Bonjour, J' ai de sérieux problèmes dont je n' arrive pas à me débarrasser: Un scan en ligne m' a permis de découvrir pas moins de 746 menaces sur mon pc: spywares, virus, rootkits,trojan ,la totale!...Impossible de m' en débarrasser à moins de payer 50 euros pour un nouvel antivirus en ligne... La menace est pourtant réelle: -impossible de mettre mon antivirus d' origine à jour, leurs services ne répondent pas selon un message d' erreur. Je les ai contacté par mail, j' attends... -Windows Update m' envoie le message d' erreur suivant: "WindowsUpdate_80244019" "WindowsUpdate_dt000". Impossible de savoir à quoi cela correspond:" le lien semble corrompu",quand je cherche sur le net -Mon compte MySpace est piraté, d' après mes tous mes navigateurs web... -Internet Explorer m' envoie des pubs à intervalles réguliers, sans que je l' ai ouvert. J' en oublie surement...Comment faire sans tout formater/réinstaller? Toute aide sera vivement appréciée.

je te donne du boulot pour ce soir lol , je repasse te voir demain :) Rassure toi on a passé le stade du formatage, y'en aura pas :) par contre y'a encore du boulot pour virer tout ca, on va utiliser plusieurs logiciels, ne sois pas surpris : suis bien tout ca et dans l'ordre : 1 Télécharge SmitfraudFix (de S!Ri) : Enregistre-le sur le Bureau clic droit en tant qu'administrateur sur SmitfraudFix.exe et choisis l'option 5 puis Entrée Un rapport sera généré, poste-le dans ta prochaine réponse stp. Tutoriel illustré 2 Relance le programme Smitfraud, Cette fois choisit l’option 1, répond oui a tous ; Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum 3 Télécharge Toolbar-S&D (Team IDN) sur ton Bureau. * Lance l'installation du programme en exécutant le fichier téléchargé. sous vista : clic doit en tant qu'administrateur *maintenant sur le raccourci de Toolbar-S&D. * Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée. * Tape sur "2" puis valide en appuyant sur "Entrée". ! Ne ferme pas la fenêtre lors de la suppression ! Un rapport sera généré, poste son contenu ici. NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches. Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..." Tape explorer puis valide. Ce qu'il faut savoir sur les toolbars (barres d'outils) 4 * Telecharge et installe UsbFix de C_XX , Chiquitine29 & Chimay8 http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe * Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir * Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur" . * Choisi l'option 1 ( Recherche ) * Laisse travailler l'outil. * Ensuite post le rapport UsbFix.txt qui apparaîtra. * Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt ) ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) * Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. euhhh je te donnerai la suite apres tout ca, lol^^ bonne soiree enfin bon courage ps, quand tu dis tu navigues peu , en terme de comportement a risque, j'entendais aussi par la le p2p^^

Ultra Surinfecté !!!

Réponse 41 / 69

tribalkore Messages postés 3 Date d'inscription dimanche 21 juin 2009 Statut Membre Dernière intervention 21 juin 2009
21 juin 2009 à 14:46

Gars cherche pas plus loin Reformate total ton DD Et reinstalle tout Enleve LIMEWIRE aussi c'est bourré de virus !!! Bon courage

Réponse 42 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 16:03

Voilà le second rapport, après suppression:

Malwarebytes' Anti-Malware 1.38
Version de la base de données: 2318
Windows 6.0.6002 Service Pack 2

21/06/2009 15:53:08
mbam-log-2009-06-21 (15-53-08).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|)
Eléments examinés: 363359
Temps écoulé: 1 hour(s), 11 minute(s), 55 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{6226ba26-c017-4007-928c-de9715c6fa67} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d97fc677-694d-4a75-ac89-a5b85c2bcfed} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6226ba26-c017-4007-928c-de9715c6fa67} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d97fc677-694d-4a75-ac89-a5b85c2bcfed} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\runit (Adware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\runit (Adware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QuickTiming (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickTiming (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6226ba26-c017-4007-928c-de9715c6fa67} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{6226ba26-c017-4007-928c-de9715c6fa67} (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\DivoCodec (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\PERSO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickTiming (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\QuickTiming (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\WinBlueSoft Software (Rogue.WinBlue) -> Quarantined and deleted successfully.
c:\program files\winbluesoft software\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\quicktiming\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\ietoolbar\bullseye tool bar\tbhelper.dll.vir (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\ietoolbar\bullseye tool bar\tbu01973\tbhelper.dll.vir (Adware.BullseyeToolbar) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files\runit\runit_32.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\calvi3568.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\cvmq56434.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\ffeg7057.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\hfqcn57815.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\jtfr68026.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\lmln1271.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\polus5121.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\pxwis3245.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\uaax7573.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\PERSO\AppData\Roaming\microsoft\Windows\start menu\Programs\quicktiming\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Windows\kdiue732.txt (Malware.Trace) -> Quarantined and deleted successfully.

Impressionnant ! Je crois que j' avais raison de vous faire confiance! :) :) :)

Réponse 43 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 20:07

-- Changelog ToolBar S&D --

==================================
Upd: December 21, 2008 ( v 1.2.8 )
==================================

"%ProgramFiles%\Mozilla Firefox\searchplugins\crawlersrch.xml"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-

Folder : Smart-Shopper

==================================
Upd: December 19, 2008 ( v 1.2.7 )
==================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dealio Toolbar 3.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Settings]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiweeHook"=-

# [Service] ASKService
# [Service] ASKUpgrade

Folder : Kiwee Toolbar

==================================
Upd: December 4, 2008 ( v 1.2.6 )
==================================

"%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll"
"%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]

==================================
Upd: November 20, 2008 ( v 1.2.5 )
==================================

"%Windir%\Downloaded Program Files\ZangoInstaller.dll"

Folder : M3Development_WhenUSave_Installer

[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller]
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller.1]

[-HKEY_CLASSES_ROOT\TypeLib\{ff0312e0-f60c-4109-94b8-0a564a58e43b}]

[-HKEY_CLASSES_ROOT\Interface\{a077a462-0b6c-43bd-af09-5e55a0cc902c}]

[-HKEY_CLASSES_ROOT\CLSID\{99410cde-6f16-42ce-9d49-3807f78f0287}]
[-HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\Accoona Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b5146c40-189a-4311-bda9-fbae3e023187}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
"{b5146c40-189a-4311-bda9-fbae3e023187}"=-

==================================
Upd: October 27, 2008 ( v 1.2.4 )
==================================

# Other infection

==================================
Upd: October 23, 2008 ( v 1.2.3 )
==================================

# Other infection

==================================
Upd: October 4, 2008 ( v 1.2.2 )
==================================

Folder : alot
Folder : baidu
Folder : Starware381

"%ProgramFiles%\Mozilla Firefox\plugins\NPAskSBr.dll"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware381]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]

[-HKEY_CLASSES_ROOT\Interface\{92b82580-b1d5-4528-8b42-35526141a4d0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIE"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}"=-

[-HKEY_CURRENT_USER\SOFTWARE\starware381]
[-HKEY_CURRENT_USER\SOFTWARE\starware354]

===================================
Upd: September 24, 2008 ( v 1.2.1 )
===================================

"%Windir%\system32\iiyrelekeynmmfbh.dll"

Folder : AskBarDis
Folder : 2ACA5CC3-0F83-453D-A079-1076FE1A8B65

[-HKEY_CLASSES_ROOT\coresrv.coreservices]
[-HKEY_CLASSES_ROOT\coresrv.coreservices.1]
[-HKEY_CLASSES_ROOT\coresrv.lfgax]
[-HKEY_CLASSES_ROOT\coresrv.lfgax.1]
[-HKEY_CLASSES_ROOT\hbmain.commband]
[-HKEY_CLASSES_ROOT\hbr.hbmain.1]
[-HKEY_CLASSES_ROOT\hostol.mailanim]
[-HKEY_CLASSES_ROOT\hostol.mailanim.1]
[-HKEY_CLASSES_ROOT\hostol.webmailsend]
[-HKEY_CLASSES_ROOT\hostol.webmailsend.1]
[-HKEY_CLASSES_ROOT\instie.hbinstobj]
[-HKEY_CLASSES_ROOT\instie.hbinstobj.1]
[-HKEY_CLASSES_ROOT\srv.coreservices]
[-HKEY_CLASSES_ROOT\srv.coreservices.1]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl.1]
[-HKEY_CLASSES_ROOT\zango.desktopflash]
[-HKEY_CLASSES_ROOT\zango.desktopflash.1]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector.1]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles.1]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
[-HKEY_CLASSES_ROOT\asapcom.asapclass]
[-HKEY_CLASSES_ROOT\asapcom.asapclass.1]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmain]
[-HKEY_CLASSES_ROOT\asapcom.asapmain.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage.1]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients.1]
[-HKEY_CLASSES_ROOT\xml.xml]
[-HKEY_CLASSES_ROOT\xml.xml.1]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch.1]

[-HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b}]
[-HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9}]
[-HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184}]
[-HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e}]
[-HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8}]
[-HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d}]
[-HKEY_CLASSES_ROOT\CLSID\{f80c1d93-0d22-436e-963e-9d3156997a4e}]
[-HKEY_CLASSES_ROOT\CLSID\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d}]
[-HKEY_CLASSES_ROOT\CLSID\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf}]
[-HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7}]
[-HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54}]
[-HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67}]
[-HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e}]
[-HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959}]
[-HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e}]
[-HKEY_CLASSES_ROOT\CLSID\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e}]
[-HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387}]
[-HKEY_CLASSES_ROOT\CLSID\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_CLASSES_ROOT\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554}]
[-HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603}]
[-HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5}]

[-HKEY_CLASSES_ROOT\TypeLib\{ad71e48f-6f47-4b63-9312-fae879541c4d}]
[-HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189}]
[-HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6}]
[-HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb}]
[-HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc}]
[-HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad}]
[-HKEY_CLASSES_ROOT\Typelib\{dd1cb2d7-161d-4b84-ae5c-08d3faed894f}]
[-HKEY_CLASSES_ROOT\TypeLib\{9720de03-5820-4059-b4a4-639d5e52bd09}]
[-HKEY_CLASSES_ROOT\Typelib\{45397063-d7d0-47c2-9508-26487608a298}]
[-HKEY_CLASSES_ROOT\Typelib\{71e9cf40-af72-4b55-bd3f-1fea2a0eaea6}]
[-HKEY_CLASSES_ROOT\Typelib\{b9f51d42-cca0-4408-bb02-d433d1865a3a}]
[-HKEY_CLASSES_ROOT\Typelib\{f8ee014f-b34c-4544-8e45-95a7971d323b}]
[-HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb}]

[-HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10}]
[-HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771}]
[-HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce}]
[-HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd}]
[-HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091}]
[-HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13}]
[-HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806}]
[-HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392}]
[-HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19}]
[-HKEY_CLASSES_ROOT\Interface\{1985fce1-4043-4346-ae70-d0a0cd90bdd3}]
[-HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0}]
[-HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a}]
[-HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f}]
[-HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b}]
[-HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f}]
[-HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791}]
[-HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f}]
[-HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c}]
[-HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e}]
[-HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1}]
[-HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9}]
[-HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619}]
[-HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299}]
[-HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3}]
[-HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689}]
[-HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627}]
[-HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99}]
[-HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8}]
[-HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9}]
[-HKEY_CLASSES_ROOT\Interface\{397a208b-3d09-4b3e-93e8-ca171886612e}]
[-HKEY_CLASSES_ROOT\Interface\{421745e9-16df-4ee4-a758-d51f939c49cb}]
[-HKEY_CLASSES_ROOT\Interface\{4331ec56-0aab-499e-8757-dd2ee44ad671}]
[-HKEY_CLASSES_ROOT\Interface\{54286c3a-e044-4e65-bd44-528d6ae28a18}]
[-HKEY_CLASSES_ROOT\Interface\{5f2b9de7-f878-4762-8cfe-e9c58f082f0e}]
[-HKEY_CLASSES_ROOT\Interface\{8654592e-952a-4e7c-a960-304763b35fa6}]
[-HKEY_CLASSES_ROOT\Interface\{8e98faf8-794f-47f9-af90-15305564ed81}]
[-HKEY_CLASSES_ROOT\Interface\{bc8c2e5f-d8b4-4997-bce3-8775c3707956}]
[-HKEY_CLASSES_ROOT\Interface\{d082721f-4bd4-4b8b-bb82-06753ee6174f}]
[-HKEY_CLASSES_ROOT\Interface\{d24f9d3c-5d4c-47f8-9ab7-632b44ad6a0d}]
[-HKEY_CLASSES_ROOT\Interface\{f43ec88b-b6c8-4969-a763-e2bf55602cce}]
[-HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb}]
[-HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181}]
[-HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e}]
[-HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9}]
[-HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e}]

[-HKEY_CLASSES_ROOT\AppID\{dbf00e12-281c-4dc8-a7ec-1ff45182439b}]
[-HKEY_CLASSES_ROOT\AppID\ZangoSA_df.exe]
[-HKEY_CLASSES_ROOT\AppID\{0507fdde-f3b7-49f5-9e8f-c557e991f39b}]
[-HKEY_CLASSES_ROOT\AppID\WeatherOnTray.EXE]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{014da6cb-189f-421a-88cd-07cfe51cff10}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9]

[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]

[-HKEY_CURRENT_USER\SOFTWARE\zangosa]

[-HKEY_LOCAL_MACHINE\SOFTWARE\zango]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{6cfbd76d-7a06-26a5-076f-24c6af0b5257}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{944864a5-3916-46e2-96a9-a2e84f3f1208}"=-

===================================
Upd: September 14, 2008 ( v 1.2.0 )
===================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWay Search Assistant]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}]

[-HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75}]

===================================
Upd: September 13, 2008 ( v 1.1.9 )
===================================

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"=-

===================================
Upd: September 7, 2008 ( v 1.1.8 )
===================================

Folder : Multi_Media
Folder : Multi_Media_France
Folder : MultiMedia France Toolbar

Firefox Extension : {7009fcd4-05be-44f4-9583-93fe419ab7b0}

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar]

===================================
Upd: September 4, 2008 ( v 1.1.7 )
===================================

"%Windir%\system32\nslFC.dll"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{914f1f82-eab1-874f-1284-6a9136e6d163}]

===================================
Upd: August 30, 2008 ( v 1.1.6 )
===================================

"%Windir%\System32\dmubsi.dll"
"%Windir%\System32\dspvfx.dll"

"%Temp%\ns*.tmp"
"%Temp%\whenu.ini"
"%Temp%\banner.bmp"
"%Temp%\VVSNInst.exe"
"%Temp%\730.WUT\whenu.inf"
"%Temp%\730.WUT\vvsn.cab"
"%Temp%\WUS3E.bat"

"%ProgramFiles%\Torrent Search"
"%ProgramFiles%\Torrent-Search"

"%Programs%\Torrent Search"

"%Desktop%\Torrent Search.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0c7b854-d5ce-4db6-9804-be1438603d89}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24D0D7D2-1D72-4ADA-82DE-AE07910CA084}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D1F87E7-4D72-41AB-9D57-D101A08F20E5}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DAC4A72-BA26-4329-B66E-8D973035B524}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9D5EA38-F5A0-456B-B05B-DFF81FBFEF0F}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{678DB4CC-A041-4565-B49B-3F5ADE9558E3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{78E4BE47-F8C7-405E-87A6-84F4ABAB32EC}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dmubsw.clsdll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt.1]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Torrent Search]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Rasmpc]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torrent Search]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-

Folder : AskBarFr

================================
Maj/Upd : 26/08/2008 ( v 1.1.5 )
================================

Folder : Platrium
Folder : PlatriumSA

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B12ACA14-C7FB-44FE-883B-6121FD02BAD3}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Platrium]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D53E4ACF-EDF5-4071-903B-F84B64FC1EA2}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlatriumWeather"=-
"PlatriumSA"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Platrium]

[-HKEY_CLASSES_ROOT\clsid\{d53e4acf-edf5-4071-903b-f84b64fc1ea2}]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock.1]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]

================================
Maj/Upd : 24/08/2008 ( v 1.1.4 )
================================

Folder : AskPBar

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F4D76F09-7896-458a-890F-E1F05C46069F}"=-

================================
Maj/Upd : 22/08/2008 ( v 1.1.3 )
================================

Folder : Burn4Free
Folder : Burn4Free CD and DVD

"%Windir%\Burn4Free_Toolbar_Uninstaller_????.exe"
"%Windir%\Prefetch\BURN4FREE_SETUP.EXE*.pf"
"%Windir%\Prefetch\BURN4FREE.EXE*.pf"
"%Windir%\System32\b4fm.dll"
"%Common Desktop%\Burn4Free.lnk"
"%Desktop%\burn4free_setup.exe"
"%Appdata%\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.b4f]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\b4fm.SxContextMenu1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Burn4Free project]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search settings 1.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Burn4Free]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-

[-HKEY_CURRENT_USER\Software\Burn4Free]

[-HKEY_CLASSES_ROOT\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_CLASSES_ROOT\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_CLASSES_ROOT\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_CLASSES_ROOT\Burn4Free project]
[-HKEY_CLASSES_ROOT\b4fm.SxContextMenu1]
[-HKEY_CLASSES_ROOT\.b4f]

Processus - Burn4Free.exe

================================
Maj/Upd : 21/08/2008 ( v 1.1.2 )
================================

Folder : DAEMON Tools Toolbar
Folder : Bit Lord 1.1
Folder : BitLord
Folder : VVSN

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BitLord.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bittorrent]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BitLordUnfinishedFile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bc!]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitLord]
[-HKEY_CURRENT_USER\Software\BitLord]

[-HKEY_CLASSES_ROOT\bittorrent]
[-HKEY_CLASSES_ROOT\BitLordUnfinishedFile]
[-HKEY_CLASSES_ROOT\.bc!]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VVSN"=-

Processus - BitLord.exe
Processus - vvsn.exe

================================
Maj/Upd : 20/08/2008 ( v 1.1.1 )
================================

Reset values :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Window Title"=""

================================
Maj/Upd : 19/08/2008 ( v 1.1.0 )
================================

# [Service] MyWebSearchService

Folder : Accoona
Folder : ActiveShopper
Folder : ADS Plugins
Folder : Adssite Advanced Toolbar
Folder : Adssite Games Collection
Folder : Adult-Links
Folder : AdvancedTool
Folder : AltNet
Folder : AntivirusGold
Folder : AskSBar
Folder : AskTBar
Folder : Browser Accelerator
Folder : Browser Optimizer Dcads
Folder : Browser Optimizer Superiorads
Folder : BrowsingAdvisor
Folder : BrowsingEnhancer
Folder : BrowsingProgram
Folder : BrowsingSoftware
Folder : BrowsingTool
Folder : Burn4Free Toolbar
Folder : ContextAdvisor
Folder : ContextEnhancer
Folder : ContextProgram
Folder : ContextTool
Folder : Crawler
Folder : Dcads Advanced Toolbar
Folder : Dcads Games Collection
Folder : Dealio
Folder : DR_S
Folder : dynamic toolbar
Folder : ErrorsTool
Folder : EZshopper
Folder : FastFinder
Folder : FBrowserAdvisor
Folder : FBrowsingAdvisor
Folder : FFTOOLBAR ToolBar
Folder : Flyordie_games
Folder : FunWebProducts
Folder : Fun Web Products
Folder : GamesBar
Folder : Gossiper
Folder : Hbtools
Folder : HbTools_Icons
Folder : Hotbar
Folder : HotbarSA
Folder : INSTAFIN
Folder : INSTAFINK
Folder : Instant Buzz
Folder : IntelligentAdvisor
Folder : InternetProgram
Folder : InternetSoftware
Folder : ISTbar
Folder : IstSvc
Folder : KaZaA
Folder : Kugoo
Folder : live-online-tv
Folder : Mirar
Folder : Morpheus Toolbar
Folder : My Downloaded Games
Folder : MyGlobalSearch
Folder : MyQuickSearch
Folder : MySearch
Folder : MyToolbar
Folder : MyTotalSearch
Folder : Myway
Folder : MyWaySA
Folder : MyWaySearch
Folder : MyWebSearch
Folder : MyWebSearchWB
Folder : PlayMP3z
Folder : NavExcel
Folder : NavExcel Search Toolbar
Folder : NavigationAdvisor
Folder : NavigationEnhancer
Folder : NavigationProgram
Folder : NavigationTool
Folder : Need2Find
Folder : Online_TV_toolbar
Folder : PageRevisor
Folder : PCHealthCenter
Folder : Piolet
Folder : Piolet Toolbar
Folder : Push toolbar
Folder : P2P_Energy
Folder : P2P Networking
Folder : P2P_Torrent
Folder : Rax Search
Folder : RXToolbar
Folder : Sbar Toolbar
Folder : SearchEssistant
Folder : searchessistant toolbar
Folder : SearchSettings
Folder : Search Settings
Folder : Seekmo
Folder : Seekmo Programs
Folder : seekmo search assistant
Folder : ShopNav
Folder : Shopper Report
Folder : ShopperReports
Folder : ShoppingReport
Folder : SideFind
Folder : SLMSS
Folder : Slotchbar
Folder : SmartShopper
Folder : Snrg
Folder : SpamBlockerUtility
Folder : Starware
Folder : Starware305
Folder : Starware316
Folder : Starware343
Folder : Starware347
Folder : Starware354
Folder : Starware370
Folder : Starware390
Folder : StatsTool
Folder : SurfAccuracy
Folder : ToolBar888
Folder : TrustIn Bar
Folder : Try2Find
Folder : UCmore
Folder : VMNToolbar
Folder : VSAdd-in
Folder : VS Toolbar
Folder : WeatherDPA
Folder : WeatherStudio
Folder : WhenU
Folder : WinAble
Folder : Wssclient
Folder : XXXToolbar
Folder : YourSiteBar
Folder : Zango
Folder : 2020Search
Folder : 7Search
Folder : 8848

"%Systemdrive%\dfndr.exe"
"%Systemdrive%\dfndrff_7.exe"
"%Systemdrive%\kybrd.exe"
"%Systemdrive%\kybrdff_7.exe"
"%Systemdrive%\nwnm.exe"

"%Windir%\adrsb.exe"
"%Windir%\autolfn.exe"
"%Windir%\azentretien.dll"
"%Windir%\CJet.exe"
"%Windir%\csrss.exe"
"%Windir%\dpvsetup.exe"
"%Windir%\dsndup.exe"
"%Windir%\gxvpsafm.dll"
"%Windir%\iewww.exe"
"%Windir%\iun6002.exe"
"%Windir%\label.exe"
"%Windir%\lasss.exe"
"%Windir%\mdm.exe"
"%Windir%\mmc.exe"
"%Windir%\mshepl.exe"
"%Windir%\mshta.exe"
"%Windir%\mssetup.exe"
"%Windir%\msswchx.exe"
"%Windir%\mstask.exe"
"%Windir%\netdde.exe"
"%Windir%\nne.bin"
"%Windir%\nnv.bin"
"%Windir%\nnmgr.dat"
"%Windir%\nnmgr.exe"
"%Windir%\nnmgr.ocx"
"%Windir%\ntvdm.exe"
"%Windir%\omi.dll"
"%Windir%\osk.exe"
"%Windir%\redirect7.exe"
"%Windir%\sbar.dll"
"%Windir%\sfita.exe"
"%Windir%\smdat32a.sys"
"%Windir%\smdat32m.sys"
"%Windir%\smss.exe"
"%Windir%\spoolsv.exe"
"%Windir%\sptsupd.exe"
"%Windir%\subst.exe"
"%Windir%\svchost.exe"
"%Windir%\SYSfit.exe"
"%Windir%\ups.exe"
"%Windir%\waladhpr.exe"
"%Windir%\w32tm.exe"
"%Windir%\xcopy.exe"

"%Windir%\System\mdc.dll"

"%Windir%\System32\adrot-uninst.exe"
"%Windir%\System32\adrotate.dll"
"%Windir%\System32\adrotate1.dll"
"%Windir%\System32\adspipe.dll"
"%WinDir%\system32\adssite-remove.exe"
"%WinDir%\system32\adssite_sidebar.dll"
"%WinDir%\system32\adssite_sidebar_uninstall.exe"
"%Windir%\System32\adv.dll"
"%Windir%\System32\azesearch4.ocx"
"%Windir%\System32\brrotate.dll"
"%Windir%\System32\ca2.dll"
"%Windir%\System32\cpmrotate.dll"
"%Windir%\System32\czuehf.exe"
"%Windir%\System32\Dcads-remove.exe"
"%WinDir%\system32\dcads_sidebar.dll"
"%WinDir%\system32\dcads_sidebar_uninstall.exe"
"%Windir%\System32\DcadsSocial-uninstall.exe"
"%WinDir%\system32\dcadssuggest.dll"
"%Windir%\System32\eplaceSearch.dll"
"%Windir%\System32\ewxcksr.exe"
"%Windir%\System32\fufudc.exe"
"%Windir%\System32\f3PSSavr.scr"
"%Windir%\System32\globobar.ocx"
"%Windir%\System32\gzmrotate.dll"
"%WinDir%\system32\gzmrt.dll"
"%Windir%\System32\ha3f.exe"
"%Windir%\System32\hookdump.exe"
"%Windir%\System32\HyperLinker3.exe"
"%Windir%\System32\iasad.dll"
"%Windir%\System32\iasada.dll"
"%Windir%\System32\jbhbolcl.exe"
"%Windir%\System32\kcnzrop6.exe"
"%Windir%\System32\lmdv.bin"
"%Windir%\System32\lmf32v.dll"
"%Windir%\System32\mnopdb.exe"
"%Windir%\System32\mwsvm.exe"
"%Windir%\System32\mwsvm.ocx"
"%WinDir%\system32\mysidesearch_sidebar_uninstall.exe"
"%WinDir%\system32\mysidesearch_sidebar.dll"
"%WinDir%\system32\ninjaext-uninstall.exe"
"%Windir%\System32\nodeipproc.dll"
"%Windir%\System32\nss2C.dll"
"%Windir%\System32\nslFC.dll"
"%Windir%\System32\otpddpea5.dll"
"%Windir%\System32\PreUninstall.exe"
"%Windir%\System32\PreUninstallFF.exe"
"%Windir%\System32\p2p.exe"
"%Windir%\System32\P2P Networking"
"%Windir%\system32\QaBar.dll"
"%Windir%\system32\QcBar.dll"
"%Windir%\System32\ra8pv.exe"
"%WinDir%\system32\rightonadz-uninst.exe"
"%Windir%\System32\ShowFF.exe"
"%Windir%\System32\SmartShopper"
"%WinDir%\system32\sprt_ads.dll"
"%WinDir%\system32\superiorads-uninst.exe"
"%Windir%\System32\syssfitb.dll"
"%Windir%\System32\tbc.dll"
"%Windir%\System32\TopSearch.dll"
"%Windir%\System32\tubby.dll"
"%Windir%\System32\uninst.exe"
"%Windir%\System32\uninst.log"
"%Windir%\System32\uninsticn.exe"
"%Windir%\System32\vtlbar1.dll"
"%Windir%\system32\WinATS.dll"
"%Windir%\System32\WinDmy.dll"
"%Windir%\System32\WinNB*.dll"
"%Windir%\System32\winnook.exe"
"%Windir%\System32\zolk.dll"
"%Windir%\System32\zolker005.dll"
"%Windir%\System32\zolker009.dll"
"%Windir%\System32\zolker010.dll"
"%Windir%\System32\zolker011.dll"
"%Windir%\System32\ztoolb005.dll"
"%Windir%\System32\ztoolb006.dll"
"%Windir%\System32\ztoolb010.dll"
"%Windir%\System32\ztoolber.dll"
"%Windir%\system32\{0936fcf1-60ca-f7bf-5899-d2dbff2fa288}.dll"

"%Windir%\system32\SearchTool\nsu9F8.dll"
"%Windir%\system32\SearchTool\SearchTool.dll"

"%Windir%\System32\drivers\ csrss.exe"

"%Windir%\System32\Macromed\Flash\FlashPlayerTrust\activeshopper.cfg"

"%Fonts%\acrsec.fon"
"%Fonts%\acrsecB.fon"
"%Fonts%\acrsecI.fon"

"%Windir%\Downloaded Program Files\dotcomtoolbar.asp"
"%Windir%\Downloaded Program Files\hbtools.inf"
"%Windir%\Downloaded Program Files\hotbar.inf"
"%Windir%\Downloaded Program Files\instafin.dll"
"%Windir%\Downloaded Program Files\istactivex.dll"
"%Windir%\Downloaded Program Files\logo.bmp"
"%Windir%\Downloaded Program Files\logo.gif"
"%Windir%\Downloaded Program Files\logo2.gif"
"%Windir%\Downloaded Program Files\MirarSetup.exe"
"%Windir%\Downloaded Program Files\mwsearch.dll"
"%Windir%\Downloaded Program Files\MySearch.CAB"
"%Windir%\Downloaded Program Files\nav.bmp"
"%Windir%\Downloaded Program Files\nav_hot.bmp"
"%Windir%\Downloaded Program Files\toolbar_nieuw14.dll"
"%Windir%\Downloaded Program Files\ysbactivex.dll"
"%Windir%\downloaded program files\webp2pinstaller.dll"

"%Programfiles%\Internet Explorer\msimg32.dll"
"%programfiles%\internet explorer\setup.exe"

"%Programfiles%\Mozilla Firefox\plugins\NPMyWebS.dll"

"%ProgramFiles%\MSN Messenger\msimg32.dll"
"%ProgramFiles%\MSN Messenger\riched20.dll"

"%ProgramFiles%\ieshnv.ini"
"%ProgramFiles%\ieshnv.bmp"
"%ProgramFiles%\ieshnv.dat"
"%ProgramFiles%\ieshnv.lng"

"%Temp%\ASearchAssist.dll"
"%Temp%\ICD1.tmp"
"%Temp%\ISTbar.dll"
"%Temp%\is-B3DFI.tmp"
"%Temp%\mc*.tmp"
"%Temp%\mit3.tmp"
"%Temp%\mit3.tmp.cab"
"%Temp%\TBQuiesceKB.exe"
"%Temp%\sidefind.exe"
"%Temp%\s11k..exe"
"%Temp%\tem*.tmp.exe"
"%Temp%\11-9df8e247b1ab6e4ea9303b15294a3428.exe"
"%Temp%\875455-NOSB.exe"

"%Temp%\Random_Folder\Toolbar.exe"

"%Personal%\work7\load03.exe"
"%Personal%\work7\loadppc.exe"

"%Startup%\MyTotalSearch Email Plugin.lnk"
"%Startup%\MyWebSearch Email Plugin.lnk"

"%Desktop%\atoolbar200002.exe"
"%Desktop%\DealioKit127.exe"
"%Desktop%\m00.exe"
"%Desktop%\SetupActiv.exe"
"%Desktop%\sportsinteraction.com - bet on sports!.lnk"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04011C11-2F3B-44ed-977C-270CA669C6B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E677221-E309-4341-81BD-3CC3018BF5B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C4ECE5C-7CB8-36C5-6F3B-D414CE8F8E22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10F3E8BD-257A-4702-A2F5-DC02055B068C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D9362F8-77D8-4b29-97B5-621D550890C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD44D3E-7316-4251-B754-9B10EC96AF92}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C90A5E-BE0A-44DD-83D2-1BE138460BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D80C4E21-C346-4E21-8E64-20746AA20AEB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E60A8FF7-B9B4-8ABC-10E8-10F2461DFA50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{391C0909-C026-3B63-FFDB-93FFF4E81675}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D93B3CA5-6552-0DAA-353B-FB9D4F20B168}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B8AE75C-A139-558A-AB5B-5F07BC2FD566}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5bf48cbf-6ca5-495a-c3f9-0574983d4eb2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14b3d246-6274-40b5-8d50-6c2ade2ab29b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2a8a997f-bb9f-48f6-aa2b-2762d50f9289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4035DE1B-D54A-411E-9EE7-923295D2E86E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C6C4BA2-1646-0F3A-1FAE-B393C162C92E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-90F0-F66AB581A933}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-DCF7-F96DA086B434}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-86FF-FD60BB9AAE3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed7d3de-6dbe-4516-8712-01b1b64b7057}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CFEE306-E014-48A4-876D-06FF09EBB0F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-436325722327}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A6E50DC-BFA8-4B40-AB1B-159E03E829FD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7475D3FD-5D85-49DB-8B9B-6968467B2D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74CC49F7-EB32-4A08-B204-948962A6E3DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{753B9349-7E46-4E5C-A27F-A60A6BF1EAB5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{832BEBED-C3DA-4534-A2C2-B2FFF220C820}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87E68009-29A8-D669-F7C2-B31D08635C50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-4D54434D5443}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-76746C56544C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF7E9EBB-E1CF-7F7C-C608-13185698F3E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5F3970B-745E-46AC-B890-E08F69777D80}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B886C1F4-D1D3-45F5-F45E-75EB024320AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6FC35D1-04AB-4D40-94CF-2E5AE4D0F8D2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4D1D56C-3EC9-2F5D-FAA3-4112CCDD61DC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E82E0739-0AAE-4E99-9052-B40F7DABFA34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65b197f-8260-4d52-909a-f70118e646eb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8EACE56-0AF4-3AE3-6EF8-F8CC39675729}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2BA1C226-EC1B-4471-A65F-D0688AC6EE3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-46a1-83b8-bd2ae6d9fa2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F17C005-7BF0-4f13-8473-F3C3D2619DBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDDF3383-EC5F-49DF-A8B6-CEC2D8F6164C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7C559105-9ECF-42B8-B3F7-832E75EDD959}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F1ABCDB-A875-46C1-8345-B72A4567E483}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CODE Store Database\Distribution Units\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{79B96C72-C0D0-4DC8-BC7E-9F314A918228}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C109664B-CEB1-420B-B353-D55A561536DD}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4c3a-B38E-9654A7003239}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{119DBEDA-9c41-4F97-94B4-B6BCD01133CF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88E50F1D-4790-4C6B-BEE3-D54E46B6EEF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{066040F0-5018-4E15-8AA0-81D36136D989}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{3EA5C408-2437-4c40-ADAC-DFDA9AEEEA96}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{bc

Réponse 44 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 20:08

Est ce que c' est ça? parce que c' est le seul fichier texte que je trouve pour ToolBar SD...

Réponse 45 / 69

Utilisateur anonyme
21 juin 2009 à 20:13

lol non c'est pas ca mais avant de poster le rapport , il faut passer le logiciel avant :)

sous vista : clic doit en tant qu'administrateur
maintenant sur le raccourci de Toolbar-S&D qui est sur ton bureau

* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Tape sur "2" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Réponse 46 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 20:42

je m' acharne dessus depuis une 1/2 heure, aucun rapport de toolbar sd...

Réponse 47 / 69

Utilisateur anonyme
21 juin 2009 à 20:44

avant qu'il te donne un rapport , il faut qu'il travaille :)

je voudrais verifier quelquechose :

• Télécharge GMER
• Fais un clic-droit sur le dossier gmer.zip --> Extraire tout --> Choisis le Bureau comme destination.
• Renomme "gmer.exe" en "bypass.exe", puis lance le.
• Dans l'onglet "Rootkit", clique sur "SCAN" puis patiente...
• Si Gmer trouve un rootkit, il affichera la ligne en rouge → fais un clic-droit sur la ligne puis sur Kill the process si cette option est disponible. Ensuite, choisis « Delete the service » pour supprimer le rootkit.
• A la fin, clique sur "SAVE" et enregistre le rapport sur ton Bureau.
• Ouvre le rapport, et copie/colle son contenu dans ta prochaine réponse.

Réponse 48 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 21:13

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-06-21 21:10:08
Windows 6.0.6002 Service Pack 2

---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys ZwOpenProcess [0x9F447C90]
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys ZwOpenThread [0x9F447D7E]
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys ZwTerminateProcess [0x9F447BF4]
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys ZwTerminateThread [0x9F447EC4]

INT 0x52 ? 85EB4E98
INT 0x62 ? 850CCBF8
INT 0x72 ? 850CCBF8
INT 0x82 ? 850CCBF8
INT 0x82 ? 850CCBF8
INT 0x82 ? 85EB4E98
INT 0x82 ? 850CCBF8
INT 0xA2 ? 85EB4E98
INT 0xB3 ? 85EB4E98

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 3F1 81AFCB34 4 Bytes [90, 7C, 44, 9F] {NOP ; JL 0x47; LAHF }
.text ntkrnlpa.exe!KeSetEvent + 40D 81AFCB50 4 Bytes [7E, 7D, 44, 9F] {JLE 0x7f; INC ESP; LAHF }
.text ntkrnlpa.exe!KeSetEvent + 621 81AFCD64 8 Bytes [F4, 7B, 44, 9F, C4, 7E, 44, ...] {HLT ; JNP 0x47; LAHF ; LES EDI, DWORD [ESI+0x44]; LAHF }
? System32\Drivers\spdm.sys Le chemin d'accès spécifié est introuvable. !
PAGE ataport.SYS!DllUnload 8AF21B2E 5 Bytes JMP 850CC1D8
.text USBPORT.SYS!DllUnload 8F0ED41B 5 Bytes JMP 85EB4478
PAGE spsys.sys!?SPVersion@@3PADA + 1ABF 9C65303F 110 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F 9C6530AF 1 Byte [16]
PAGE spsys.sys!?SPVersion@@3PADA + 1B2F 9C6530AF 128 Bytes [16, 3B, C8, 75, E2, B0, 01, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB0 9C653130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1BB7 9C653137 2298 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE ...

---- User code sections - GMER 1.0.15 ----

.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtCreateFile + 6 772A43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtCreateFile + B 772A43DF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtMapViewOfSection + 6 772A4B2A 1 Byte [28]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtMapViewOfSection + 6 772A4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtMapViewOfSection + B 772A4B2F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenFile + 6 772A4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenFile + B 772A4BBF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcess + 6 772A4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcess + B 772A4C3F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcessToken + 6 772A4C4A 4 Bytes CALL 762A5250 C:\Windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcessToken + B 772A4C4F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcessTokenEx + 6 772A4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenProcessTokenEx + B 772A4C5F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThread + 6 772A4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThread + B 772A4CAF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThreadToken + 6 772A4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThreadToken + B 772A4CBF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThreadTokenEx + 6 772A4CCA 4 Bytes CALL 762A52D1 C:\Windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtOpenThreadTokenEx + B 772A4CCF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtQueryAttributesFile + 6 772A4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtQueryAttributesFile + B 772A4D5F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtQueryFullAttributesFile + 6 772A4E0A 4 Bytes CALL 762A540F C:\Windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtQueryFullAttributesFile + B 772A4E0F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtSetInformationFile + 6 772A52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtSetInformationFile + B 772A52EF 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtSetInformationThread + 6 772A533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtSetInformationThread + B 772A533F 1 Byte [E2]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtUnmapViewOfSection + 6 772A55DA 1 Byte [68]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtUnmapViewOfSection + 6 772A55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe[420] ntdll.dll!NtUnmapViewOfSection + B 772A55DF 1 Byte [E2]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806906D6] \SystemRoot\System32\Drivers\spdm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80690042] \SystemRoot\System32\Drivers\spdm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80690800] \SystemRoot\System32\Drivers\spdm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806900C0] \SystemRoot\System32\Drivers\spdm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8069013E] \SystemRoot\System32\Drivers\spdm.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069FE9C] \SystemRoot\System32\Drivers\spdm.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74287817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [742DA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7428BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7427F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742875E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7427E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [742B8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7428DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7427FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7427FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742771CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7430CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [742AC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7427D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74276853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7427687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3344] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74282AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 850D11F8
Device \FileSystem\fastfat \FatCdrom 86DC8500
Device \Driver\volmgr \Device\VolMgrControl 850CE1F8
Device \Driver\usbuhci \Device\USBPDO-0 85F1A1F8
Device \Driver\usbuhci \Device\USBPDO-1 85F1A1F8
Device \Driver\usbuhci \Device\USBPDO-2 85F1A1F8
Device \Driver\usbuhci \Device\USBPDO-3 85F1A1F8
Device \Driver\usbehci \Device\USBPDO-4 85F251F8

AttachedDevice \Driver\tdx \Device\Tcp bdftdif.sys

Device \Driver\USBSTOR \Device\00000070 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume1 850CE1F8
Device \Driver\USBSTOR \Device\00000064 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume2 850CE1F8
Device \Driver\cdrom \Device\CdRom0 860121F8
Device \Driver\USBSTOR \Device\00000065 85ED2500
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 850D01F8
Device \Driver\atapi \Device\Ide\IdePort0 850D01F8
Device \Driver\atapi \Device\Ide\IdePort1 850D01F8
Device \Driver\atapi \Device\Ide\IdePort2 850D01F8
Device \Driver\atapi \Device\Ide\IdePort3 850D01F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-4 850D01F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 850D01F8
Device \Driver\cdrom \Device\CdRom1 860121F8
Device \Driver\volmgr \Device\HarddiskVolume3 850CE1F8
Device \Driver\USBSTOR \Device\00000066 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume4 850CE1F8
Device \Driver\USBSTOR \Device\00000067 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume5 850CE1F8
Device \Driver\USBSTOR \Device\00000068 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume6 850CE1F8
Device \Driver\USBSTOR \Device\00000069 85ED2500
Device \Driver\volmgr \Device\HarddiskVolume7 850CE1F8
Device \Driver\netbt \Device\NetBt_Wins_Export 86796500
Device \Driver\volmgr \Device\HarddiskVolume8 850CE1F8
Device \Driver\Smb \Device\NetbiosSmb 867BB1F8
Device \Driver\iScsiPrt \Device\RaidPort0 860131F8

AttachedDevice \Driver\tdx \Device\Udp bdftdif.sys

Device \Driver\netbt \Device\NetBT_Tcpip_{F61615AE-8AE3-4A3E-9C5B-E333F86FB54A} 86796500
Device \Driver\usbuhci \Device\USBFDO-0 85F1A1F8
Device \Driver\USBSTOR \Device\0000006c 85ED2500
Device \Driver\USBSTOR \Device\0000006d 85ED2500
Device \Driver\usbuhci \Device\USBFDO-1 85F1A1F8
Device \Driver\USBSTOR \Device\0000006e 85ED2500
Device \Driver\usbuhci \Device\USBFDO-2 85F1A1F8
Device \Driver\USBSTOR \Device\0000006f 85ED2500
Device \Driver\usbuhci \Device\USBFDO-3 85F1A1F8
Device \Driver\usbehci \Device\USBFDO-4 85F251F8
Device \FileSystem\fastfat \Fat 86DC8500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat InCDRec.sys (Nero InCD File System Recognizer/Nero AG)

Device InCDFs.sys (InCD File System Driver/Nero AG)
Device \FileSystem\cdfs \Cdfs 86F0A1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1A 0x3C 0x15 0x3D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1A 0x3C 0x15 0x3D ...

---- EOF - GMER 1.0.15 ----

Réponse 49 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
21 juin 2009 à 21:35

Youhou!?

Réponse 50 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 13:24

Bon, c' est pas pour embêter, je comprend que vous soyez débordés, mais mon "helper" m' a laché. Il m' a demandé de faire une vérification, et plus rien... J' attends depuis hier 20h que quelqu' un veuille me répondre, savoir si tout est clean, quels logiciels je peux désinstaller, quels outils me conseille t on? Etant donné qu' on nous demande d' attendre confirmation, j'attends...Je suis seul... Je m' ennuie...Sniff....

Réponse 51 / 69

Utilisateur anonyme
22 juin 2009 à 13:42

slt

je ne t'ai pas laché, certains helpers ont la chance d'etre devant leur pc toute la journee, d'autres comme moi ont une vie et un metier :)

Gmer n'a rien trouvé :

on va repasser Combofix mais avec un lien different donc :
desinstalle celui que tu as
demarrer : executer : tape : combofix /u (pense a l'espace entre x et /)

je te redonne un lien dans ma prochaine reponse

Réponse 52 / 69

Utilisateur anonyme
22 juin 2009 à 13:48

Salut à tous...

Pour avancer:(en attendant le retour de néophyte ou anthony)
Relances un RSIT stp...

a+

Réponse 53 / 69

Utilisateur anonyme
22 juin 2009 à 13:51

slt archet

nos messages se sont croises, gorgutz je t'ai repondu 2 posts au dessus, apres l'avoir lu,

/!\ Le logiciel qui suit n'est pas à utiliser à la légère ! Ne le faites que si un helpeur vous l'a recommandé. /!\

Ce logiciel est très puissant et une mauvaise utilisation peut faire des dégâts...

Télécharge ComboFix (de sUBs)] depuis ce lien
http://sd-1.archive-host.com/membres/up/157165553231658156/ComboFix.exe
sur ton Bureau (et pas ailleurs !). Pour cela, fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " et tape c-fix dans la fenêtre qui s'ouvre et valide.

Déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES, antivirus...
(qui pourraient gêner fortement l'outil...Tu les réactiveras donc après ! )

Tuto ici pour installer la Console de récupération (important en cas de problème) : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

postes le rapport stp

(ne touche a rien pendant que l'outil travaille pour ne pas figer ton pc)

Réponse 54 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 14:07

Je me doutais bien que vous ne m' aviez pas lâché!:), mais tu aurais au moins pu me dire "à demain", ça m' aurait évité d' envoyer ce message et de passer pour un chiant :)
Bon pour combo fix, une question: il n' apparait pas dans ma liste de programmes installés, puis je simplement le supprimer du bureau???

Réponse 55 / 69

Utilisateur anonyme
22 juin 2009 à 14:36

je t'ai dis comment faire :
demarrer : executer : tape : combofix /u (pense a l'espace entre x et /)

et oui desinstalle manuellement sinon

Réponse 56 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 15:16

Oui, je suis un peu tête en l' air, tu l' auras compris... Désolé...

ComboFix 09-06-21.01 - PERSO 22/06/2009 15:05.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.3582.2658 [GMT 2:00]
Lancé depuis: c:\users\PERSO\Desktop\ComboFix.exe
AV: Antivirus BitDefender *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Pare-feu BitDefender *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender AntiSpam *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-22 au 2009-06-22 ))))))))))))))))))))))))))))))))))))
.

2009-07-04 19:57 . 2009-07-04 19:57 13593 ----a-w- c:\windows\system32\709059zus2.bin
2009-06-22 13:09 . 2009-06-22 13:09 -------- d-----w- c:\users\PERSO\AppData\Local\temp
2009-06-20 16:27 . 2009-06-20 16:28 -------- d-----w- c:\users\PERSO\DoctorWeb
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- c:\program files\trend micro
2009-06-20 15:52 . 2009-06-20 15:52 -------- d-----w- C:\rsit
2009-06-20 11:44 . 2009-06-20 11:44 -------- d-----w- c:\users\PERSO\Pavark
2009-06-19 23:59 . 2009-06-20 15:38 -------- d-----w- c:\program files\Sophos
2009-06-19 09:13 . 2009-06-19 09:13 -------- d-----w- c:\windows\PCHEALTH
2009-06-18 12:44 . 2009-06-22 08:59 -------- d-----w- c:\users\PERSO\Songs Reason
2009-06-17 20:29 . 2009-06-17 20:29 -------- d-----w- c:\program files\Propellerhead
2009-06-17 19:55 . 2009-03-31 12:47 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-06-17 19:55 . 2009-03-31 12:47 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-06-17 18:54 . 2009-06-17 20:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\Propellerhead Software
2009-06-17 18:54 . 2009-06-17 18:54 -------- d-----w- c:\programdata\Propellerhead Software
2009-06-17 18:47 . 2009-06-17 18:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-06-17 18:43 . 2009-06-17 18:43 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-17 18:42 . 2009-06-17 20:29 -------- d-----w- c:\users\PERSO\AppData\Roaming\DAEMON Tools Lite
2009-06-17 18:19 . 1996-07-18 11:06 297472 ----a-w- c:\windows\uninst.exe
2009-06-17 00:56 . 2009-06-17 00:56 16546800 ----a-w- c:\users\PERSO\AppData\Roaming\Uniblue\DriverScanner\LatestUpdate.exe
2009-06-17 00:55 . 2009-06-17 00:55 -------- dc-h--w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}
2009-06-17 00:55 . 2008-10-10 11:17 2652186 -c--a-w- c:\programdata\{83FC5D7A-8875-4931-80D6-1E3AC725D336}\DriverScanner_Setup.exe
2009-06-16 23:10 . 2009-06-16 23:10 -------- d-----w- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-06-14 20:25 . 2009-06-14 20:25 -------- d-----w- c:\programdata\Creative Labs
2009-06-14 20:21 . 2009-06-14 20:21 -------- d-----w- c:\program files\Common Files\Creative Labs Shared
2009-06-13 20:54 . 2009-06-13 20:54 -------- d-----w- c:\users\PERSO\AppData\Local\Nero
2009-06-13 20:41 . 2009-06-13 20:41 -------- d-----w- c:\users\PERSO\AppData\Roaming\Nero
2009-06-13 20:37 . 2009-06-13 20:40 -------- d-----w- c:\program files\Common Files\Nero
2009-06-13 20:37 . 2009-06-13 20:37 -------- d-----w- c:\programdata\Nero
2009-06-12 23:05 . 2009-06-12 23:05 -------- d-----w- c:\program files\G-Sonique
2009-06-11 08:51 . 2009-06-11 08:51 -------- dc-h--w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}
2009-06-11 08:51 . 2009-05-20 08:58 2841948 -c--a-w- c:\programdata\{B3ABAF49-C1FD-4E23-A5C8-1D0530D54991}\PowerSuite2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}
2009-06-11 08:50 . 2009-05-04 14:27 2835559 -c--a-w- c:\programdata\{942E4254-C25C-44BA-94FC-8777923F9E7B}\speedupmypc2009.exe
2009-06-11 08:50 . 2009-06-11 08:50 -------- dc-h--w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}
2009-06-11 08:50 . 2008-10-13 07:53 2567606 -c--a-w- c:\programdata\{E18C8A94-0667-4A02-B59B-9CB3A8F22628}\Uniblue RegistryBooster.exe
2009-06-10 00:57 . 2009-06-12 10:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\vlc
2009-06-09 21:19 . 2009-06-09 22:21 -------- d-----w- c:\users\PERSO\AppData\Roaming\LimeWire
2009-06-09 21:19 . 2009-06-09 21:19 -------- d-----w- c:\program files\360Share Pro
2009-06-03 11:14 . 2009-06-03 11:14 -------- d-----w- c:\program files\THQ
2009-06-02 22:18 . 2009-06-04 22:20 -------- d-----w- c:\program files\Pcsx2
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\AA2DeployClient
2009-06-01 12:17 . 2009-06-01 12:17 -------- d-----w- c:\programdata\AA2DeployClient
2009-06-01 12:15 . 2009-06-01 12:17 -------- d-----w- c:\users\PERSO\AppData\Local\Deployment
2009-06-01 12:08 . 2009-06-17 00:57 -------- d-----w- c:\programdata\DriverScanner
2009-06-01 12:08 . 2009-06-11 09:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\Uniblue
2009-06-01 12:08 . 2009-06-11 08:52 -------- d-----w- c:\program files\Uniblue
2009-06-01 11:24 . 2009-06-18 08:48 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitTorrent
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\eu-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\ca-ES
2009-05-27 14:54 . 2009-05-27 14:54 -------- d-----w- c:\windows\system32\vi-VN
2009-05-27 07:09 . 2009-05-27 07:09 -------- d-----w- c:\windows\system32\EventProviders
2009-05-27 07:09 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-05-27 07:09 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2009-05-27 07:09 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2009-05-27 07:09 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-05-27 07:09 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2009-05-27 07:09 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-05-27 07:09 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\programdata\America's Army Deploy Client
2009-05-24 16:24 . 2009-06-14 19:42 -------- d-----w- c:\program files\America's Army Deploy Client
2009-05-23 19:18 . 2009-05-23 19:18 10684866 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azump\mplayer.exe
2009-05-23 19:18 . 2009-05-23 19:18 4141117 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\mediainfo.exe
2009-05-23 19:18 . 2009-05-23 19:18 6516755 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\vuzexcode\ffmpeg.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-22 11:59 . 2009-03-25 13:37 -------- d-----w- c:\program files\Google
2009-06-22 08:41 . 2008-01-21 07:23 740102 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-22 08:41 . 2008-01-21 07:23 150198 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-22 02:53 . 2009-03-22 03:05 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-21 23:19 . 2009-05-20 10:53 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-21 14:37 . 2009-04-06 20:42 -------- d-----w- c:\programdata\Apple Computer
2009-06-21 12:21 . 2009-06-21 12:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-21 12:21 . 2009-06-21 12:21 3561743 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-21 12:21 . 2009-06-21 12:21 -------- d-----w- c:\users\PERSO\AppData\Roaming\Malwarebytes
2009-06-21 12:21 . 2009-06-21 12:21 -------- d-----w- c:\programdata\Malwarebytes
2009-06-20 23:07 . 2009-02-01 17:10 -------- d-----w- c:\program files\Ableton
2009-06-20 19:00 . 2009-04-27 16:49 -------- d-----w- c:\users\PERSO\AppData\Roaming\Azureus
2009-06-20 03:15 . 2009-01-10 13:44 -------- d-----w- c:\users\PERSO\AppData\Roaming\dvdcss
2009-06-19 16:52 . 2009-01-10 13:31 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-18 08:57 . 2009-01-09 16:45 1 ----a-w- c:\users\PERSO\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-17 17:51 . 2009-02-01 17:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ableton
2009-06-17 09:27 . 2009-06-21 12:21 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-17 09:27 . 2009-06-21 12:21 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-14 20:26 . 2009-01-10 13:03 -------- d-----w- c:\program files\Creative
2009-06-14 20:25 . 2009-01-10 15:44 -------- d-----w- c:\programdata\Creative
2009-06-14 20:22 . 2009-01-09 16:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 01:27 . 2009-04-13 13:33 -------- d-----w- c:\users\PERSO\AppData\Roaming\Skype
2009-06-13 20:37 . 2009-01-09 17:05 -------- d-----w- c:\program files\Nero
2009-06-12 20:49 . 2009-05-09 16:31 -------- d-----w- c:\program files\Steam
2009-06-11 08:59 . 2009-03-23 20:53 -------- d-----w- c:\users\PERSO\AppData\Roaming\uTorrent
2009-06-02 20:01 . 2009-03-23 21:02 -------- d-----w- c:\program files\BitTorrent
2009-06-01 12:22 . 2009-03-25 10:35 189392 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-01 12:18 . 2009-03-25 10:35 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-05-27 14:54 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-05-27 14:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-27 14:54 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-05-25 15:26 . 2009-05-05 20:31 304160 ----a-w- C:\PA207.DAT
2009-05-24 17:34 . 2009-03-24 21:19 -------- d-----w- c:\program files\America's Army Server Manager
2009-05-24 17:33 . 2009-03-24 21:18 -------- d-----w- c:\program files\America's Army
2009-05-24 12:07 . 2009-05-09 16:31 -------- d-----w- c:\program files\Common Files\Steam
2009-05-22 03:30 . 2009-05-22 03:30 -------- d-----w- c:\programdata\WindowsSearch
2009-05-20 20:43 . 2009-01-09 17:02 -------- d-----w- c:\programdata\NVIDIA
2009-05-17 17:54 . 2009-05-17 17:54 52776 ----a-w- c:\users\PERSO\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Modèles
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Menu Démarrer
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Favoris
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\programdata\Bureau
2009-05-17 17:49 . 2009-05-17 17:49 -------- d-sh--we c:\program files\Fichiers communs
2009-05-17 17:42 . 2009-05-17 17:42 21668 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-17 17:38 . 2009-04-02 00:10 -------- d-----w- c:\users\PERSO\AppData\Roaming\SystemRequirementsLab
2009-05-17 17:38 . 2009-03-25 08:36 -------- d-----w- c:\users\PERSO\AppData\Roaming\MySpace
2009-05-17 17:38 . 2009-01-09 16:45 -------- d-----w- c:\users\PERSO\AppData\Roaming\OpenOffice.org
2009-05-17 17:38 . 2009-01-16 19:18 -------- d-----w- c:\users\PERSO\AppData\Roaming\MP-Manager
2009-05-17 17:38 . 2009-01-16 19:16 -------- d-----w- c:\users\PERSO\AppData\Roaming\MPMAN
2009-05-17 17:38 . 2009-01-09 16:52 -------- d-----w- c:\users\PERSO\AppData\Roaming\InstallShield
2009-05-17 17:38 . 2009-05-17 14:22 -------- d-----w- c:\users\PERSO\AppData\Roaming\BitDefender
2009-05-17 17:38 . 2009-03-24 21:05 -------- d-----w- c:\users\PERSO\AppData\Roaming\DriverCure
2009-05-17 17:38 . 2009-01-10 13:34 -------- d-----w- c:\users\PERSO\AppData\Roaming\Creative
2009-05-17 17:38 . 2009-04-06 20:43 -------- d-----w- c:\users\PERSO\AppData\Roaming\Apple Computer
2009-05-17 17:38 . 2009-01-09 17:07 -------- d-----w- c:\users\PERSO\AppData\Roaming\Ahead
2009-05-17 17:31 . 2009-03-29 15:41 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-17 17:28 . 2009-05-17 17:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-09 05:50 . 2009-06-10 00:38 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 00:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-08 21:44 . 2009-05-08 21:43 1469952 ----a-w- c:\users\PERSO\AppData\Roaming\tsdnwin.dll
2009-05-01 19:01 . 2009-05-01 19:01 15884 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess.dll
2009-05-01 19:01 . 2009-05-01 19:01 102400 ----a-w- c:\users\PERSO\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.14.3-x86.dll
2009-04-26 20:45 . 2009-03-25 08:36 -------- d-----w- c:\program files\MySpace
2009-04-23 12:15 . 2009-06-10 00:38 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:14 . 2009-06-10 00:38 623616 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-21 11:39 . 2009-06-10 00:38 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-04-11 06:33 . 2009-05-27 07:08 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-05-27 07:08 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-05-27 07:08 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-05-27 07:08 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-11 06:33 . 2009-05-27 07:08 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-05-27 07:08 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-05-27 07:08 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-05-27 07:08 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-05-27 07:08 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-05-27 07:08 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 04:57 . 2009-05-27 07:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-05-27 07:08 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-05-27 07:08 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-05-27 07:08 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-05-27 07:08 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-05-27 07:08 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-05-27 07:08 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-05-27 07:08 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-05-27 07:08 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-05-27 07:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-05-27 07:08 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-05-27 07:08 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-05-27 07:08 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-05-27 07:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-05-27 07:08 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-05-27 07:08 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-03-05 16:08 . 2009-05-17 14:24 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2008-01-21 02:35 . 2008-01-21 02:35 168960 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18000_none_0b69c31f4f19b995\wmplayer.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 16:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnhancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-07-10 07:23 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-03-19 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-02-23 69632]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-25 16990208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SecurDisc"="c:\program files\Nero\Nero8\InCD\NBHGui.exe" [2008-07-10 2049320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Creative SB Monitoring Utility"="sbavmon.dll" - c:\windows\System32\SBAVMon.dll [2008-12-01 94720]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^PERSO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):6d,3a,94,d6,db,de,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{62043F56-9769-4CB3-9904-46DDC8E8C207}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= TCP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"TCP Query User{E123E05D-A986-4165-AACC-D6573D159445}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= UDP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"UDP Query User{95825578-D630-44CA-A4F3-52E02C5FA711}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= TCP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"TCP Query User{43F15413-4E91-46DD-9BC8-C1E5F2108D7A}c:\\users\\perso\\desktop\\warhammer2\\dow2.exe"= UDP:c:\users\perso\desktop\warhammer2\dow2.exe:dow2.exe
"UDP Query User{DC949683-CDEA-41E2-A0CE-C35E3B497363}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{664AF19B-0FE6-4FB4-A0D5-B6773FBAB280}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"{9873280A-B46A-4B3F-BB90-A6E653E1697A}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{CF625FAF-B41D-43A8-9308-1BB4F648512A}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EABDAB33-5B2D-43CA-B3C0-D43A6460AA5F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"UDP Query User{661BDC92-B998-46EF-9A0E-9D337ED40EBD}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"TCP Query User{82799CA4-4346-4696-B458-EC5770392217}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"{E668A50D-200E-4496-B47C-C1256BB92E6B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"UDP Query User{416AED8F-E2D3-4F3E-9DD1-1F1E9B375729}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{1D08B44A-8061-46C6-90BE-5A942C0CA713}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"{198C91BC-3C09-4EFA-8093-CFAF54C71C55}"= Disabled:TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{F13FFF80-397E-4425-8D01-C54387C503B1}"= Disabled:UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{B337DBDD-DC16-4DB1-95F2-541F81DB68F2}"= c:\program files\MySpace\IM\MySpaceIM.exe:MySpaceIM
"UDP Query User{032E7B4F-9DF6-489C-B9B7-EF3516799C46}c:\\users\\perso\\program files\\dna\\btdna.exe"= TCP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"TCP Query User{876D182E-70EF-4D08-A6C9-67604C815E4B}c:\\users\\perso\\program files\\dna\\btdna.exe"= UDP:c:\users\perso\program files\dna\btdna.exe:btdna.exe
"UDP Query User{D924E207-F4FB-4CEB-8A3A-BA7DFD18709E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{CB954CBA-FB8E-4625-B734-E7852C64D3E8}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"{9A2C52DE-86F7-4C01-B1B9-55F5AD21235B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{CE2C0EDE-E278-4ABE-901C-9CDD17BBBA51}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"TCP Query User{A880DB37-3711-4B99-93B3-4196896CFEDF}c:\\program files\\america's army deploy client\\aadeployclient.exe"= UDP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"UDP Query User{9DD0D3D6-1FDB-449E-9E41-4113C6554FC9}c:\\program files\\america's army deploy client\\aadeployclient.exe"= TCP:c:\program files\america's army deploy client\aadeployclient.exe:AADeployClient
"TCP Query User{6E6AF77F-1725-482A-A1C6-B0CFED34EDC7}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{6FD19C95-1C99-4A0B-AC0E-85D6AF00A901}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"{7F1FF9E5-AF2C-43C5-9D37-5AC9A71F9B3B}"= UDP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (TCP-In)
"{09763EB7-5AF2-4E7C-8265-0A921584411A}"= TCP:c:\program files\BitTorrent\BitTorrent.exe:BitTorrent (UDP-In)
"TCP Query User{B6D4425F-BD1D-4B61-8852-A11299019D52}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{906BEEDB-B74E-45FA-BE04-77766B5422E5}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{3BCA4250-3846-4656-AF04-08DE6743CBAE}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{695EED36-D15B-4939-82FE-E7F21B08787C}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{64304686-A2E5-498B-BE10-C8D2E6E60107}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"UDP Query User{C91C1C71-435A-493C-945F-5C9A47860A8F}c:\\program files\\nero\\nero8\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero8\nero home\nerohome.exe:Nero Home
"{4483DEC1-1BBE-4862-8341-ABFB536E2BAE}"= Disabled:UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{7AB8F5C6-0990-42B2-9459-E1D3BD23298E}"= Disabled:TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{3A47CA1E-C6DA-4927-A6C6-D2006D9C1472}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:UDP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"UDP Query User{8A108734-8CEC-4CDD-BF13-14DEA1F506B1}c:\\users\\perso\\appdata\\local\\temp\\nero web\\setupxu.exe"= Disabled:TCP:c:\users\perso\appdata\local\temp\nero web\setupxu.exe:setupxu.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1"= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=iprip:@iprip.dll,-200|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10/07/2008 09:23 53032]
R3 bdfm;BDFM;c:\windows\System32\drivers\bdfm.sys [18/09/2008 12:09 111112]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\System32\drivers\viahduaa.sys [17/05/2009 20:19 906240]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [20/01/2009 19:16 172032]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [14/06/2009 22:21 79360]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [29/03/2009 17:42 55280]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 ksaud;Creative USB Audio Driver;c:\windows\System32\drivers\ksaud.sys [17/05/2009 20:19 802176]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [17/05/2009 20:19 507136]
S3 SBUSBAV;Sound Blaster Audigy 2 ZS Video Editor Video Device;c:\windows\System32\drivers\sbusbav.sys [17/05/2009 20:18 101888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
rsmsvcs REG_MULTI_SZ ntmssvc
bdx REG_MULTI_SZ scan
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-06-22 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2009-03-13 13:37]

2009-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2350328726-818139621-3553498986-1000.job
- c:\users\PERSO\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-23 20:47]

2009-06-22 c:\windows\Tasks\User_Feed_Synchronization-{419DFB9A-D684-428A-AA2A-429C17D471AA}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]

2009-06-22 c:\windows\Tasks\User_Feed_Synchronization-{CFF2EE30-FAE0-472E-B713-63D3C384CF13}.job
- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fzx%3D1a10x3w67eko%26shva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2
FF - ProfilePath - c:\users\PERSO\AppData\Roaming\Mozilla\Firefox\Profiles\p2qm4nz7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=101764&l=dis
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\PERSO\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-22 15:09
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-06-22 15:10
ComboFix-quarantined-files.txt 2009-06-22 13:10
ComboFix2.txt 2009-06-20 20:33

Avant-CF: 195 138 179 072 octets libres
Après-CF: 195 121 324 032 octets libres

336 --- E O F --- 2009-06-20 21:39

Réponse 57 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 17:11

Logfile of random's system information tool 1.06 (written by random/random)
Run by PERSO at 2009-06-22 17:07:44
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2
System drive C: has 186 GB (78%) free of 238 GB
Total RAM: 3582 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:07:50, on 22/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
C:\Windows\System32\rundll32.exe
C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PERSO\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PERSO\Desktop\RSIT.exe
C:\Program Files\trend micro\PERSO.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fzx%3D1a10x3w67eko%26shva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&scc=1<mpl=default<mplcache=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15108/CTPID.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

Réponse 58 / 69

Utilisateur anonyme
22 juin 2009 à 19:09

re,

ton rapport n'est pas complet (rsit) peux tu l'heberger stp en suivant ce tutoriel pour t'aider (c'est simple)

Réponse 59 / 69

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 19:30

J' espère que j' ai pas fait de conneries, mais ça devrait être bon, je suis pas encore trop bête(enfin je crois), ça marche comme photobucket, en fait... enfin voilà:

http://ww38.toofiles.com/fr/oip/documents/txt/rsittxt.html

Réponse 60 / 69

Utilisateur anonyme
22 juin 2009 à 19:32

c'est ok, je jette un oeil et j'ai jamais dis que t'etait bete ^^

gorgutz Messages postés 244 Date d'inscription samedi 19 avril 2008 Statut Membre Dernière intervention 18 janvier 2010 12
22 juin 2009 à 19:43

J' ai pas dit que tu l' avais dit! J' ai besoin de personne pour ça! :)

Ultra Surinfecté !!!

69 réponses

Discussions similaires