Virus win 32 jeefo!!!!
Fermé
demonwar
Messages postés
7
Date d'inscription
vendredi 25 septembre 2009
Statut
Membre
Dernière intervention
11 mars 2010
-
25 sept. 2009 à 17:14
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 - 27 sept. 2009 à 14:12
benurrr Messages postés 9643 Date d'inscription samedi 24 mai 2008 Statut Contributeur sécurité Dernière intervention 11 janvier 2012 - 27 sept. 2009 à 14:12
A voir également:
- Virus win 32 jeefo!!!!
- 32 bits - Guide
- Poweriso 32 bit - Télécharger - Gravure
- Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
- Win setup from usb - Télécharger - Utilitaires
- Telecharger win rar - Télécharger - Compression & Décompression
9 réponses
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
25 sept. 2009 à 21:34
25 sept. 2009 à 21:34
salut
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
demonwar
Messages postés
7
Date d'inscription
vendredi 25 septembre 2009
Statut
Membre
Dernière intervention
11 mars 2010
26 sept. 2009 à 10:37
26 sept. 2009 à 10:37
voilà
info.txt logfile of random's system information tool 1.06 2009-09-26 10:35:25
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
ConsumerUpdate-->MsiExec.exe /I{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Favorit-->"c:\documents and settings\admin\local settings\application data\irlwwbcm.exe" -uninstall
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 2300 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgUNST.EXE -NOLICENSE
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Movavi VideoSuite 7-->MsiExec.exe /I{8EA74A1B-33A8-4FC3-B18F-54EA9689A497}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
RON Too1 Cpmsky-->C:\WINDOWS\system32\jqoovljhpr.exe
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
TechSmith EnSharpen-->C:\Program Files\TechSmith\EnSharpen\UNWISE.EXE /U /Z "C:\Program Files\TechSmith\EnSharpen\INSTALL.LOG"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Security center information======
AV: avast! antivirus 4.8.1356 [VPS 090926-0]
======System event log======
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Generate Activation Context a échoué pour c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Message d'erreur de référence : Opération réussie.
.
Record Number: 5701
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT.
Message d'erreur de référence : Erreur d'analyse du fichier manifeste : un caractère non valide a été trouvé dans le contenu du texte.
.
Record Number: 5700
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 58
Message: Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie "C:\windows\WinSxS\Policies\x86_Policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.policy" à la ligne 0.
Record Number: 5699
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Generate Activation Context a échoué pour c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Message d'erreur de référence : Opération réussie.
.
Record Number: 5698
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT.
Message d'erreur de référence : Erreur d'analyse du fichier manifeste : un caractère non valide a été trouvé dans le contenu du texte.
.
Record Number: 5697
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 5
Source Name: SecurityCenter
Time Written: 20090916162543.000000+120
Event Type: Informations
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 4
Source Name: SecurityCenter
Time Written: 20090916145206.000000+120
Event Type: Informations
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1001
Message: Détecteur d'erreurs 1180947459.
Record Number: 3
Source Name: Application Hang
Time Written: 20090916114257.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1002
Message: Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Record Number: 2
Source Name: Application Hang
Time Written: 20090916114251.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 1
Source Name: SecurityCenter
Time Written: 20090916113428.000000+120
Event Type: Informations
User:
=====Security event log=====
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Assistance à distance
Chemin d'accès : %windir%\system32\sessmgr.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50812
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Dnode
Chemin d'accès : C:\WINDOWS\system32\scvhost.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50811
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : 2300 Series
Chemin d'accès : C:\WINDOWS\system32\lxcgcoms.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50810
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Diagnostics du réseau pour Windows XP
Chemin d'accès : %windir%\Network Diagnostic\xpnetdiag.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50809
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Wyzo
Chemin d'accès : C:\Program Files\Wyzo\wyzo.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50808
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2009-09-26 10:34:41
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (20%) free of 76 GB
Total RAM: 759 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:09, on 26/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\System32\alg.exe
C:\windows\explorer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\documents and settings\admin\local settings\application data\irlwwbcm.exe
C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\admin\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Max France Toolbar - {fe37be35-b028-49f9-bb0c-6a38c4e55b97} - C:\Program Files\P2P_Max_France\tbP2P1.dll (file missing)
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [irlwwbcm] "c:\documents and settings\admin\local settings\application data\irlwwbcm.exe" irlwwbcm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.11\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/FR/TechConsole/x86/RescueControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Service Windows Live Contrôle parental (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
info.txt logfile of random's system information tool 1.06 2009-09-26 10:35:25
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11.5-->C:\WINDOWS\system32\Adobe\uninstaller.exe
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
ConsumerUpdate-->MsiExec.exe /I{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Favorit-->"c:\documents and settings\admin\local settings\application data\irlwwbcm.exe" -uninstall
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lexmark 2300 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgUNST.EXE -NOLICENSE
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Movavi VideoSuite 7-->MsiExec.exe /I{8EA74A1B-33A8-4FC3-B18F-54EA9689A497}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
RON Too1 Cpmsky-->C:\WINDOWS\system32\jqoovljhpr.exe
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
TechSmith EnSharpen-->C:\Program Files\TechSmith\EnSharpen\UNWISE.EXE /U /Z "C:\Program Files\TechSmith\EnSharpen\INSTALL.LOG"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Security center information======
AV: avast! antivirus 4.8.1356 [VPS 090926-0]
======System event log======
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Generate Activation Context a échoué pour c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Message d'erreur de référence : Opération réussie.
.
Record Number: 5701
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT.
Message d'erreur de référence : Erreur d'analyse du fichier manifeste : un caractère non valide a été trouvé dans le contenu du texte.
.
Record Number: 5700
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 58
Message: Erreur de syntaxe dans le fichier manifeste ou le fichier de stratégie "C:\windows\WinSxS\Policies\x86_Policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.3053.policy" à la ligne 0.
Record Number: 5699
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Generate Activation Context a échoué pour c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll.
Message d'erreur de référence : Opération réussie.
.
Record Number: 5698
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT.
Message d'erreur de référence : Erreur d'analyse du fichier manifeste : un caractère non valide a été trouvé dans le contenu du texte.
.
Record Number: 5697
Source Name: SideBySide
Time Written: 20090923172601.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 5
Source Name: SecurityCenter
Time Written: 20090916162543.000000+120
Event Type: Informations
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 4
Source Name: SecurityCenter
Time Written: 20090916145206.000000+120
Event Type: Informations
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1001
Message: Détecteur d'erreurs 1180947459.
Record Number: 3
Source Name: Application Hang
Time Written: 20090916114257.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1002
Message: Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Record Number: 2
Source Name: Application Hang
Time Written: 20090916114251.000000+120
Event Type: erreur
User:
Computer Name: ADMIN-E67E872B1
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 1
Source Name: SecurityCenter
Time Written: 20090916113428.000000+120
Event Type: Informations
User:
=====Security event log=====
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Assistance à distance
Chemin d'accès : %windir%\system32\sessmgr.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50812
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Dnode
Chemin d'accès : C:\WINDOWS\system32\scvhost.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50811
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : 2300 Series
Chemin d'accès : C:\WINDOWS\system32\lxcgcoms.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50810
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Diagnostics du réseau pour Windows XP
Chemin d'accès : %windir%\Network Diagnostic\xpnetdiag.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50809
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
Computer Name: ADMIN-E67E872B1
Event Code: 849
Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré.
Origine de la stratégie : Stratégie locale
Profil utilisé : Standard
Nom : Wyzo
Chemin d'accès : C:\Program Files\Wyzo\wyzo.exe
État : Activé
Étendue : Tous les sous-réseaux
Record Number: 50808
Source Name: Security
Time Written: 20090921213022.000000+120
Event Type: Succès de l'audit
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2009-09-26 10:34:41
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (20%) free of 76 GB
Total RAM: 759 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:09, on 26/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\System32\alg.exe
C:\windows\explorer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\documents and settings\admin\local settings\application data\irlwwbcm.exe
C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\admin\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Max France Toolbar - {fe37be35-b028-49f9-bb0c-6a38c4e55b97} - C:\Program Files\P2P_Max_France\tbP2P1.dll (file missing)
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [irlwwbcm] "c:\documents and settings\admin\local settings\application data\irlwwbcm.exe" irlwwbcm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\admin\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.11\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/FR/TechConsole/x86/RescueControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Service Windows Live Contrôle parental (fsssvc) - Unknown owner - C:\Program Files\Windows Live\Family Safety\fsssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
26 sept. 2009 à 12:57
26 sept. 2009 à 12:57
salut
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
demonwar
Messages postés
7
Date d'inscription
vendredi 25 septembre 2009
Statut
Membre
Dernière intervention
11 mars 2010
26 sept. 2009 à 19:48
26 sept. 2009 à 19:48
voila
-- Changelog ToolBar S&D --
==================================
Upd: December 21, 2008 ( v 1.2.8 )
==================================
"%ProgramFiles%\Mozilla Firefox\searchplugins\crawlersrch.xml"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-
Folder : Smart-Shopper
==================================
Upd: December 19, 2008 ( v 1.2.7 )
==================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dealio Toolbar 3.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Settings]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiweeHook"=-
# [Service] ASKService
# [Service] ASKUpgrade
Folder : Kiwee Toolbar
==================================
Upd: December 4, 2008 ( v 1.2.6 )
==================================
"%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll"
"%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]
==================================
Upd: November 20, 2008 ( v 1.2.5 )
==================================
"%Windir%\Downloaded Program Files\ZangoInstaller.dll"
Folder : M3Development_WhenUSave_Installer
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller]
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller.1]
[-HKEY_CLASSES_ROOT\TypeLib\{ff0312e0-f60c-4109-94b8-0a564a58e43b}]
[-HKEY_CLASSES_ROOT\Interface\{a077a462-0b6c-43bd-af09-5e55a0cc902c}]
[-HKEY_CLASSES_ROOT\CLSID\{99410cde-6f16-42ce-9d49-3807f78f0287}]
[-HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\Accoona Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b5146c40-189a-4311-bda9-fbae3e023187}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
"{b5146c40-189a-4311-bda9-fbae3e023187}"=-
==================================
Upd: October 27, 2008 ( v 1.2.4 )
==================================
# Other infection
==================================
Upd: October 23, 2008 ( v 1.2.3 )
==================================
# Other infection
==================================
Upd: October 4, 2008 ( v 1.2.2 )
==================================
Folder : alot
Folder : baidu
Folder : Starware381
"%ProgramFiles%\Mozilla Firefox\plugins\NPAskSBr.dll"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware381]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_CLASSES_ROOT\Interface\{92b82580-b1d5-4528-8b42-35526141a4d0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}"=-
[-HKEY_CURRENT_USER\SOFTWARE\starware381]
[-HKEY_CURRENT_USER\SOFTWARE\starware354]
===================================
Upd: September 24, 2008 ( v 1.2.1 )
===================================
"%Windir%\system32\iiyrelekeynmmfbh.dll"
Folder : AskBarDis
Folder : 2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[-HKEY_CLASSES_ROOT\coresrv.coreservices]
[-HKEY_CLASSES_ROOT\coresrv.coreservices.1]
[-HKEY_CLASSES_ROOT\coresrv.lfgax]
[-HKEY_CLASSES_ROOT\coresrv.lfgax.1]
[-HKEY_CLASSES_ROOT\hbmain.commband]
[-HKEY_CLASSES_ROOT\hbr.hbmain.1]
[-HKEY_CLASSES_ROOT\hostol.mailanim]
[-HKEY_CLASSES_ROOT\hostol.mailanim.1]
[-HKEY_CLASSES_ROOT\hostol.webmailsend]
[-HKEY_CLASSES_ROOT\hostol.webmailsend.1]
[-HKEY_CLASSES_ROOT\instie.hbinstobj]
[-HKEY_CLASSES_ROOT\instie.hbinstobj.1]
[-HKEY_CLASSES_ROOT\srv.coreservices]
[-HKEY_CLASSES_ROOT\srv.coreservices.1]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl.1]
[-HKEY_CLASSES_ROOT\zango.desktopflash]
[-HKEY_CLASSES_ROOT\zango.desktopflash.1]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector.1]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles.1]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
[-HKEY_CLASSES_ROOT\asapcom.asapclass]
[-HKEY_CLASSES_ROOT\asapcom.asapclass.1]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmain]
[-HKEY_CLASSES_ROOT\asapcom.asapmain.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage.1]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients.1]
[-HKEY_CLASSES_ROOT\xml.xml]
[-HKEY_CLASSES_ROOT\xml.xml.1]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch.1]
[-HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b}]
[-HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9}]
[-HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184}]
[-HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e}]
[-HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8}]
[-HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d}]
[-HKEY_CLASSES_ROOT\CLSID\{f80c1d93-0d22-436e-963e-9d3156997a4e}]
[-HKEY_CLASSES_ROOT\CLSID\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d}]
[-HKEY_CLASSES_ROOT\CLSID\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf}]
[-HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7}]
[-HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54}]
[-HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67}]
[-HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e}]
[-HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959}]
[-HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e}]
[-HKEY_CLASSES_ROOT\CLSID\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e}]
[-HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387}]
[-HKEY_CLASSES_ROOT\CLSID\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_CLASSES_ROOT\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554}]
[-HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603}]
[-HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5}]
[-HKEY_CLASSES_ROOT\TypeLib\{ad71e48f-6f47-4b63-9312-fae879541c4d}]
[-HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189}]
[-HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6}]
[-HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb}]
[-HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc}]
[-HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad}]
[-HKEY_CLASSES_ROOT\Typelib\{dd1cb2d7-161d-4b84-ae5c-08d3faed894f}]
[-HKEY_CLASSES_ROOT\TypeLib\{9720de03-5820-4059-b4a4-639d5e52bd09}]
[-HKEY_CLASSES_ROOT\Typelib\{45397063-d7d0-47c2-9508-26487608a298}]
[-HKEY_CLASSES_ROOT\Typelib\{71e9cf40-af72-4b55-bd3f-1fea2a0eaea6}]
[-HKEY_CLASSES_ROOT\Typelib\{b9f51d42-cca0-4408-bb02-d433d1865a3a}]
[-HKEY_CLASSES_ROOT\Typelib\{f8ee014f-b34c-4544-8e45-95a7971d323b}]
[-HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb}]
[-HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10}]
[-HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771}]
[-HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce}]
[-HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd}]
[-HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091}]
[-HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13}]
[-HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806}]
[-HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392}]
[-HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19}]
[-HKEY_CLASSES_ROOT\Interface\{1985fce1-4043-4346-ae70-d0a0cd90bdd3}]
[-HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0}]
[-HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a}]
[-HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f}]
[-HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b}]
[-HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f}]
[-HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791}]
[-HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f}]
[-HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c}]
[-HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e}]
[-HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1}]
[-HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9}]
[-HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619}]
[-HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299}]
[-HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3}]
[-HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689}]
[-HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627}]
[-HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99}]
[-HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8}]
[-HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9}]
[-HKEY_CLASSES_ROOT\Interface\{397a208b-3d09-4b3e-93e8-ca171886612e}]
[-HKEY_CLASSES_ROOT\Interface\{421745e9-16df-4ee4-a758-d51f939c49cb}]
[-HKEY_CLASSES_ROOT\Interface\{4331ec56-0aab-499e-8757-dd2ee44ad671}]
[-HKEY_CLASSES_ROOT\Interface\{54286c3a-e044-4e65-bd44-528d6ae28a18}]
[-HKEY_CLASSES_ROOT\Interface\{5f2b9de7-f878-4762-8cfe-e9c58f082f0e}]
[-HKEY_CLASSES_ROOT\Interface\{8654592e-952a-4e7c-a960-304763b35fa6}]
[-HKEY_CLASSES_ROOT\Interface\{8e98faf8-794f-47f9-af90-15305564ed81}]
[-HKEY_CLASSES_ROOT\Interface\{bc8c2e5f-d8b4-4997-bce3-8775c3707956}]
[-HKEY_CLASSES_ROOT\Interface\{d082721f-4bd4-4b8b-bb82-06753ee6174f}]
[-HKEY_CLASSES_ROOT\Interface\{d24f9d3c-5d4c-47f8-9ab7-632b44ad6a0d}]
[-HKEY_CLASSES_ROOT\Interface\{f43ec88b-b6c8-4969-a763-e2bf55602cce}]
[-HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb}]
[-HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181}]
[-HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e}]
[-HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9}]
[-HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e}]
[-HKEY_CLASSES_ROOT\AppID\{dbf00e12-281c-4dc8-a7ec-1ff45182439b}]
[-HKEY_CLASSES_ROOT\AppID\ZangoSA_df.exe]
[-HKEY_CLASSES_ROOT\AppID\{0507fdde-f3b7-49f5-9e8f-c557e991f39b}]
[-HKEY_CLASSES_ROOT\AppID\WeatherOnTray.EXE]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{014da6cb-189f-421a-88cd-07cfe51cff10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]
[-HKEY_CURRENT_USER\SOFTWARE\zangosa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\zango]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{6cfbd76d-7a06-26a5-076f-24c6af0b5257}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{944864a5-3916-46e2-96a9-a2e84f3f1208}"=-
===================================
Upd: September 14, 2008 ( v 1.2.0 )
===================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWay Search Assistant]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}]
[-HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75}]
===================================
Upd: September 13, 2008 ( v 1.1.9 )
===================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"=-
===================================
Upd: September 7, 2008 ( v 1.1.8 )
===================================
Folder : Multi_Media
Folder : Multi_Media_France
Folder : MultiMedia France Toolbar
Firefox Extension : {7009fcd4-05be-44f4-9583-93fe419ab7b0}
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar]
===================================
Upd: September 4, 2008 ( v 1.1.7 )
===================================
"%Windir%\system32\nslFC.dll"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{914f1f82-eab1-874f-1284-6a9136e6d163}]
===================================
Upd: August 30, 2008 ( v 1.1.6 )
===================================
"%Windir%\System32\dmubsi.dll"
"%Windir%\System32\dspvfx.dll"
"%Temp%\ns*.tmp"
"%Temp%\whenu.ini"
"%Temp%\banner.bmp"
"%Temp%\VVSNInst.exe"
"%Temp%\730.WUT\whenu.inf"
"%Temp%\730.WUT\vvsn.cab"
"%Temp%\WUS3E.bat"
"%ProgramFiles%\Torrent Search"
"%ProgramFiles%\Torrent-Search"
"%Programs%\Torrent Search"
"%Desktop%\Torrent Search.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0c7b854-d5ce-4db6-9804-be1438603d89}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24D0D7D2-1D72-4ADA-82DE-AE07910CA084}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D1F87E7-4D72-41AB-9D57-D101A08F20E5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DAC4A72-BA26-4329-B66E-8D973035B524}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9D5EA38-F5A0-456B-B05B-DFF81FBFEF0F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{678DB4CC-A041-4565-B49B-3F5ADE9558E3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{78E4BE47-F8C7-405E-87A6-84F4ABAB32EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dmubsw.clsdll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Torrent Search]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Rasmpc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torrent Search]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-
Folder : AskBarFr
================================
Maj/Upd : 26/08/2008 ( v 1.1.5 )
================================
Folder : Platrium
Folder : PlatriumSA
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B12ACA14-C7FB-44FE-883B-6121FD02BAD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Platrium]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D53E4ACF-EDF5-4071-903B-F84B64FC1EA2}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlatriumWeather"=-
"PlatriumSA"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Platrium]
[-HKEY_CLASSES_ROOT\clsid\{d53e4acf-edf5-4071-903b-f84b64fc1ea2}]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock.1]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
================================
Maj/Upd : 24/08/2008 ( v 1.1.4 )
================================
Folder : AskPBar
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F4D76F09-7896-458a-890F-E1F05C46069F}"=-
================================
Maj/Upd : 22/08/2008 ( v 1.1.3 )
================================
Folder : Burn4Free
Folder : Burn4Free CD and DVD
"%Windir%\Burn4Free_Toolbar_Uninstaller_????.exe"
"%Windir%\Prefetch\BURN4FREE_SETUP.EXE*.pf"
"%Windir%\Prefetch\BURN4FREE.EXE*.pf"
"%Windir%\System32\b4fm.dll"
"%Common Desktop%\Burn4Free.lnk"
"%Desktop%\burn4free_setup.exe"
"%Appdata%\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.b4f]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\b4fm.SxContextMenu1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Burn4Free project]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search settings 1.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Burn4Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-
[-HKEY_CURRENT_USER\Software\Burn4Free]
[-HKEY_CLASSES_ROOT\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_CLASSES_ROOT\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_CLASSES_ROOT\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_CLASSES_ROOT\Burn4Free project]
[-HKEY_CLASSES_ROOT\b4fm.SxContextMenu1]
[-HKEY_CLASSES_ROOT\.b4f]
Processus - Burn4Free.exe
================================
Maj/Upd : 21/08/2008 ( v 1.1.2 )
================================
Folder : DAEMON Tools Toolbar
Folder : Bit Lord 1.1
Folder : BitLord
Folder : VVSN
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BitLord.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bittorrent]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BitLordUnfinishedFile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bc!]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitLord]
[-HKEY_CURRENT_USER\Software\BitLord]
[-HKEY_CLASSES_ROOT\bittorrent]
[-HKEY_CLASSES_ROOT\BitLordUnfinishedFile]
[-HKEY_CLASSES_ROOT\.bc!]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VVSN"=-
Processus - BitLord.exe
Processus - vvsn.exe
================================
Maj/Upd : 20/08/2008 ( v 1.1.1 )
================================
Reset values :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Window Title"=""
================================
Maj/Upd : 19/08/2008 ( v 1.1.0 )
================================
# [Service] MyWebSearchService
Folder : Accoona
Folder : ActiveShopper
Folder : ADS Plugins
Folder : Adssite Advanced Toolbar
Folder : Adssite Games Collection
Folder : Adult-Links
Folder : AdvancedTool
Folder : AltNet
Folder : AntivirusGold
Folder : AskSBar
Folder : AskTBar
Folder : Browser Accelerator
Folder : Browser Optimizer Dcads
Folder : Browser Optimizer Superiorads
Folder : BrowsingAdvisor
Folder : BrowsingEnhancer
Folder : BrowsingProgram
Folder : BrowsingSoftware
Folder : BrowsingTool
Folder : Burn4Free Toolbar
Folder : ContextAdvisor
Folder : ContextEnhancer
Folder : ContextProgram
Folder : ContextTool
Folder : Crawler
Folder : Dcads Advanced Toolbar
Folder : Dcads Games Collection
Folder : Dealio
Folder : DR_S
Folder : dynamic toolbar
Folder : ErrorsTool
Folder : EZshopper
Folder : FastFinder
Folder : FBrowserAdvisor
Folder : FBrowsingAdvisor
Folder : FFTOOLBAR ToolBar
Folder : Flyordie_games
Folder : FunWebProducts
Folder : Fun Web Products
Folder : GamesBar
Folder : Gossiper
Folder : Hbtools
Folder : HbTools_Icons
Folder : Hotbar
Folder : HotbarSA
Folder : INSTAFIN
Folder : INSTAFINK
Folder : Instant Buzz
Folder : IntelligentAdvisor
Folder : InternetProgram
Folder : InternetSoftware
Folder : ISTbar
Folder : IstSvc
Folder : KaZaA
Folder : Kugoo
Folder : live-online-tv
Folder : Mirar
Folder : Morpheus Toolbar
Folder : My Downloaded Games
Folder : MyGlobalSearch
Folder : MyQuickSearch
Folder : MySearch
Folder : MyToolbar
Folder : MyTotalSearch
Folder : Myway
Folder : MyWaySA
Folder : MyWaySearch
Folder : MyWebSearch
Folder : MyWebSearchWB
Folder : PlayMP3z
Folder : NavExcel
Folder : NavExcel Search Toolbar
Folder : NavigationAdvisor
Folder : NavigationEnhancer
Folder : NavigationProgram
Folder : NavigationTool
Folder : Need2Find
Folder : Online_TV_toolbar
Folder : PageRevisor
Folder : PCHealthCenter
Folder : Piolet
Folder : Piolet Toolbar
Folder : Push toolbar
Folder : P2P_Energy
Folder : P2P Networking
Folder : P2P_Torrent
Folder : Rax Search
Folder : RXToolbar
Folder : Sbar Toolbar
Folder : SearchEssistant
Folder : searchessistant toolbar
Folder : SearchSettings
Folder : Search Settings
Folder : Seekmo
Folder : Seekmo Programs
Folder : seekmo search assistant
Folder : ShopNav
Folder : Shopper Report
Folder : ShopperReports
Folder : ShoppingReport
Folder : SideFind
Folder : SLMSS
Folder : Slotchbar
Folder : SmartShopper
Folder : Snrg
Folder : SpamBlockerUtility
Folder : Starware
Folder : Starware305
Folder : Starware316
Folder : Starware343
Folder : Starware347
Folder : Starware354
Folder : Starware370
Folder : Starware390
Folder : StatsTool
Folder : SurfAccuracy
Folder : ToolBar888
Folder : TrustIn Bar
Folder : Try2Find
Folder : UCmore
Folder : VMNToolbar
Folder : VSAdd-in
Folder : VS Toolbar
Folder : WeatherDPA
Folder : WeatherStudio
Folder : WhenU
Folder : WinAble
Folder : Wssclient
Folder : XXXToolbar
Folder : YourSiteBar
Folder : Zango
Folder : 2020Search
Folder : 7Search
Folder : 8848
"%Systemdrive%\dfndr.exe"
"%Systemdrive%\dfndrff_7.exe"
"%Systemdrive%\kybrd.exe"
"%Systemdrive%\kybrdff_7.exe"
"%Systemdrive%\nwnm.exe"
"%Windir%\adrsb.exe"
"%Windir%\autolfn.exe"
"%Windir%\azentretien.dll"
"%Windir%\CJet.exe"
"%Windir%\csrss.exe"
"%Windir%\dpvsetup.exe"
"%Windir%\dsndup.exe"
"%Windir%\gxvpsafm.dll"
"%Windir%\iewww.exe"
"%Windir%\iun6002.exe"
"%Windir%\label.exe"
"%Windir%\lasss.exe"
"%Windir%\mdm.exe"
"%Windir%\mmc.exe"
"%Windir%\mshepl.exe"
"%Windir%\mshta.exe"
"%Windir%\mssetup.exe"
"%Windir%\msswchx.exe"
"%Windir%\mstask.exe"
"%Windir%\netdde.exe"
"%Windir%\nne.bin"
"%Windir%\nnv.bin"
"%Windir%\nnmgr.dat"
"%Windir%\nnmgr.exe"
"%Windir%\nnmgr.ocx"
"%Windir%\ntvdm.exe"
"%Windir%\omi.dll"
"%Windir%\osk.exe"
"%Windir%\redirect7.exe"
"%Windir%\sbar.dll"
"%Windir%\sfita.exe"
"%Windir%\smdat32a.sys"
"%Windir%\smdat32m.sys"
"%Windir%\smss.exe"
"%Windir%\spoolsv.exe"
"%Windir%\sptsupd.exe"
"%Windir%\subst.exe"
"%Windir%\svchost.exe"
"%Windir%\SYSfit.exe"
"%Windir%\ups.exe"
"%Windir%\waladhpr.exe"
"%Windir%\w32tm.exe"
"%Windir%\xcopy.exe"
"%Windir%\System\mdc.dll"
"%Windir%\System32\adrot-uninst.exe"
"%Windir%\System32\adrotate.dll"
"%Windir%\System32\adrotate1.dll"
"%Windir%\System32\adspipe.dll"
"%WinDir%\system32\adssite-remove.exe"
"%WinDir%\system32\adssite_sidebar.dll"
"%WinDir%\system32\adssite_sidebar_uninstall.exe"
"%Windir%\System32\adv.dll"
"%Windir%\System32\azesearch4.ocx"
"%Windir%\System32\brrotate.dll"
"%Windir%\System32\ca2.dll"
"%Windir%\System32\cpmrotate.dll"
"%Windir%\System32\czuehf.exe"
"%Windir%\System32\Dcads-remove.exe"
"%WinDir%\system32\dcads_sidebar.dll"
"%WinDir%\system32\dcads_sidebar_uninstall.exe"
"%Windir%\System32\DcadsSocial-uninstall.exe"
"%WinDir%\system32\dcadssuggest.dll"
"%Windir%\System32\eplaceSearch.dll"
"%Windir%\System32\ewxcksr.exe"
"%Windir%\System32\fufudc.exe"
"%Windir%\System32\f3PSSavr.scr"
"%Windir%\System32\globobar.ocx"
"%Windir%\System32\gzmrotate.dll"
"%WinDir%\system32\gzmrt.dll"
"%Windir%\System32\ha3f.exe"
"%Windir%\System32\hookdump.exe"
"%Windir%\System32\HyperLinker3.exe"
"%Windir%\System32\iasad.dll"
"%Windir%\System32\iasada.dll"
"%Windir%\System32\jbhbolcl.exe"
"%Windir%\System32\kcnzrop6.exe"
"%Windir%\System32\lmdv.bin"
"%Windir%\System32\lmf32v.dll"
"%Windir%\System32\mnopdb.exe"
"%Windir%\System32\mwsvm.exe"
"%Windir%\System32\mwsvm.ocx"
"%WinDir%\system32\mysidesearch_sidebar_uninstall.exe"
"%WinDir%\system32\mysidesearch_sidebar.dll"
"%WinDir%\system32\ninjaext-uninstall.exe"
"%Windir%\System32\nodeipproc.dll"
"%Windir%\System32\nss2C.dll"
"%Windir%\System32\nslFC.dll"
"%Windir%\System32\otpddpea5.dll"
"%Windir%\System32\PreUninstall.exe"
"%Windir%\System32\PreUninstallFF.exe"
"%Windir%\System32\p2p.exe"
"%Windir%\System32\P2P Networking"
"%Windir%\system32\QaBar.dll"
"%Windir%\system32\QcBar.dll"
"%Windir%\System32\ra8pv.exe"
"%WinDir%\system32\rightonadz-uninst.exe"
"%Windir%\System32\ShowFF.exe"
"%Windir%\System32\SmartShopper"
"%WinDir%\system32\sprt_ads.dll"
"%WinDir%\system32\superiorads-uninst.exe"
"%Windir%\System32\syssfitb.dll"
"%Windir%\System32\tbc.dll"
"%Windir%\System32\TopSearch.dll"
"%Windir%\System32\tubby.dll"
"%Windir%\System32\uninst.exe"
"%Windir%\System32\uninst.log"
"%Windir%\System32\uninsticn.exe"
"%Windir%\System32\vtlbar1.dll"
"%Windir%\system32\WinATS.dll"
"%Windir%\System32\WinDmy.dll"
"%Windir%\System32\WinNB*.dll"
"%Windir%\System32\winnook.exe"
"%Windir%\System32\zolk.dll"
"%Windir%\System32\zolker005.dll"
"%Windir%\System32\zolker009.dll"
"%Windir%\System32\zolker010.dll"
"%Windir%\System32\zolker011.dll"
"%Windir%\System32\ztoolb005.dll"
"%Windir%\System32\ztoolb006.dll"
"%Windir%\System32\ztoolb010.dll"
"%Windir%\System32\ztoolber.dll"
"%Windir%\system32\{0936fcf1-60ca-f7bf-5899-d2dbff2fa288}.dll"
"%Windir%\system32\SearchTool\nsu9F8.dll"
"%Windir%\system32\SearchTool\SearchTool.dll"
"%Windir%\System32\drivers\ csrss.exe"
"%Windir%\System32\Macromed\Flash\FlashPlayerTrust\activeshopper.cfg"
"%Fonts%\acrsec.fon"
"%Fonts%\acrsecB.fon"
"%Fonts%\acrsecI.fon"
"%Windir%\Downloaded Program Files\dotcomtoolbar.asp"
"%Windir%\Downloaded Program Files\hbtools.inf"
"%Windir%\Downloaded Program Files\hotbar.inf"
"%Windir%\Downloaded Program Files\instafin.dll"
"%Windir%\Downloaded Program Files\istactivex.dll"
"%Windir%\Downloaded Program Files\logo.bmp"
"%Windir%\Downloaded Program Files\logo.gif"
"%Windir%\Downloaded Program Files\logo2.gif"
"%Windir%\Downloaded Program Files\MirarSetup.exe"
"%Windir%\Downloaded Program Files\mwsearch.dll"
"%Windir%\Downloaded Program Files\MySearch.CAB"
"%Windir%\Downloaded Program Files\nav.bmp"
"%Windir%\Downloaded Program Files\nav_hot.bmp"
"%Windir%\Downloaded Program Files\toolbar_nieuw14.dll"
"%Windir%\Downloaded Program Files\ysbactivex.dll"
"%Windir%\downloaded program files\webp2pinstaller.dll"
"%Programfiles%\Internet Explorer\msimg32.dll"
"%programfiles%\internet explorer\setup.exe"
"%Programfiles%\Mozilla Firefox\plugins\NPMyWebS.dll"
"%ProgramFiles%\MSN Messenger\msimg32.dll"
"%ProgramFiles%\MSN Messenger\riched20.dll"
"%ProgramFiles%\ieshnv.ini"
"%ProgramFiles%\ieshnv.bmp"
"%ProgramFiles%\ieshnv.dat"
"%ProgramFiles%\ieshnv.lng"
"%Temp%\ASearchAssist.dll"
"%Temp%\ICD1.tmp"
"%Temp%\ISTbar.dll"
"%Temp%\is-B3DFI.tmp"
"%Temp%\mc*.tmp"
"%Temp%\mit3.tmp"
"%Temp%\mit3.tmp.cab"
"%Temp%\TBQuiesceKB.exe"
"%Temp%\sidefind.exe"
"%Temp%\s11k..exe"
"%Temp%\tem*.tmp.exe"
"%Temp%\11-9df8e247b1ab6e4ea9303b15294a3428.exe"
"%Temp%\875455-NOSB.exe"
"%Temp%\Random_Folder\Toolbar.exe"
"%Personal%\work7\load03.exe"
"%Personal%\work7\loadppc.exe"
"%Startup%\MyTotalSearch Email Plugin.lnk"
"%Startup%\MyWebSearch Email Plugin.lnk"
"%Desktop%\atoolbar200002.exe"
"%Desktop%\DealioKit127.exe"
"%Desktop%\m00.exe"
"%Desktop%\SetupActiv.exe"
"%Desktop%\sportsinteraction.com - bet on sports!.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04011C11-2F3B-44ed-977C-270CA669C6B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E677221-E309-4341-81BD-3CC3018BF5B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C4ECE5C-7CB8-36C5-6F3B-D414CE8F8E22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10F3E8BD-257A-4702-A2F5-DC02055B068C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D9362F8-77D8-4b29-97B5-621D550890C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD44D3E-7316-4251-B754-9B10EC96AF92}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C90A5E-BE0A-44DD-83D2-1BE138460BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D80C4E21-C346-4E21-8E64-20746AA20AEB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E60A8FF7-B9B4-8ABC-10E8-10F2461DFA50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{391C0909-C026-3B63-FFDB-93FFF4E81675}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D93B3CA5-6552-0DAA-353B-FB9D4F20B168}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B8AE75C-A139-558A-AB5B-5F07BC2FD566}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5bf48cbf-6ca5-495a-c3f9-0574983d4eb2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14b3d246-6274-40b5-8d50-6c2ade2ab29b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2a8a997f-bb9f-48f6-aa2b-2762d50f9289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4035DE1B-D54A-411E-9EE7-923295D2E86E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C6C4BA2-1646-0F3A-1FAE-B393C162C92E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-90F0-F66AB581A933}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-DCF7-F96DA086B434}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-86FF-FD60BB9AAE3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed7d3de-6dbe-4516-8712-01b1b64b7057}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CFEE306-E014-48A4-876D-06FF09EBB0F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-436325722327}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A6E50DC-BFA8-4B40-AB1B-159E03E829FD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7475D3FD-5D85-49DB-8B9B-6968467B2D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74CC49F7-EB32-4A08-B204-948962A6E3DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{753B9349-7E46-4E5C-A27F-A60A6BF1EAB5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{832BEBED-C3DA-4534-A2C2-B2FFF220C820}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87E68009-29A8-D669-F7C2-B31D08635C50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-4D54434D5443}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-76746C56544C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF7E9EBB-E1CF-7F7C-C608-13185698F3E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5F3970B-745E-46AC-B890-E08F69777D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B886C1F4-D1D3-45F5-F45E-75EB024320AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6FC35D1-04AB-4D40-94CF-2E5AE4D0F8D2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4D1D56C-3EC9-2F5D-FAA3-4112CCDD61DC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E82E0739-0AAE-4E99-9052-B40F7DABFA34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65b197f-8260-4d52-909a-f70118e646eb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8EACE56-0AF4-3AE3-6EF8-F8CC39675729}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2BA1C226-EC1B-4471-A65F-D0688AC6EE3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-46a1-83b8-bd2ae6d9fa2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F17C005-7BF0-4f13-8473-F3C3D2619DBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDDF3383-EC5F-49DF-A8B6-CEC2D8F6164C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7C559105-9ECF-42B8-B3F7-832E75EDD959}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F1ABCDB-A875-46C1-8345-B72A4567E483}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CODE Store Database\Distribution Units\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{79B96C72-C0D0-4DC8-BC7E-9F314A918228}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C109664B-CEB1-420B-B353-D55A561536DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4c3a-B38E-9654A7003239}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{119DBEDA-9c41-4F97-94B4-B6BCD01133CF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88E50F1D-4790-4C6B-BEE3-D54E46B6EEF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{066040F0-5018-4E15-8AA0-81D36136D989}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{3EA5C408-2437-4c40-ADAC-DFDA9AEEEA96}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Expl
-- Changelog ToolBar S&D --
==================================
Upd: December 21, 2008 ( v 1.2.8 )
==================================
"%ProgramFiles%\Mozilla Firefox\searchplugins\crawlersrch.xml"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-
Folder : Smart-Shopper
==================================
Upd: December 19, 2008 ( v 1.2.7 )
==================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dealio Toolbar 3.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Settings]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23A287DB-449A-462F-BDE1-8635A61671CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiweeHook"=-
# [Service] ASKService
# [Service] ASKUpgrade
Folder : Kiwee Toolbar
==================================
Upd: December 4, 2008 ( v 1.2.6 )
==================================
"%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll"
"%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}]
==================================
Upd: November 20, 2008 ( v 1.2.5 )
==================================
"%Windir%\Downloaded Program Files\ZangoInstaller.dll"
Folder : M3Development_WhenUSave_Installer
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller]
[-HKEY_CLASSES_ROOT\zangoinstaller.zangoinstaller.1]
[-HKEY_CLASSES_ROOT\TypeLib\{ff0312e0-f60c-4109-94b8-0a564a58e43b}]
[-HKEY_CLASSES_ROOT\Interface\{a077a462-0b6c-43bd-af09-5e55a0cc902c}]
[-HKEY_CLASSES_ROOT\CLSID\{99410cde-6f16-42ce-9d49-3807f78f0287}]
[-HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\Accoona Search]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b5146c40-189a-4311-bda9-fbae3e023187}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
"{b5146c40-189a-4311-bda9-fbae3e023187}"=-
==================================
Upd: October 27, 2008 ( v 1.2.4 )
==================================
# Other infection
==================================
Upd: October 23, 2008 ( v 1.2.3 )
==================================
# Other infection
==================================
Upd: October 4, 2008 ( v 1.2.2 )
==================================
Folder : alot
Folder : baidu
Folder : Starware381
"%ProgramFiles%\Mozilla Firefox\plugins\NPAskSBr.dll"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware381]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}]
[-HKEY_CLASSES_ROOT\Interface\{92b82580-b1d5-4528-8b42-35526141a4d0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BIE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{02496EBD-8455-48db-B3C7-5DAC97D9F5A7}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}"=-
[-HKEY_CURRENT_USER\SOFTWARE\starware381]
[-HKEY_CURRENT_USER\SOFTWARE\starware354]
===================================
Upd: September 24, 2008 ( v 1.2.1 )
===================================
"%Windir%\system32\iiyrelekeynmmfbh.dll"
Folder : AskBarDis
Folder : 2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[-HKEY_CLASSES_ROOT\coresrv.coreservices]
[-HKEY_CLASSES_ROOT\coresrv.coreservices.1]
[-HKEY_CLASSES_ROOT\coresrv.lfgax]
[-HKEY_CLASSES_ROOT\coresrv.lfgax.1]
[-HKEY_CLASSES_ROOT\hbmain.commband]
[-HKEY_CLASSES_ROOT\hbr.hbmain.1]
[-HKEY_CLASSES_ROOT\hostol.mailanim]
[-HKEY_CLASSES_ROOT\hostol.mailanim.1]
[-HKEY_CLASSES_ROOT\hostol.webmailsend]
[-HKEY_CLASSES_ROOT\hostol.webmailsend.1]
[-HKEY_CLASSES_ROOT\instie.hbinstobj]
[-HKEY_CLASSES_ROOT\instie.hbinstobj.1]
[-HKEY_CLASSES_ROOT\srv.coreservices]
[-HKEY_CLASSES_ROOT\srv.coreservices.1]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui]
[-HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl]
[-HKEY_CLASSES_ROOT\toolbar.toolbarctl.1]
[-HKEY_CLASSES_ROOT\zango.desktopflash]
[-HKEY_CLASSES_ROOT\zango.desktopflash.1]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector]
[-HKEY_CLASSES_ROOT\zangoax.clientdetector.1]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles]
[-HKEY_CLASSES_ROOT\zangoax.userprofiles.1]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
[-HKEY_CLASSES_ROOT\asapcom.asapclass]
[-HKEY_CLASSES_ROOT\asapcom.asapclass.1]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope]
[-HKEY_CLASSES_ROOT\asapcom.asapenvelope.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmain]
[-HKEY_CLASSES_ROOT\asapcom.asapmain.1]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage]
[-HKEY_CLASSES_ROOT\asapcom.asapmessage.1]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients]
[-HKEY_CLASSES_ROOT\asapcom.asaprecipients.1]
[-HKEY_CLASSES_ROOT\xml.xml]
[-HKEY_CLASSES_ROOT\xml.xml.1]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch]
[-HKEY_CLASSES_ROOT\asearchassist.adefaultsearch.1]
[-HKEY_CLASSES_ROOT\CLSID\{286e500c-ef0a-4aa3-a94d-e495f653ef4b}]
[-HKEY_CLASSES_ROOT\CLSID\{319260ab-be0c-4025-8569-7a27ed2faab9}]
[-HKEY_CLASSES_ROOT\CLSID\{8ac5bc54-b13b-4642-99f9-0baa2d116184}]
[-HKEY_CLASSES_ROOT\CLSID\{9809a6b4-70b1-4bb2-b3b5-b415763a534e}]
[-HKEY_CLASSES_ROOT\CLSID\{d5178f77-c5e6-4e8f-9787-48b5d7eccce8}]
[-HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d}]
[-HKEY_CLASSES_ROOT\CLSID\{f80c1d93-0d22-436e-963e-9d3156997a4e}]
[-HKEY_CLASSES_ROOT\CLSID\{1e5b2693-d348-4ca7-8364-4f5e51bf9c6d}]
[-HKEY_CLASSES_ROOT\CLSID\{2e54ac53-efa4-4831-a3f6-b47b1a1937cf}]
[-HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7}]
[-HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54}]
[-HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67}]
[-HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e}]
[-HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959}]
[-HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e}]
[-HKEY_CLASSES_ROOT\CLSID\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e}]
[-HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387}]
[-HKEY_CLASSES_ROOT\CLSID\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_CLASSES_ROOT\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554}]
[-HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603}]
[-HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5}]
[-HKEY_CLASSES_ROOT\TypeLib\{ad71e48f-6f47-4b63-9312-fae879541c4d}]
[-HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189}]
[-HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6}]
[-HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb}]
[-HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc}]
[-HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad}]
[-HKEY_CLASSES_ROOT\Typelib\{dd1cb2d7-161d-4b84-ae5c-08d3faed894f}]
[-HKEY_CLASSES_ROOT\TypeLib\{9720de03-5820-4059-b4a4-639d5e52bd09}]
[-HKEY_CLASSES_ROOT\Typelib\{45397063-d7d0-47c2-9508-26487608a298}]
[-HKEY_CLASSES_ROOT\Typelib\{71e9cf40-af72-4b55-bd3f-1fea2a0eaea6}]
[-HKEY_CLASSES_ROOT\Typelib\{b9f51d42-cca0-4408-bb02-d433d1865a3a}]
[-HKEY_CLASSES_ROOT\Typelib\{f8ee014f-b34c-4544-8e45-95a7971d323b}]
[-HKEY_CLASSES_ROOT\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb}]
[-HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10}]
[-HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771}]
[-HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce}]
[-HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd}]
[-HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091}]
[-HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13}]
[-HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806}]
[-HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392}]
[-HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19}]
[-HKEY_CLASSES_ROOT\Interface\{1985fce1-4043-4346-ae70-d0a0cd90bdd3}]
[-HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0}]
[-HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a}]
[-HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f}]
[-HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b}]
[-HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f}]
[-HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791}]
[-HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f}]
[-HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c}]
[-HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e}]
[-HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1}]
[-HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9}]
[-HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619}]
[-HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299}]
[-HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3}]
[-HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689}]
[-HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627}]
[-HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99}]
[-HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8}]
[-HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9}]
[-HKEY_CLASSES_ROOT\Interface\{397a208b-3d09-4b3e-93e8-ca171886612e}]
[-HKEY_CLASSES_ROOT\Interface\{421745e9-16df-4ee4-a758-d51f939c49cb}]
[-HKEY_CLASSES_ROOT\Interface\{4331ec56-0aab-499e-8757-dd2ee44ad671}]
[-HKEY_CLASSES_ROOT\Interface\{54286c3a-e044-4e65-bd44-528d6ae28a18}]
[-HKEY_CLASSES_ROOT\Interface\{5f2b9de7-f878-4762-8cfe-e9c58f082f0e}]
[-HKEY_CLASSES_ROOT\Interface\{8654592e-952a-4e7c-a960-304763b35fa6}]
[-HKEY_CLASSES_ROOT\Interface\{8e98faf8-794f-47f9-af90-15305564ed81}]
[-HKEY_CLASSES_ROOT\Interface\{bc8c2e5f-d8b4-4997-bce3-8775c3707956}]
[-HKEY_CLASSES_ROOT\Interface\{d082721f-4bd4-4b8b-bb82-06753ee6174f}]
[-HKEY_CLASSES_ROOT\Interface\{d24f9d3c-5d4c-47f8-9ab7-632b44ad6a0d}]
[-HKEY_CLASSES_ROOT\Interface\{f43ec88b-b6c8-4969-a763-e2bf55602cce}]
[-HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb}]
[-HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181}]
[-HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e}]
[-HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9}]
[-HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e}]
[-HKEY_CLASSES_ROOT\AppID\{dbf00e12-281c-4dc8-a7ec-1ff45182439b}]
[-HKEY_CLASSES_ROOT\AppID\ZangoSA_df.exe]
[-HKEY_CLASSES_ROOT\AppID\{0507fdde-f3b7-49f5-9e8f-c557e991f39b}]
[-HKEY_CLASSES_ROOT\AppID\WeatherOnTray.EXE]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab502149-ccf3-3f33-2241-84152b364b18}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bd937ffe-0352-4fde-88f2-c30d1a9b25cf}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{014da6cb-189f-421a-88cd-07cfe51cff10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE15}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e}]
[-HKEY_CURRENT_USER\SOFTWARE\zangosa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\zango]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{6cfbd76d-7a06-26a5-076f-24c6af0b5257}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{944864a5-3916-46e2-96a9-a2e84f3f1208}"=-
===================================
Upd: September 14, 2008 ( v 1.2.0 )
===================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWay Search Assistant]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}]
[-HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75}]
===================================
Upd: September 13, 2008 ( v 1.1.9 )
===================================
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"=-
===================================
Upd: September 7, 2008 ( v 1.1.8 )
===================================
Folder : Multi_Media
Folder : Multi_Media_France
Folder : MultiMedia France Toolbar
Firefox Extension : {7009fcd4-05be-44f4-9583-93fe419ab7b0}
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{7009fcd4-05be-44f4-9583-93fe419ab7b0}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar]
===================================
Upd: September 4, 2008 ( v 1.1.7 )
===================================
"%Windir%\system32\nslFC.dll"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{914f1f82-eab1-874f-1284-6a9136e6d163}]
===================================
Upd: August 30, 2008 ( v 1.1.6 )
===================================
"%Windir%\System32\dmubsi.dll"
"%Windir%\System32\dspvfx.dll"
"%Temp%\ns*.tmp"
"%Temp%\whenu.ini"
"%Temp%\banner.bmp"
"%Temp%\VVSNInst.exe"
"%Temp%\730.WUT\whenu.inf"
"%Temp%\730.WUT\vvsn.cab"
"%Temp%\WUS3E.bat"
"%ProgramFiles%\Torrent Search"
"%ProgramFiles%\Torrent-Search"
"%Programs%\Torrent Search"
"%Desktop%\Torrent Search.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0c7b854-d5ce-4db6-9804-be1438603d89}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24D0D7D2-1D72-4ADA-82DE-AE07910CA084}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D1F87E7-4D72-41AB-9D57-D101A08F20E5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DAC4A72-BA26-4329-B66E-8D973035B524}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9D5EA38-F5A0-456B-B05B-DFF81FBFEF0F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{678DB4CC-A041-4565-B49B-3F5ADE9558E3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{78E4BE47-F8C7-405E-87A6-84F4ABAB32EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dmubsw.clsdll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\HyperTerminal.HyperTerminalExt.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Torrent Search]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Rasmpc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torrent Search]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{e0c7b854-d5ce-4db6-9804-be1438603d89}"=-
Folder : AskBarFr
================================
Maj/Upd : 26/08/2008 ( v 1.1.5 )
================================
Folder : Platrium
Folder : PlatriumSA
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B12ACA14-C7FB-44FE-883B-6121FD02BAD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Platrium]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D53E4ACF-EDF5-4071-903B-F84B64FC1EA2}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlatriumWeather"=-
"PlatriumSA"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Platrium]
[-HKEY_CLASSES_ROOT\clsid\{d53e4acf-edf5-4071-903b-f84b64fc1ea2}]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock.1]
[-HKEY_CLASSES_ROOT\BRNstIE.Stock]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager]
[-HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1]
================================
Maj/Upd : 24/08/2008 ( v 1.1.4 )
================================
Folder : AskPBar
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F4D76F09-7896-458a-890F-E1F05C46069F}"=-
================================
Maj/Upd : 22/08/2008 ( v 1.1.3 )
================================
Folder : Burn4Free
Folder : Burn4Free CD and DVD
"%Windir%\Burn4Free_Toolbar_Uninstaller_????.exe"
"%Windir%\Prefetch\BURN4FREE_SETUP.EXE*.pf"
"%Windir%\Prefetch\BURN4FREE.EXE*.pf"
"%Windir%\System32\b4fm.dll"
"%Common Desktop%\Burn4Free.lnk"
"%Desktop%\burn4free_setup.exe"
"%Appdata%\Microsoft\Internet Explorer\Quick Launch\Burn4Free.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.b4f]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\b4fm.SxContextMenu1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Burn4Free project]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Burn4Free Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search settings 1.2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Burn4Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"=-
"{70DE7956-479D-4EB7-8641-2B45774C350E}"=-
[-HKEY_CURRENT_USER\Software\Burn4Free]
[-HKEY_CLASSES_ROOT\CLSID\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[-HKEY_CLASSES_ROOT\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
[-HKEY_CLASSES_ROOT\CLSID\{1C311AAA-D8B1-4A0A-BEE5-2387FEC583DA}]
[-HKEY_CLASSES_ROOT\Burn4Free project]
[-HKEY_CLASSES_ROOT\b4fm.SxContextMenu1]
[-HKEY_CLASSES_ROOT\.b4f]
Processus - Burn4Free.exe
================================
Maj/Upd : 21/08/2008 ( v 1.1.2 )
================================
Folder : DAEMON Tools Toolbar
Folder : Bit Lord 1.1
Folder : BitLord
Folder : VVSN
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BitLord.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bittorrent]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BitLordUnfinishedFile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bc!]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BitLord]
[-HKEY_CURRENT_USER\Software\BitLord]
[-HKEY_CLASSES_ROOT\bittorrent]
[-HKEY_CLASSES_ROOT\BitLordUnfinishedFile]
[-HKEY_CLASSES_ROOT\.bc!]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VVSN"=-
Processus - BitLord.exe
Processus - vvsn.exe
================================
Maj/Upd : 20/08/2008 ( v 1.1.1 )
================================
Reset values :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Window Title"=""
================================
Maj/Upd : 19/08/2008 ( v 1.1.0 )
================================
# [Service] MyWebSearchService
Folder : Accoona
Folder : ActiveShopper
Folder : ADS Plugins
Folder : Adssite Advanced Toolbar
Folder : Adssite Games Collection
Folder : Adult-Links
Folder : AdvancedTool
Folder : AltNet
Folder : AntivirusGold
Folder : AskSBar
Folder : AskTBar
Folder : Browser Accelerator
Folder : Browser Optimizer Dcads
Folder : Browser Optimizer Superiorads
Folder : BrowsingAdvisor
Folder : BrowsingEnhancer
Folder : BrowsingProgram
Folder : BrowsingSoftware
Folder : BrowsingTool
Folder : Burn4Free Toolbar
Folder : ContextAdvisor
Folder : ContextEnhancer
Folder : ContextProgram
Folder : ContextTool
Folder : Crawler
Folder : Dcads Advanced Toolbar
Folder : Dcads Games Collection
Folder : Dealio
Folder : DR_S
Folder : dynamic toolbar
Folder : ErrorsTool
Folder : EZshopper
Folder : FastFinder
Folder : FBrowserAdvisor
Folder : FBrowsingAdvisor
Folder : FFTOOLBAR ToolBar
Folder : Flyordie_games
Folder : FunWebProducts
Folder : Fun Web Products
Folder : GamesBar
Folder : Gossiper
Folder : Hbtools
Folder : HbTools_Icons
Folder : Hotbar
Folder : HotbarSA
Folder : INSTAFIN
Folder : INSTAFINK
Folder : Instant Buzz
Folder : IntelligentAdvisor
Folder : InternetProgram
Folder : InternetSoftware
Folder : ISTbar
Folder : IstSvc
Folder : KaZaA
Folder : Kugoo
Folder : live-online-tv
Folder : Mirar
Folder : Morpheus Toolbar
Folder : My Downloaded Games
Folder : MyGlobalSearch
Folder : MyQuickSearch
Folder : MySearch
Folder : MyToolbar
Folder : MyTotalSearch
Folder : Myway
Folder : MyWaySA
Folder : MyWaySearch
Folder : MyWebSearch
Folder : MyWebSearchWB
Folder : PlayMP3z
Folder : NavExcel
Folder : NavExcel Search Toolbar
Folder : NavigationAdvisor
Folder : NavigationEnhancer
Folder : NavigationProgram
Folder : NavigationTool
Folder : Need2Find
Folder : Online_TV_toolbar
Folder : PageRevisor
Folder : PCHealthCenter
Folder : Piolet
Folder : Piolet Toolbar
Folder : Push toolbar
Folder : P2P_Energy
Folder : P2P Networking
Folder : P2P_Torrent
Folder : Rax Search
Folder : RXToolbar
Folder : Sbar Toolbar
Folder : SearchEssistant
Folder : searchessistant toolbar
Folder : SearchSettings
Folder : Search Settings
Folder : Seekmo
Folder : Seekmo Programs
Folder : seekmo search assistant
Folder : ShopNav
Folder : Shopper Report
Folder : ShopperReports
Folder : ShoppingReport
Folder : SideFind
Folder : SLMSS
Folder : Slotchbar
Folder : SmartShopper
Folder : Snrg
Folder : SpamBlockerUtility
Folder : Starware
Folder : Starware305
Folder : Starware316
Folder : Starware343
Folder : Starware347
Folder : Starware354
Folder : Starware370
Folder : Starware390
Folder : StatsTool
Folder : SurfAccuracy
Folder : ToolBar888
Folder : TrustIn Bar
Folder : Try2Find
Folder : UCmore
Folder : VMNToolbar
Folder : VSAdd-in
Folder : VS Toolbar
Folder : WeatherDPA
Folder : WeatherStudio
Folder : WhenU
Folder : WinAble
Folder : Wssclient
Folder : XXXToolbar
Folder : YourSiteBar
Folder : Zango
Folder : 2020Search
Folder : 7Search
Folder : 8848
"%Systemdrive%\dfndr.exe"
"%Systemdrive%\dfndrff_7.exe"
"%Systemdrive%\kybrd.exe"
"%Systemdrive%\kybrdff_7.exe"
"%Systemdrive%\nwnm.exe"
"%Windir%\adrsb.exe"
"%Windir%\autolfn.exe"
"%Windir%\azentretien.dll"
"%Windir%\CJet.exe"
"%Windir%\csrss.exe"
"%Windir%\dpvsetup.exe"
"%Windir%\dsndup.exe"
"%Windir%\gxvpsafm.dll"
"%Windir%\iewww.exe"
"%Windir%\iun6002.exe"
"%Windir%\label.exe"
"%Windir%\lasss.exe"
"%Windir%\mdm.exe"
"%Windir%\mmc.exe"
"%Windir%\mshepl.exe"
"%Windir%\mshta.exe"
"%Windir%\mssetup.exe"
"%Windir%\msswchx.exe"
"%Windir%\mstask.exe"
"%Windir%\netdde.exe"
"%Windir%\nne.bin"
"%Windir%\nnv.bin"
"%Windir%\nnmgr.dat"
"%Windir%\nnmgr.exe"
"%Windir%\nnmgr.ocx"
"%Windir%\ntvdm.exe"
"%Windir%\omi.dll"
"%Windir%\osk.exe"
"%Windir%\redirect7.exe"
"%Windir%\sbar.dll"
"%Windir%\sfita.exe"
"%Windir%\smdat32a.sys"
"%Windir%\smdat32m.sys"
"%Windir%\smss.exe"
"%Windir%\spoolsv.exe"
"%Windir%\sptsupd.exe"
"%Windir%\subst.exe"
"%Windir%\svchost.exe"
"%Windir%\SYSfit.exe"
"%Windir%\ups.exe"
"%Windir%\waladhpr.exe"
"%Windir%\w32tm.exe"
"%Windir%\xcopy.exe"
"%Windir%\System\mdc.dll"
"%Windir%\System32\adrot-uninst.exe"
"%Windir%\System32\adrotate.dll"
"%Windir%\System32\adrotate1.dll"
"%Windir%\System32\adspipe.dll"
"%WinDir%\system32\adssite-remove.exe"
"%WinDir%\system32\adssite_sidebar.dll"
"%WinDir%\system32\adssite_sidebar_uninstall.exe"
"%Windir%\System32\adv.dll"
"%Windir%\System32\azesearch4.ocx"
"%Windir%\System32\brrotate.dll"
"%Windir%\System32\ca2.dll"
"%Windir%\System32\cpmrotate.dll"
"%Windir%\System32\czuehf.exe"
"%Windir%\System32\Dcads-remove.exe"
"%WinDir%\system32\dcads_sidebar.dll"
"%WinDir%\system32\dcads_sidebar_uninstall.exe"
"%Windir%\System32\DcadsSocial-uninstall.exe"
"%WinDir%\system32\dcadssuggest.dll"
"%Windir%\System32\eplaceSearch.dll"
"%Windir%\System32\ewxcksr.exe"
"%Windir%\System32\fufudc.exe"
"%Windir%\System32\f3PSSavr.scr"
"%Windir%\System32\globobar.ocx"
"%Windir%\System32\gzmrotate.dll"
"%WinDir%\system32\gzmrt.dll"
"%Windir%\System32\ha3f.exe"
"%Windir%\System32\hookdump.exe"
"%Windir%\System32\HyperLinker3.exe"
"%Windir%\System32\iasad.dll"
"%Windir%\System32\iasada.dll"
"%Windir%\System32\jbhbolcl.exe"
"%Windir%\System32\kcnzrop6.exe"
"%Windir%\System32\lmdv.bin"
"%Windir%\System32\lmf32v.dll"
"%Windir%\System32\mnopdb.exe"
"%Windir%\System32\mwsvm.exe"
"%Windir%\System32\mwsvm.ocx"
"%WinDir%\system32\mysidesearch_sidebar_uninstall.exe"
"%WinDir%\system32\mysidesearch_sidebar.dll"
"%WinDir%\system32\ninjaext-uninstall.exe"
"%Windir%\System32\nodeipproc.dll"
"%Windir%\System32\nss2C.dll"
"%Windir%\System32\nslFC.dll"
"%Windir%\System32\otpddpea5.dll"
"%Windir%\System32\PreUninstall.exe"
"%Windir%\System32\PreUninstallFF.exe"
"%Windir%\System32\p2p.exe"
"%Windir%\System32\P2P Networking"
"%Windir%\system32\QaBar.dll"
"%Windir%\system32\QcBar.dll"
"%Windir%\System32\ra8pv.exe"
"%WinDir%\system32\rightonadz-uninst.exe"
"%Windir%\System32\ShowFF.exe"
"%Windir%\System32\SmartShopper"
"%WinDir%\system32\sprt_ads.dll"
"%WinDir%\system32\superiorads-uninst.exe"
"%Windir%\System32\syssfitb.dll"
"%Windir%\System32\tbc.dll"
"%Windir%\System32\TopSearch.dll"
"%Windir%\System32\tubby.dll"
"%Windir%\System32\uninst.exe"
"%Windir%\System32\uninst.log"
"%Windir%\System32\uninsticn.exe"
"%Windir%\System32\vtlbar1.dll"
"%Windir%\system32\WinATS.dll"
"%Windir%\System32\WinDmy.dll"
"%Windir%\System32\WinNB*.dll"
"%Windir%\System32\winnook.exe"
"%Windir%\System32\zolk.dll"
"%Windir%\System32\zolker005.dll"
"%Windir%\System32\zolker009.dll"
"%Windir%\System32\zolker010.dll"
"%Windir%\System32\zolker011.dll"
"%Windir%\System32\ztoolb005.dll"
"%Windir%\System32\ztoolb006.dll"
"%Windir%\System32\ztoolb010.dll"
"%Windir%\System32\ztoolber.dll"
"%Windir%\system32\{0936fcf1-60ca-f7bf-5899-d2dbff2fa288}.dll"
"%Windir%\system32\SearchTool\nsu9F8.dll"
"%Windir%\system32\SearchTool\SearchTool.dll"
"%Windir%\System32\drivers\ csrss.exe"
"%Windir%\System32\Macromed\Flash\FlashPlayerTrust\activeshopper.cfg"
"%Fonts%\acrsec.fon"
"%Fonts%\acrsecB.fon"
"%Fonts%\acrsecI.fon"
"%Windir%\Downloaded Program Files\dotcomtoolbar.asp"
"%Windir%\Downloaded Program Files\hbtools.inf"
"%Windir%\Downloaded Program Files\hotbar.inf"
"%Windir%\Downloaded Program Files\instafin.dll"
"%Windir%\Downloaded Program Files\istactivex.dll"
"%Windir%\Downloaded Program Files\logo.bmp"
"%Windir%\Downloaded Program Files\logo.gif"
"%Windir%\Downloaded Program Files\logo2.gif"
"%Windir%\Downloaded Program Files\MirarSetup.exe"
"%Windir%\Downloaded Program Files\mwsearch.dll"
"%Windir%\Downloaded Program Files\MySearch.CAB"
"%Windir%\Downloaded Program Files\nav.bmp"
"%Windir%\Downloaded Program Files\nav_hot.bmp"
"%Windir%\Downloaded Program Files\toolbar_nieuw14.dll"
"%Windir%\Downloaded Program Files\ysbactivex.dll"
"%Windir%\downloaded program files\webp2pinstaller.dll"
"%Programfiles%\Internet Explorer\msimg32.dll"
"%programfiles%\internet explorer\setup.exe"
"%Programfiles%\Mozilla Firefox\plugins\NPMyWebS.dll"
"%ProgramFiles%\MSN Messenger\msimg32.dll"
"%ProgramFiles%\MSN Messenger\riched20.dll"
"%ProgramFiles%\ieshnv.ini"
"%ProgramFiles%\ieshnv.bmp"
"%ProgramFiles%\ieshnv.dat"
"%ProgramFiles%\ieshnv.lng"
"%Temp%\ASearchAssist.dll"
"%Temp%\ICD1.tmp"
"%Temp%\ISTbar.dll"
"%Temp%\is-B3DFI.tmp"
"%Temp%\mc*.tmp"
"%Temp%\mit3.tmp"
"%Temp%\mit3.tmp.cab"
"%Temp%\TBQuiesceKB.exe"
"%Temp%\sidefind.exe"
"%Temp%\s11k..exe"
"%Temp%\tem*.tmp.exe"
"%Temp%\11-9df8e247b1ab6e4ea9303b15294a3428.exe"
"%Temp%\875455-NOSB.exe"
"%Temp%\Random_Folder\Toolbar.exe"
"%Personal%\work7\load03.exe"
"%Personal%\work7\loadppc.exe"
"%Startup%\MyTotalSearch Email Plugin.lnk"
"%Startup%\MyWebSearch Email Plugin.lnk"
"%Desktop%\atoolbar200002.exe"
"%Desktop%\DealioKit127.exe"
"%Desktop%\m00.exe"
"%Desktop%\SetupActiv.exe"
"%Desktop%\sportsinteraction.com - bet on sports!.lnk"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04011C11-2F3B-44ed-977C-270CA669C6B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E677221-E309-4341-81BD-3CC3018BF5B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C4ECE5C-7CB8-36C5-6F3B-D414CE8F8E22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26E45419-7205-4fac-BBFE-174BC7337A79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10F3E8BD-257A-4702-A2F5-DC02055B068C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D9362F8-77D8-4b29-97B5-621D550890C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD44D3E-7316-4251-B754-9B10EC96AF92}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C90A5E-BE0A-44DD-83D2-1BE138460BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D80C4E21-C346-4E21-8E64-20746AA20AEB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E60A8FF7-B9B4-8ABC-10E8-10F2461DFA50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{391C0909-C026-3B63-FFDB-93FFF4E81675}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D93B3CA5-6552-0DAA-353B-FB9D4F20B168}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B8AE75C-A139-558A-AB5B-5F07BC2FD566}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5bf48cbf-6ca5-495a-c3f9-0574983d4eb2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14b3d246-6274-40b5-8d50-6c2ade2ab29b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2a8a997f-bb9f-48f6-aa2b-2762d50f9289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4035DE1B-D54A-411E-9EE7-923295D2E86E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45A4902E-4479-4EAE-A186-8D0F7E4C78DE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C6C4BA2-1646-0F3A-1FAE-B393C162C92E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-90F0-F66AB581A933}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-DCF7-F96DA086B434}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-86FF-FD60BB9AAE3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ed7d3de-6dbe-4516-8712-01b1b64b7057}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CFEE306-E014-48A4-876D-06FF09EBB0F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-436325722327}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6548BF73-58FF-71D5-F97D-17C71E323709}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A6E50DC-BFA8-4B40-AB1B-159E03E829FD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7475D3FD-5D85-49DB-8B9B-6968467B2D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74CC49F7-EB32-4A08-B204-948962A6E3DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{753B9349-7E46-4E5C-A27F-A60A6BF1EAB5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{832BEBED-C3DA-4534-A2C2-B2FFF220C820}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87E68009-29A8-D669-F7C2-B31D08635C50}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C9B3C7-06B6-5C05-CFEC-C09DBC10CC30}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-4D54434D5443}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9EAC0102-5E61-2312-BC2D-76746C56544C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF7E9EBB-E1CF-7F7C-C608-13185698F3E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5F3970B-745E-46AC-B890-E08F69777D80}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B886C1F4-D1D3-45F5-F45E-75EB024320AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA356D79-679B-4b4c-8E49-5AF97014F4C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6FC35D1-04AB-4D40-94CF-2E5AE4D0F8D2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da7ff3f8-08be-4cac-bc00-94d91c6ae7f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4D1D56C-3EC9-2F5D-FAA3-4112CCDD61DC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E82E0739-0AAE-4E99-9052-B40F7DABFA34}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc4be15d-6a34-4356-9e97-79e43da32b1d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f65b197f-8260-4d52-909a-f70118e646eb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8EACE56-0AF4-3AE3-6EF8-F8CC39675729}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2BA1C226-EC1B-4471-A65F-D0688AC6EE3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E552EEFC-DE97-45D4-BA1A-F534A1B4A579}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-46a1-83b8-bd2ae6d9fa2e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F17C005-7BF0-4f13-8473-F3C3D2619DBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDDF3383-EC5F-49DF-A8B6-CEC2D8F6164C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7C7AA47-BCA6-451D-8DBC-C10A8F75C8C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4c01-93F5-673BCA03DA86}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0566A191-D675-4911-9C7E-50EDBEF90F32}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7C559105-9ECF-42B8-B3F7-832E75EDD959}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8a0dcbdb-6e20-489c-9041-c1e8a0352e75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5F1ABCDB-A875-46C1-8345-B72A4567E483}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CODE Store Database\Distribution Units\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{79B96C72-C0D0-4DC8-BC7E-9F314A918228}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C109664B-CEB1-420B-B353-D55A561536DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4c3a-B38E-9654A7003239}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{119DBEDA-9c41-4F97-94B4-B6BCD01133CF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{88E50F1D-4790-4C6B-BEE3-D54E46B6EEF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{066040F0-5018-4E15-8AA0-81D36136D989}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{10E42047-DEB9-4535-A118-B3F6EC39B807}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFA03761-5565-41b3-93D9-82B354C0A8EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4a02-9D20-520B59A9F9B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{3EA5C408-2437-4c40-ADAC-DFDA9AEEEA96}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Expl
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
26 sept. 2009 à 19:51
26 sept. 2009 à 19:51
re
c'est pas le bon rapport
regarde içi C:\TB.txt
c'est pas le bon rapport
regarde içi C:\TB.txt
demonwar
Messages postés
7
Date d'inscription
vendredi 25 septembre 2009
Statut
Membre
Dernière intervention
11 mars 2010
27 sept. 2009 à 09:40
27 sept. 2009 à 09:40
desolé
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : admin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 090926-0] 4.8.1356 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:14 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 26/09/2009|19:42 )
-----------\\ Recherche de Fichiers / Dossiers ...
[Service] ASKUpgrade
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\001793A5
C:\Program Files\AskBarDis\bar\Cache\00179C01
C:\Program Files\AskBarDis\bar\Cache\00179D88.bin
C:\Program Files\AskBarDis\bar\Cache\0017A057.bin
C:\Program Files\AskBarDis\bar\Cache\0017A1DD.bin
C:\Program Files\AskBarDis\bar\Cache\0017A383.bin
C:\Program Files\AskBarDis\bar\Cache\0017A587.bin
C:\Program Files\AskBarDis\bar\Cache\0017A79A.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\DOCUME~1\admin\Cookies\admin@cs.shopperreports[1].txt
C:\windows\iun6002.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\nsc7.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd19.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1F8.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsg3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj16.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj17.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj5.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsl5.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsn4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nso4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsp4A.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsq21.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3B.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr81.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nss1B.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nss21.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nst1D.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsv3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsv62.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsvC4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsy1B.tmp
-----------\\ Extensions
(admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : admin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 090926-0] 4.8.1356 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:14 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 26/09/2009|19:42 )
-----------\\ Recherche de Fichiers / Dossiers ...
[Service] ASKUpgrade
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\001793A5
C:\Program Files\AskBarDis\bar\Cache\00179C01
C:\Program Files\AskBarDis\bar\Cache\00179D88.bin
C:\Program Files\AskBarDis\bar\Cache\0017A057.bin
C:\Program Files\AskBarDis\bar\Cache\0017A1DD.bin
C:\Program Files\AskBarDis\bar\Cache\0017A383.bin
C:\Program Files\AskBarDis\bar\Cache\0017A587.bin
C:\Program Files\AskBarDis\bar\Cache\0017A79A.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\DOCUME~1\admin\Cookies\admin@cs.shopperreports[1].txt
C:\windows\iun6002.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\nsc7.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd19.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1F8.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsg3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj16.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj17.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsj5.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsl5.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsn4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nso4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsp4A.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsq21.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3B.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsr81.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nss1B.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nss21.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nst1D.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsv3.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsv62.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsvC4.tmp
C:\DOCUME~1\admin\LOCALS~1\Temp\nsy1B.tmp
-----------\\ Extensions
(admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
27 sept. 2009 à 10:06
27 sept. 2009 à 10:06
salut
Relance ToolBar S&D et choisie l'option 2 suppression
Ne ferme pas la fenêtre lors de la suppression. Un rapport sera généré, sauvegarde-le.
Relance ToolBar S&D et choisie l'option 2 suppression
Ne ferme pas la fenêtre lors de la suppression. Un rapport sera généré, sauvegarde-le.
demonwar
Messages postés
7
Date d'inscription
vendredi 25 septembre 2009
Statut
Membre
Dernière intervention
11 mars 2010
27 sept. 2009 à 12:27
27 sept. 2009 à 12:27
voila, avant je téléchargé mes maintenant j'ai arrété!
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : admin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 090926-1] 4.8.1356 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:13 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 27/09/2009|11:54 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKUpgrade
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\DOCUME~1\admin\Cookies\admin@cs.shopperreports[1].txt
Supprime! - C:\windows\iun6002.exe
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsc7.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd19.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1F8.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsg3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj16.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj17.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj5.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsl5.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsn4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nso4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsp4A.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsq21.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3B.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr81.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nss1B.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nss21.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nst1D.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsv3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsv62.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsvC4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsy1B.tmp
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1B.tmp
-----------\\ Extensions
(admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm.exe
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm_nav.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm_navps.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\yswqcn_nav.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\yswqcn_navps.dat
[b]==> EGDACCESS <==/b
C:\windows\system32\atvoscjv.ini
C:\windows\system32\atvoscjv.ini2
C:\windows\system32\atvoscjv.tmp
C:\windows\system32\gOprAJlm.ini
C:\windows\system32\gOprAJlm.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour gta pc games dvd KeyGen All Version.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 2 pour gta pc games dvd KeyGen All Version.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip\Grand Theft Auto San Andreas Crack (No-CD)
C:\DOCUME~1\admin\Mes documents\Downloads\CRACK
C:\DOCUME~1\admin\Mes documents\Downloads\CRACK\gta_sa.exe
C:\DOCUME~1\admin\Mes documents\gta san\CRACK
C:\DOCUME~1\admin\Mes documents\gta san\CRACK\gta_sa.exe
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!\Grand Theft Auto San Andreas Crack (No-CD)
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!\Grand Theft Auto San Andreas Crack (No-CD)\gta_sa.EXE
C:\DOCUME~1\admin\Recent\[PC GAME ITA]GTA IV+crack no cd+seria---___---___---___l.rar.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 27/09/2009|12:12 - Option : [2]
-----------\\ Fin du rapport a 12:12:37,06
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.60GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : admin ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1356 [VPS 090926-1] 4.8.1356 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:13 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 27/09/2009|11:54 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKUpgrade
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\DOCUME~1\admin\Cookies\admin@cs.shopperreports[1].txt
Supprime! - C:\windows\iun6002.exe
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsc7.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd19.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1F8.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsd3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsg3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj16.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj17.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsj5.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsl5.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsn4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nso4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsp4A.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsq21.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr3B.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsr81.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nss1B.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nss21.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nst1D.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsv3.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsv62.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsvC4.tmp
Supprime! - C:\DOCUME~1\admin\LOCALS~1\Temp\nsy1B.tmp
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\admin\LOCALS~1\Temp\nsd1B.tmp
-----------\\ Extensions
(admin) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://fr.yahoo.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm.exe
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm_nav.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\irlwwbcm_navps.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\yswqcn_nav.dat
C:\DOCUME~1\admin\LOCALS~1\APPLIC~1\yswqcn_navps.dat
[b]==> EGDACCESS <==/b
C:\windows\system32\atvoscjv.ini
C:\windows\system32\atvoscjv.ini2
C:\windows\system32\atvoscjv.tmp
C:\windows\system32\gOprAJlm.ini
C:\windows\system32\gOprAJlm.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour gta pc games dvd KeyGen All Version.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 2 pour gta pc games dvd KeyGen All Version.zip
C:\DOCUME~1\admin\Local Settings\Temp\R‚pertoire temporaire 1 pour PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip\Grand Theft Auto San Andreas Crack (No-CD)
C:\DOCUME~1\admin\Mes documents\Downloads\CRACK
C:\DOCUME~1\admin\Mes documents\Downloads\CRACK\gta_sa.exe
C:\DOCUME~1\admin\Mes documents\gta san\CRACK
C:\DOCUME~1\admin\Mes documents\gta san\CRACK\gta_sa.exe
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!.zip
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!\Grand Theft Auto San Andreas Crack (No-CD)
C:\DOCUME~1\admin\Mes documents\LimeWire\Saved\PC Games - GTA San Andreas No CD crack THIS ONE REALLY WORKS !!!\Grand Theft Auto San Andreas Crack (No-CD)\gta_sa.EXE
C:\DOCUME~1\admin\Recent\[PC GAME ITA]GTA IV+crack no cd+seria---___---___---___l.rar.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 27/09/2009|12:12 - Option : [2]
-----------\\ Fin du rapport a 12:12:37,06
benurrr
Messages postés
9643
Date d'inscription
samedi 24 mai 2008
Statut
Contributeur sécurité
Dernière intervention
11 janvier 2012
107
27 sept. 2009 à 14:12
27 sept. 2009 à 14:12
ok
télécharge navilog1 sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
1° clique droit sur navilog1.exe présent sur ton bureau et excute le en tant qu'administrateur
2° Sélectionnez la langue désirée dans le menu puis valide le choix par la touche « entrer »
3° Petit message d’avertissement, appuie sur une touche pour passe à la suite
4° un nouveau avertissement, appuie sur une touche pour suivre
5° Vérification de l’installation de Navilog1 : si tout est bon, appuie sur une touche pour continuer
6° Choisir option 1 : recherche/désinfection automatique
7° La recherche va se lancer automatiquement et peut durée quelques minutes, patiente
8° Une fois l’analyse terminé, fermez et enregistre ton travail en cours, puis appuie sur une touche pour que le pc puisse démarrer
9° Au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patiente quelques instants.
Un rapport est génère par l'outil. Il se trouve à cette emplacement :
XP : demarrer/poste de travail/c:/cleannavi.txt
-----------------------
Attention aux cracks, c'est un important vecteur d'infection (télécharger un crack ou même visiter un site de crack a de grandes chances d'infecter l'ordinateur) : plus de 40%des infections
1-IMPORTANT :
je rappelle que bagle est amené par un crack et qu'il se relance dès que tu te sers de celui ci; même si tu ne sers pas, il peut se relancer de lui même au démarrage de ton PC . En claire :
Essayes surtout de te rappeler si récemment tu n' as pas clicker sur un "patch" ou un "keygen" pour installer un logiciel, un jeu cracké ou avoir une version complète d'un soft , et qu'il ne se soit rien passé de particulier ... C'est la que les bagles s'infiltrent ! Si tu retrouves ce crack en particulier ,scratch tout ( le crack, le soft ou encore les zip concernés). Si tu ne te rappelles plus trop , je te conseille fortement de supprimer tous les cracks qui sont sur ton PC ... ;) après tu fait se que tu veut
https://forum.malekal.com/viewtopic.php?f=33&t=893
Si tu en as, il faut les supprimer, ou il vont réinfecter continuellement ton pc...
télécharge navilog1 sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
1° clique droit sur navilog1.exe présent sur ton bureau et excute le en tant qu'administrateur
2° Sélectionnez la langue désirée dans le menu puis valide le choix par la touche « entrer »
3° Petit message d’avertissement, appuie sur une touche pour passe à la suite
4° un nouveau avertissement, appuie sur une touche pour suivre
5° Vérification de l’installation de Navilog1 : si tout est bon, appuie sur une touche pour continuer
6° Choisir option 1 : recherche/désinfection automatique
7° La recherche va se lancer automatiquement et peut durée quelques minutes, patiente
8° Une fois l’analyse terminé, fermez et enregistre ton travail en cours, puis appuie sur une touche pour que le pc puisse démarrer
9° Au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patiente quelques instants.
Un rapport est génère par l'outil. Il se trouve à cette emplacement :
XP : demarrer/poste de travail/c:/cleannavi.txt
-----------------------
Attention aux cracks, c'est un important vecteur d'infection (télécharger un crack ou même visiter un site de crack a de grandes chances d'infecter l'ordinateur) : plus de 40%des infections
1-IMPORTANT :
je rappelle que bagle est amené par un crack et qu'il se relance dès que tu te sers de celui ci; même si tu ne sers pas, il peut se relancer de lui même au démarrage de ton PC . En claire :
Essayes surtout de te rappeler si récemment tu n' as pas clicker sur un "patch" ou un "keygen" pour installer un logiciel, un jeu cracké ou avoir une version complète d'un soft , et qu'il ne se soit rien passé de particulier ... C'est la que les bagles s'infiltrent ! Si tu retrouves ce crack en particulier ,scratch tout ( le crack, le soft ou encore les zip concernés). Si tu ne te rappelles plus trop , je te conseille fortement de supprimer tous les cracks qui sont sur ton PC ... ;) après tu fait se que tu veut
https://forum.malekal.com/viewtopic.php?f=33&t=893
Si tu en as, il faut les supprimer, ou il vont réinfecter continuellement ton pc...