DD87F-2E05-45FC-A9D4-121FB870142F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mvdtcuiu.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{748A3820-D2CE-4DF3-9778-1A8F507A07FB}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{748A3820-D2CE-4DF3-9778-1A8F507A07FB}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{748A3820-D2CE-4DF3-9778-1A8F507A07FB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{748A3820-D2CE-4DF3-9778-1A8F507A07FB}\InprocServer32]
@="C:\\WINDOWS\\system32\\tgflog.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{3503A4B1-3D73-408C-8F7E-2B4C2866F103}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3503A4B1-3D73-408C-8F7E-2B4C2866F103}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3503A4B1-3D73-408C-8F7E-2B4C2866F103}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3503A4B1-3D73-408C-8F7E-2B4C2866F103}\InprocServer32]
@="C:\\WINDOWS\\system32\\ewsadu.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{B81D109D-D669-44E3-BC7F-6EBA75D1F7FC}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B81D109D-D669-44E3-BC7F-6EBA75D1F7FC}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B81D109D-D669-44E3-BC7F-6EBA75D1F7FC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B81D109D-D669-44E3-BC7F-6EBA75D1F7FC}\InprocServer32]
@="C:\\WINDOWS\\system32\\wtdmps.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{3CA7B5E5-E667-40E3-BAF8-0D580DA909DF}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3CA7B5E5-E667-40E3-BAF8-0D580DA909DF}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3CA7B5E5-E667-40E3-BAF8-0D580DA909DF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{3CA7B5E5-E667-40E3-BAF8-0D580DA909DF}\InprocServer32]
@="C:\\WINDOWS\\system32\\wtn32spl.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{FB813718-EB98-434D-B51F-FE53005B8761}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{FB813718-EB98-434D-B51F-FE53005B8761}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{FB813718-EB98-434D-B51F-FE53005B8761}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{FB813718-EB98-434D-B51F-FE53005B8761}\InprocServer32]
@="C:\\WINDOWS\\system32\\uiildll.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{BA53727F-C936-4A38-9CDF-3119F03C2886}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BA53727F-C936-4A38-9CDF-3119F03C2886}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BA53727F-C936-4A38-9CDF-3119F03C2886}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BA53727F-C936-4A38-9CDF-3119F03C2886}\InprocServer32]
@="C:\\WINDOWS\\system32\\rmfsaps.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{0F14CAF1-364C-47F2-ACB1-E0CC6F62B4DD}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{0F14CAF1-364C-47F2-ACB1-E0CC6F62B4DD}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{0F14CAF1-364C-47F2-ACB1-E0CC6F62B4DD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{0F14CAF1-364C-47F2-ACB1-E0CC6F62B4DD}\InprocServer32]
@="C:\\WINDOWS\\system32\\jimd400.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{271CD4FB-8E80-491A-B192-1D1BA53939FF}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{271CD4FB-8E80-491A-B192-1D1BA53939FF}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{271CD4FB-8E80-491A-B192-1D1BA53939FF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{271CD4FB-8E80-491A-B192-1D1BA53939FF}\InprocServer32]
@="C:\\WINDOWS\\system32\\lapcd11n.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1D0A13CF-8169-4818-8656-2DEE1C81154F}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D0A13CF-8169-4818-8656-2DEE1C81154F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D0A13CF-8169-4818-8656-2DEE1C81154F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1D0A13CF-8169-4818-8656-2DEE1C81154F}\InprocServer32]
@="C:\\WINDOWS\\system32\\wsvcore.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{A1FA28AD-230D-4922-9922-1650CEE382D2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A1FA28AD-230D-4922-9922-1650CEE382D2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A1FA28AD-230D-4922-9922-1650CEE382D2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A1FA28AD-230D-4922-9922-1650CEE382D2}\InprocServer32]
@="C:\\WINDOWS\\system32\\wydmlog.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{170BFE31-5D28-4C26-9295-66291012F03E}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{170BFE31-5D28-4C26-9295-66291012F03E}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{170BFE31-5D28-4C26-9295-66291012F03E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{170BFE31-5D28-4C26-9295-66291012F03E}\InprocServer32]
@="C:\\WINDOWS\\system32\\owbcint.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{69693B5A-CFA2-4BEF-83CF-EB7FA9726819}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69693B5A-CFA2-4BEF-83CF-EB7FA9726819}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69693B5A-CFA2-4BEF-83CF-EB7FA9726819}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69693B5A-CFA2-4BEF-83CF-EB7FA9726819}\InprocServer32]
@="C:\\WINDOWS\\system32\\pqcVSSTI.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6BA4637D-C3DB-4D2F-9F08-AD5F9E4E4DE0}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6BA4637D-C3DB-4D2F-9F08-AD5F9E4E4DE0}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6BA4637D-C3DB-4D2F-9F08-AD5F9E4E4DE0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6BA4637D-C3DB-4D2F-9F08-AD5F9E4E4DE0}\InprocServer32]
@="C:\\WINDOWS\\system32\\CFTSRVPS.DLL"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{DFA812CA-CF7D-4591-A449-F26CD1C632F2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFA812CA-CF7D-4591-A449-F26CD1C632F2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFA812CA-CF7D-4591-A449-F26CD1C632F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFA812CA-CF7D-4591-A449-F26CD1C632F2}\InprocServer32]
@="C:\\WINDOWS\\system32\\wR2time.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6DBCDE73-2A73-4F82-B22E-245B4ABE37CF}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6DBCDE73-2A73-4F82-B22E-245B4ABE37CF}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6DBCDE73-2A73-4F82-B22E-245B4ABE37CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6DBCDE73-2A73-4F82-B22E-245B4ABE37CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\whbclnt.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1DD5B39B-6206-43B5-BEF8-DF37F29CF1C3}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1DD5B39B-6206-43B5-BEF8-DF37F29CF1C3}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1DD5B39B-6206-43B5-BEF8-DF37F29CF1C3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1DD5B39B-6206-43B5-BEF8-DF37F29CF1C3}\InprocServer32]
@="C:\\WINDOWS\\system32\\ktdycc.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{DFF49092-5C64-4DDC-B7B1-0A667E911BE0}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFF49092-5C64-4DDC-B7B1-0A667E911BE0}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFF49092-5C64-4DDC-B7B1-0A667E911BE0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DFF49092-5C64-4DDC-B7B1-0A667E911BE0}\InprocServer32]
@="C:\\WINDOWS\\system32\\osecli32.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{27591E8E-0D2F-4597-ADF7-AAE96E0DFDDC}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{27591E8E-0D2F-4597-ADF7-AAE96E0DFDDC}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{27591E8E-0D2F-4597-ADF7-AAE96E0DFDDC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{27591E8E-0D2F-4597-ADF7-AAE96E0DFDDC}\InprocServer32]
@="C:\\WINDOWS\\system32\\igagehlp.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{646DEB47-AB64-4BF3-84AD-76875278BC04}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{646DEB47-AB64-4BF3-84AD-76875278BC04}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{646DEB47-AB64-4BF3-84AD-76875278BC04}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{646DEB47-AB64-4BF3-84AD-76875278BC04}\InprocServer32]
@="C:\\WINDOWS\\system32\\tfkwks.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{ADD60484-9B1B-4818-94F2-F9AF543AD314}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ADD60484-9B1B-4818-94F2-F9AF543AD314}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ADD60484-9B1B-4818-94F2-F9AF543AD314}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ADD60484-9B1B-4818-94F2-F9AF543AD314}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdvcp60.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D17FE0E7-BF91-48C5-B282-231FDE80A35A}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D17FE0E7-BF91-48C5-B282-231FDE80A35A}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D17FE0E7-BF91-48C5-B282-231FDE80A35A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D17FE0E7-BF91-48C5-B282-231FDE80A35A}\InprocServer32]
@="C:\\WINDOWS\\system32\\ddmsrpcn.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{69076332-6298-4903-8593-71B31D548D4D}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69076332-6298-4903-8593-71B31D548D4D}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69076332-6298-4903-8593-71B31D548D4D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{69076332-6298-4903-8593-71B31D548D4D}\InprocServer32]
@="C:\\WINDOWS\\system32\\nehtml.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{394F5F84-0F78-4D35-B004-E4FB2F954EF5}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{394F5F84-0F78-4D35-B004-E4FB2F954EF5}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{394F5F84-0F78-4D35-B004-E4FB2F954EF5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{394F5F84-0F78-4D35-B004-E4FB2F954EF5}\InprocServer32]
@="C:\\WINDOWS\\system32\\ffntsub.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{EB23BE04-590F-4C89-82E0-18E3A7B746A1}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EB23BE04-590F-4C89-82E0-18E3A7B746A1}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EB23BE04-590F-4C89-82E0-18E3A7B746A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EB23BE04-590F-4C89-82E0-18E3A7B746A1}\InprocServer32]
@="C:\\WINDOWS\\system32\\daskmon.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6933D332-B414-43AB-A7A0-280E2F12E0C8}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6933D332-B414-43AB-A7A0-280E2F12E0C8}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6933D332-B414-43AB-A7A0-280E2F12E0C8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6933D332-B414-43AB-A7A0-280E2F12E0C8}\InprocServer32]
@="C:\\WINDOWS\\system32\\wzvdmoe.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{9E7CEFD3-AF9D-46B2-9631-524FF0F5F4F2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9E7CEFD3-AF9D-46B2-9631-524FF0F5F4F2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9E7CEFD3-AF9D-46B2-9631-524FF0F5F4F2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9E7CEFD3-AF9D-46B2-9631-524FF0F5F4F2}\InprocServer32]
@="C:\\WINDOWS\\system32\\mzutil.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D715AAE1-DC9C-475A-A83D-234D3C5686A2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D715AAE1-DC9C-475A-A83D-234D3C5686A2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D715AAE1-DC9C-475A-A83D-234D3C5686A2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D715AAE1-DC9C-475A-A83D-234D3C5686A2}\InprocServer32]
@="C:\\WINDOWS\\system32\\kadycc.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{AB57B4EE-A92B-45C3-89CA-68CCFE309E60}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB57B4EE-A92B-45C3-89CA-68CCFE309E60}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB57B4EE-A92B-45C3-89CA-68CCFE309E60}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB57B4EE-A92B-45C3-89CA-68CCFE309E60}\InprocServer32]
@="C:\\WINDOWS\\system32\\iTlmdd5.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{CDB300EB-A332-40E7-ABB6-4E51FB89EE98}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{CDB300EB-A332-40E7-ABB6-4E51FB89EE98}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{CDB300EB-A332-40E7-ABB6-4E51FB89EE98}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{CDB300EB-A332-40E7-ABB6-4E51FB89EE98}\InprocServer32]
@="C:\\WINDOWS\\system32\\uyhisapi.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{AEA5BD07-D4E7-4762-BA02-C4A1297F6957}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AEA5BD07-D4E7-4762-BA02-C4A1297F6957}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AEA5BD07-D4E7-4762-BA02-C4A1297F6957}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AEA5BD07-D4E7-4762-BA02-C4A1297F6957}\InprocServer32]
@="C:\\WINDOWS\\system32\\iJspolcy.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{37D97827-3A70-4443-9FA9-7DC465DAC433}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{37D97827-3A70-4443-9FA9-7DC465DAC433}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{37D97827-3A70-4443-9FA9-7DC465DAC433}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{37D97827-3A70-4443-9FA9-7DC465DAC433}\InprocServer32]
@="C:\\WINDOWS\\system32\\mflbui.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6F4FE5E0-1D5F-4BBC-B891-8D1247109A57}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6F4FE5E0-1D5F-4BBC-B891-8D1247109A57}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6F4FE5E0-1D5F-4BBC-B891-8D1247109A57}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6F4FE5E0-1D5F-4BBC-B891-8D1247109A57}\InprocServer32]
@="C:\\WINDOWS\\system32\\mrvcp50.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{39A0BEFD-3E3C-4B2B-9CE0-A425E1EEE6CB}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39A0BEFD-3E3C-4B2B-9CE0-A425E1EEE6CB}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39A0BEFD-3E3C-4B2B-9CE0-A425E1EEE6CB}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39A0BEFD-3E3C-4B2B-9CE0-A425E1EEE6CB}\InprocServer32]
@="C:\\WINDOWS\\system32\\cbedui.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{2B16D756-814C-4A5E-8191-4A1DBA2D24CF}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2B16D756-814C-4A5E-8191-4A1DBA2D24CF}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2B16D756-814C-4A5E-8191-4A1DBA2D24CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2B16D756-814C-4A5E-8191-4A1DBA2D24CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\krdhela2.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{4624100C-12DB-4817-B21E-2A886459B589}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4624100C-12DB-4817-B21E-2A886459B589}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4624100C-12DB-4817-B21E-2A886459B589}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{4624100C-12DB-4817-B21E-2A886459B589}\InprocServer32]
@="C:\\WINDOWS\\system32\\srpblb.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D81D72E4-A9DE-4A78-BEDE-0E1843223BC6}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D81D72E4-A9DE-4A78-BEDE-0E1843223BC6}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D81D72E4-A9DE-4A78-BEDE-0E1843223BC6}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D81D72E4-A9DE-4A78-BEDE-0E1843223BC6}\InprocServer32]
@="C:\\WINDOWS\\system32\\iHsnap.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{5C5AB9BD-7EA0-456F-8560-9E3E43BDEB48}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C5AB9BD-7EA0-456F-8560-9E3E43BDEB48}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C5AB9BD-7EA0-456F-8560-9E3E43BDEB48}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C5AB9BD-7EA0-456F-8560-9E3E43BDEB48}\InprocServer32]
@="C:\\WINDOWS\\system32\\nytmsg.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{5CE98299-C60D-429B-9098-4456E06F8678}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5CE98299-C60D-429B-9098-4456E06F8678}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5CE98299-C60D-429B-9098-4456E06F8678}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5CE98299-C60D-429B-9098-4456E06F8678}\InprocServer32]
@="C:\\WINDOWS\\system32\\ahtodisc.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D26A6DD1-8384-4F9B-8E47-84274DB93351}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D26A6DD1-8384-4F9B-8E47-84274DB93351}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D26A6DD1-8384-4F9B-8E47-84274DB93351}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D26A6DD1-8384-4F9B-8E47-84274DB93351}\InprocServer32]
@="C:\\WINDOWS\\system32\\SlrngAPI.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{DD40E61A-1DEA-4691-B476-15F355DF7C89}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DD40E61A-1DEA-4691-B476-15F355DF7C89}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DD40E61A-1DEA-4691-B476-15F355DF7C89}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{DD40E61A-1DEA-4691-B476-15F355DF7C89}\InprocServer32]
@="C:\\WINDOWS\\system32\\jkbexec.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{61083A5F-17B3-4A79-9F17-73CF8709A744}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{61083A5F-17B3-4A79-9F17-73CF8709A744}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{61083A5F-17B3-4A79-9F17-73CF8709A744}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{61083A5F-17B3-4A79-9F17-73CF8709A744}\InprocServer32]
@="C:\\WINDOWS\\system32\\pwrfdisk.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D729DF10-61D8-48D3-A3A1-C379A2931340}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D729DF10-61D8-48D3-A3A1-C379A2931340}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D729DF10-61D8-48D3-A3A1-C379A2931340}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D729DF10-61D8-48D3-A3A1-C379A2931340}\InprocServer32]
@="C:\\WINDOWS\\system32\\MLDTCLOG.DLL"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{39E822C0-1068-4C04-AECA-61460705C459}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39E822C0-1068-4C04-AECA-61460705C459}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39E822C0-1068-4C04-AECA-61460705C459}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{39E822C0-1068-4C04-AECA-61460705C459}\InprocServer32]
@="C:\\WINDOWS\\system32\\beackbox.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{5EBC8C1C-1D3C-4E13-865A-B7C1BF45A5FC}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5EBC8C1C-1D3C-4E13-865A-B7C1BF45A5FC}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5EBC8C1C-1D3C-4E13-865A-B7C1BF45A5FC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5EBC8C1C-1D3C-4E13-865A-B7C1BF45A5FC}\InprocServer32]
@="C:\\WINDOWS\\system32\\nqtman.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{AB60A7F0-41DE-4A16-9D28-FA3B8F0CA394}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB60A7F0-41DE-4A16-9D28-FA3B8F0CA394}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB60A7F0-41DE-4A16-9D28-FA3B8F0CA394}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{AB60A7F0-41DE-4A16-9D28-FA3B8F0CA394}\InprocServer32]
@="C:\\WINDOWS\\system32\\gkmf32.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{C30B25FD-9964-4AC7-AE69-A9696E3BA912}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C30B25FD-9964-4AC7-AE69-A9696E3BA912}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C30B25FD-9964-4AC7-AE69-A9696E3BA912}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C30B25FD-9964-4AC7-AE69-A9696E3BA912}\InprocServer32]
@="C:\\WINDOWS\\system32\\brtsprx3.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{F0BECD23-C34F-4A8F-B2E8-E624E4D6F289}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F0BECD23-C34F-4A8F-B2E8-E624E4D6F289}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F0BECD23-C34F-4A8F-B2E8-E624E4D6F289}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{F0BECD23-C34F-4A8F-B2E8-E624E4D6F289}\InprocServer32]
@="C:\\WINDOWS\\system32\\iBsnap.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{1B0E1BBA-BC16-47AD-80A9-F47D813CAA5F}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1B0E1BBA-BC16-47AD-80A9-F47D813CAA5F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1B0E1BBA-BC16-47AD-80A9-F47D813CAA5F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{1B0E1BBA-BC16-47AD-80A9-F47D813CAA5F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mqc71u.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{9C4BC277-405B-4C25-A30A-E1A448AE22AD}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9C4BC277-405B-4C25-A30A-E1A448AE22AD}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9C4BC277-405B-4C25-A30A-E1A448AE22AD}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{9C4BC277-405B-4C25-A30A-E1A448AE22AD}\InprocServer32]
@="C:\\WINDOWS\\system32\\cprpol.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{49FCDD11-AEC8-45FD-84DE-0EF8662C59D4}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{49FCDD11-AEC8-45FD-84DE-0EF8662C59D4}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{49FCDD11-AEC8-45FD-84DE-0EF8662C59D4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{49FCDD11-AEC8-45FD-84DE-0EF8662C59D4}\InprocServer32]
@="C:\\WINDOWS\\system32\\rXstls.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{29AE4B28-5F2D-4F45-803C-714E05C13039}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{29AE4B28-5F2D-4F45-803C-714E05C13039}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{29AE4B28-5F2D-4F45-803C-714E05C13039}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{29AE4B28-5F2D-4F45-803C-714E05C13039}\InprocServer32]
@="C:\\WINDOWS\\system32\\nhtcfgx.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{5C93EEA9-F019-4F6D-80CA-F8A9AB4D3811}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C93EEA9-F019-4F6D-80CA-F8A9AB4D3811}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C93EEA9-F019-4F6D-80CA-F8A9AB4D3811}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{5C93EEA9-F019-4F6D-80CA-F8A9AB4D3811}\InprocServer32]
@="C:\\WINDOWS\\system32\\GPTUNAME.DLL"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{A5A4F21A-9A34-40AD-8B09-962FA28F21E7}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A5A4F21A-9A34-40AD-8B09-962FA28F21E7}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A5A4F21A-9A34-40AD-8B09-962FA28F21E7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{A5A4F21A-9A34-40AD-8B09-962FA28F21E7}\InprocServer32]
@="C:\\WINDOWS\\system32\\bvowser.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{830B6C00-C751-42B7-BB94-0C5AFCA4134B}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{830B6C00-C751-42B7-BB94-0C5AFCA4134B}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{830B6C00-C751-42B7-BB94-0C5AFCA4134B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{830B6C00-C751-42B7-BB94-0C5AFCA4134B}\InprocServer32]
@="C:\\WINDOWS\\system32\\rsgapi.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{63A2E9D0-67CA-4744-8828-A60F2F4C8880}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63A2E9D0-67CA-4744-8828-A60F2F4C8880}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63A2E9D0-67CA-4744-8828-A60F2F4C8880}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{63A2E9D0-67CA-4744-8828-A60F2F4C8880}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{B09C5786-2360-4881-BD82-D17BE70D56F1}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B09C5786-2360-4881-BD82-D17BE70D56F1}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B09C5786-2360-4881-BD82-D17BE70D56F1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B09C5786-2360-4881-BD82-D17BE70D56F1}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6A29527B-B7EA-40C3-956D-3077FF382C7F}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6A29527B-B7EA-40C3-956D-3077FF382C7F}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6A29527B-B7EA-40C3-956D-3077FF382C7F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6A29527B-B7EA-40C3-956D-3077FF382C7F}\InprocServer32]
@="C:\\WINDOWS\\system32\\qngr.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{EAB766AA-6F77-422C-B547-A15240A4DC57}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EAB766AA-6F77-422C-B547-A15240A4DC57}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EAB766AA-6F77-422C-B547-A15240A4DC57}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{EAB766AA-6F77-422C-B547-A15240A4DC57}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
ahlui.dll Thu 16 Feb 2006 23:20:24 ..S.R 234 403 228,91 K
eb82l1~1.dll Thu 16 Feb 2006 20:08:16 ..S.R 237 001 231,45 K
eccapi.dll Thu 16 Feb 2006 23:02:08 ..S.R 236 237 230,70 K
en82l1~1.dll Fri 10 Feb 2006 2:18:16 ..S.R 234 548 229,05 K
enjml1~1.dll Thu 16 Feb 2006 20:25:20 ..S.R 233 893 228,41 K
fsifs.dll Thu 16 Feb 2006 22:29:44 ..S.R 234 137 228,65 K
hr2405~1.dll Fri 17 Feb 2006 16:07:46 ..S.R 235 723 230,20 K
hrnu05~1.dll Fri 17 Feb 2006 17:43:34 ..S.R 236 678 231,13 K
lt2027~1.dll Fri 17 Feb 2006 18:23:18 ..S.R 234 261 228,77 K
qngr.dll Fri 17 Feb 2006 18:23:18 ..S.R 235 723 230,20 K
syi_ci.dll Thu 16 Feb 2006 23:06:14 ..S.R 233 963 228,48 K
xcomm.dll Fri 10 Feb 2006 1:12:06 A.... 77 824 76,00 K

12 items found: 12 files (11 H/S), 0 directories.
Total of file sizes: 2 664 391 bytes 2,54 M
Locate .tmp files:

No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D8E1-FBA6

R‚pertoire de C:\WINDOWS\System32

17/02/2006 18:23 235ÿ723 qngr.dll
17/02/2006 18:23 234ÿ261 lt2027fmg.dll
17/02/2006 17:43 236ÿ678 hrnu0559e.dll
17/02/2006 16:07 235ÿ723 hr2405fqe.dll
16/02/2006 23:20 234ÿ403 ahlui.dll
16/02/2006 23:06 233ÿ963 syi_ci.dll
16/02/2006 23:02 236ÿ237 eccapi.dll
16/02/2006 22:29 234ÿ137 fsifs.dll
16/02/2006 20:25 233ÿ893 enjml1111.dll
16/02/2006 20:08 237ÿ001 eb82l1lo1.dll
10/02/2006 02:18 234ÿ548 en82l1lo1.dll
21/11/2005 19:00 <REP> DLLCACHE
01/11/2004 13:26 56 8E0FD140AC.sys
01/11/2004 13:26 1ÿ890 KGyGaAvL.sys
17/10/2004 16:24 <REP> Microsoft
13 fichier(s) 2ÿ588ÿ513 octets
2 R‚p(s) 28ÿ805ÿ218ÿ304 octets libres

| Alerter

Répondre à prisa

prisa

17 Février 2006 18:28:59

rapport hijack:

Logfile of HijackThis v1.99.1
Scan saved at 19:27:52, on 17/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\WINDOWS\blank.mht
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - http://www.checkspy.com/fr/FlowScan.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\hr2405fqe.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

| Alerter

Répondre à prisa

prisa

18 Février 2006 12:52:04

Salut,

Merci pour ton aide, je n'ai plus de pop-up ni aucun autre problème, l2mfix est très efficace!
Par contre lors du scan de Spybot, tout est clean sauf que le message "error during check mailbot(datei C:/windows/win.ini kann nicht geoffnet werden.Le processus ne peut accéder au fichier car ce fichier est utilisé par un autre processus)"
Est-ce que c'est quelques chose d'important??

Merci par avance

| Alerter

Répondre à prisa

Angeldark

18 Février 2006 14:24:08

Suis ces etapes et on verra ;-)

Fais des scans en mode sans echec avec Ewido; Ad Aware
(n'oubli pas de les mettre a jour)

Colle le rapport Ewido ici

Lance un nettoyage Ccleaner
. Telecharge le
. Fais une Analyse
. Lance un nettoyage

Fais un scan en ligne (avec Internet Explorer):
Panda (si tu as Avast! desactive le pour eviter les conflits)
Colle le rapport ici

| Alerter

Répondre à Angeldark

Angeldark

18 Février 2006 14:25:31

et aussi telecharge Firefox 1.5, utilise le comme navigateur par defaut.

| Alerter

Répondre à Angeldark

prisa

18 Février 2006 16:04:05

rapport ewido:

---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 16:59:28, 18/02/2006
+ Somme de contrôle: 3F3CAB27

+ Résultats du scan:

HKU\.DEFAULT\Software\Effective-i -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
HKU\.DEFAULT\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
HKU\.DEFAULT\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
HKU\S-1-5-18\Software\Effective-i -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
HKU\S-1-5-18\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
HKU\S-1-5-18\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Cookies\system@60.topnssearch[1].txt -> TrackingCookie.Topnssearch : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Cookies\system@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@60.topnssearch[2].txt -> TrackingCookie.Topnssearch : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@epilot[1].txt -> TrackingCookie.Epilot : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@h.starware[1].txt -> TrackingCookie.Starware : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@paypopup[2].txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Cookies\pauline@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Local Settings\Temp\Cookies\pauline@h.starware[1].txt -> TrackingCookie.Starware : Nettoyer et sauvegarder
C:\Documents and Settings\pauline\Local Settings\Temp\temp.fr1CA4 -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/ahlui.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/eb82l1lo1.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/eccapi.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/en82l1lo1.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/enjml1111.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/fsifs.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/hr2405fqe.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/hrnu0559e.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/lt2027fmg.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/qngr.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\backup.zip/dlls/syi_ci.dll -> Adware.Look2Me : Erreur durant le nettoyage
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\ahlui.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\eb82l1lo1.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\eccapi.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\en82l1lo1.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\enjml1111.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\fsifs.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\hr2405fqe.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\hrnu0559e.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\lt2027fmg.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\qngr.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-1099147179-860262458-3194846383-1005\Dc2\dlls\syi_ci.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004631.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004640.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004642.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004650.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004652.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004677.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP10\A0004685.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP11\A0004695.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP11\A0004703.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP11\A0004710.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004721.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004730.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004737.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004744.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004753.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004762.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004769.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004776.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004788.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004796.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP12\A0004810.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004821.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004827.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004832.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004841.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004851.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004858.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004866.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004873.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004879.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP13\A0004900.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004915.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004924.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004936.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004955.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004961.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004967.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004973.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004979.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004985.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004991.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0004999.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP14\A0005011.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005048.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005049.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005050.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005051.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005052.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005053.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005054.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005055.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005056.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005057.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005058.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005059.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005060.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005061.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005062.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005063.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005064.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005065.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005066.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005067.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005068.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005069.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005070.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005071.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005072.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005073.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005074.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005075.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005076.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005077.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005079.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005080.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005081.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005082.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005083.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005084.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005085.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005086.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005087.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005088.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005089.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005090.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005091.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005092.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005093.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005094.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP15\A0005095.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005097.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005098.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005099.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005100.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005101.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005102.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005103.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005104.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005105.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005106.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005107.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005108.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005109.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP16\A0005110.exe -> Downloader.Tibs.aw : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP17\A0005121.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP17\A0005133.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006345.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006363.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006395.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006401.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006407.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006419.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP18\A0006464.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006574.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006633.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006638.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006644.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006645.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006646.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006647.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006648.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006649.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006650.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006651.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006652.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006653.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP19\A0006654.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP2\A0000138.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP2\A0001222.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP21\A0006661.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006896.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006903.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006908.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006919.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006927.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006934.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006947.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP22\A0006952.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006956.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006961.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006966.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006971.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006974.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006981.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006984.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0006989.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007002.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007009.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007012.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007017.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007032.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP23\A0007037.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007061.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007068.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007070.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007075.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007078.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP27\A0007090.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP28\A0007101.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP28\A0007110.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007152.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007186.exe -> Downloader.Tibs.aw : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007189.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007195.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007202.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007225.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007237.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP30\A0007242.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007366.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007371.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007374.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007381.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007388.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007426.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007435.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007436.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007442.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007447.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007457.exe -> Adware.AdURL : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007458.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007459.exe -> Adware.NewDotNet : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007461.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP32\A0007466.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007478.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007484.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007485.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007486.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007487.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007488.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007489.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007490.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007491.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP33\A0007492.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001263.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001294.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001309.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001322.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001328.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001330.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001335.DLL -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001338.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001358.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001364.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001370.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001381.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001388.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP5\A0001395.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP6\A0001406.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0002446.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0002456.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0002503.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0002512.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0003517.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0003523.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0004527.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0004552.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP8\A0004579.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP9\A0004594.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP9\A0004596.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP9\A0004608.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\System Volume Information\_restore{70A3E616-66D7-4803-AA41-29F0EE01E7E7}\RP9\A0004617.dll -> Adware.Look2Me : Nettoyer et sauvegarder
C:\WINDOWS\SYSTEM32\DRIVERS\df_kmd.sys -> Rootkit.Agent.af : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Cookies\pauline@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Cookies\pauline@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\WINDOWS\Temp\Cookies\pauline@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder

::Fin du rapport

| Alerter

Répondre à prisa

Angeldark

18 Février 2006 16:06:38

Passe un coup de Ccleaner.

Desactive puis reactive la restauration Systeme

| Alerter

Répondre à Angeldark

bob_

18 Février 2006 16:11:52

Salut,

Beaucoup de ligne d'Ewido proviennent de ta corbeille donc fait sa :

1/ Télécharge et installe CCleaner

http://www.clubic.com/telecharger-fiche14492-ccleaner-c...

2/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage

3/ Reposte un log HijackThis.

| Alerter

Répondre à bob_

prisa

18 Février 2006 16:26:48

Je viens de passer ccleaner, ci-joint log hijack:

Logfile of HijackThis v1.99.1
Scan saved at 17:25:03, on 18/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\WINDOWS\blank.mht
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8EC69950-F299-40AC-A004-3BF5176F8F7B} (FlowScan Control) - http://www.checkspy.com/fr/FlowScan.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\hr2405fqe.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

| Alerter

Répondre à prisa

Angeldark

18 Février 2006 16:41:25

Log clean juste des lignes inutiles

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\WINDOWS\blank.mht
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\hr2405fqe.dll (file missing)

| Alerter

Répondre à Angeldark

prisa

18 Février 2006 17:42:39

rapport panda activ scan:
le scan a révélé 1 logiciel pirate et plusieurs logiciels espion
Spybot n'arrive pas à enlever Delfin project, windows active desktop et newdotnet

Incident Statut Analyse Adware:adware/azesearch No Désinfecté C:\Documents and Settings\pauline\Favoris\SPORTS\Auto racing.url
Adware:adware/dollarrevenue No Désinfecté C:\WINDOWS\timessquare1.dat
Spyware:spyware/altnet No Désinfecté Registre Windows
Outil indésirable:application/myway No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\pauline\Cookies\pauline@bluestreak[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\pauline\Cookies\pauline@xiti[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\LocalService\Cookies\system@xiti[1].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\pauline\Cookies\pauline@bluestreak[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\pauline\Cookies\pauline@xiti[1].txt
Adware:Adware/P2PNetworking No Désinfecté C:\Program Files\Microsoft AntiSpyware\Quarantine\6F53520A-F409-404B-9E89-E9685B\233669A9-6FD0-4E33-AEA3-7B8ABD
Adware:Adware/P2PNetworking No Désinfecté C:\Program Files\Microsoft AntiSpyware\Quarantine\6F53520A-F409-404B-9E89-E9685B\D3D06C35-942C-48C2-A4C3-AF019E
Adware:Adware/P2PNetworking No Désinfecté C:\Program Files\Microsoft AntiSpyware\Quarantine\A18E987E-B6A3-4511-B25F-A8F8E7\44285790-5947-43BC-92E1-8D971D
Adware:Adware/P2PNetworking No Désinfecté C:\Program Files\Microsoft AntiSpyware\Quarantine\A18E987E-B6A3-4511-B25F-A8F8E7\CA27B262-5E9A-4E92-92A7-71A554
Spyware:Cookie/DelfinMedia No Désinfecté C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Cookies\system@delfinproject[2].txt

| Alerter

Répondre à prisa

Naheulbeuk@IDN

18 Février 2006 21:10:16

bonsoir !
vide la quarantaine de Microsoft AntiSpyware !

supprime les fichiers en gras :
C:\Documents and Settings\pauline\Favoris\SPORTS\Auto racing.url
C:\WINDOWS\timessquare1.dat
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC}<--- dans démarrer->executer->tape regedit pour la supprimer

vide ta corbeille et redémarre ton ordi

repost un nouveau rapport panda ! comment se porte ta bécane ? :-P

| Alerter

Répondre à Naheulbeuk@IDN

Tom's guide dans le monde