A voir également:
- Mon PC est possedé !
- Mon pc est lent - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Plus de son sur mon pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
159 réponses
Utilisateur anonyme
2 oct. 2005 à 13:48
2 oct. 2005 à 13:48
coucou anna ^^,tu peux poser pleins de questions, pas de soucis
moe est venu, quelle chance que tu as lol
1/Dis moi ds ajout/supp de programme tojyvhes.exe y est tjr?
2/avais tu reussis a supprimer cela:c:\windows\system32\tojyvhes.exe
3/remet un hijack this
4/repond au question lol
bise
a+
moe est venu, quelle chance que tu as lol
1/Dis moi ds ajout/supp de programme tojyvhes.exe y est tjr?
2/avais tu reussis a supprimer cela:c:\windows\system32\tojyvhes.exe
3/remet un hijack this
4/repond au question lol
bise
a+
Utilisateur anonyme
2 oct. 2005 à 14:02
2 oct. 2005 à 14:02
salut, oui desole mais comme tu vois j essai d apporter qqs reponses un peu partout, donc dur dur d assurer partout parfois...
non pas grave, juste qq details a regler, t inquiete pas juste quelque chose de suspect mais mineure
dis moi ceci tu l avais supprimer?
MailSkinner
et ceci en mode normal
c:\windows\system32\tojyvhes.exe
a+
non pas grave, juste qq details a regler, t inquiete pas juste quelque chose de suspect mais mineure
dis moi ceci tu l avais supprimer?
MailSkinner
et ceci en mode normal
c:\windows\system32\tojyvhes.exe
a+
Re, alors en mode normal, je je ne trouve pas : c:\windows\system32\tojyvhes.exe
parcontre il y a 3 truc avec : "trjyvhes_navps.dat , j'en fais koi ?
et par rapport a hier il y a cette manip que j'ai pas reussi à faire :(pas compris ! ) :
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents).(il se peut que tu ne trouve que la moitié, c est normal mais verifie bien stp)
C:\WINDOWS\isrvs <--le dossier
C:\Program Files\MyWebSearch<--le dossier
MSAOL32.exe (fais ctlr+alt+suppr a chaque fois, cherche ces processus (= xxx.exe) et clik terminer lace une recherche et si tu les trouve supprime les
svhost8.exe
run.exe
MSMSN32.exe
C:\WINDOWS\system32\syshost.exe
C:\WINDOWS\System32\bkerh.exe
C:\WINDOWS\System32\gah95on6.exe
NTsrv.exe
C:\WINDOWS\fmbsr.exe
c:\windows\system32\tojyvhes.exe -star
winmes.exe
msn32.exe
popupkill.exe
je laisse tombé ou pas ?
j'ai bien supprimer "mailskinner" et je l'ai remarquer en faisant un "fix cheked" mais j'ai pas osé le cocher ! ...
Autre chose : j'ai remarquer que ma 1er connexion à internet est toujours aussi "lente", elle est toujours pas comme avant !
voila, merci et A+
parcontre il y a 3 truc avec : "trjyvhes_navps.dat , j'en fais koi ?
et par rapport a hier il y a cette manip que j'ai pas reussi à faire :(pas compris ! ) :
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents).(il se peut que tu ne trouve que la moitié, c est normal mais verifie bien stp)
C:\WINDOWS\isrvs <--le dossier
C:\Program Files\MyWebSearch<--le dossier
MSAOL32.exe (fais ctlr+alt+suppr a chaque fois, cherche ces processus (= xxx.exe) et clik terminer lace une recherche et si tu les trouve supprime les
svhost8.exe
run.exe
MSMSN32.exe
C:\WINDOWS\system32\syshost.exe
C:\WINDOWS\System32\bkerh.exe
C:\WINDOWS\System32\gah95on6.exe
NTsrv.exe
C:\WINDOWS\fmbsr.exe
c:\windows\system32\tojyvhes.exe -star
winmes.exe
msn32.exe
popupkill.exe
je laisse tombé ou pas ?
j'ai bien supprimer "mailskinner" et je l'ai remarquer en faisant un "fix cheked" mais j'ai pas osé le cocher ! ...
Autre chose : j'ai remarquer que ma 1er connexion à internet est toujours aussi "lente", elle est toujours pas comme avant !
voila, merci et A+
Utilisateur anonyme
2 oct. 2005 à 14:55
2 oct. 2005 à 14:55
salut
moe penses tu pas qu un silent runner est necessaire ??
a+
moe penses tu pas qu un silent runner est necessaire ??
a+
Utilisateur anonyme
2 oct. 2005 à 14:57
2 oct. 2005 à 14:57
bah, ca fera pas de mal en tout cas
Apparement elle n'a pas supprimé les fichiers que tu lui avait indiqué...
Apparement elle n'a pas supprimé les fichiers que tu lui avait indiqué...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
2 oct. 2005 à 15:11
2 oct. 2005 à 15:11
bon on va essayer comme ceci
Telecharge ceci
http://www.silentrunners.org/Silent%20Runners.vbs
Execute le,atends quelques minutes, il va creer ensuite un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donnera
a+
Telecharge ceci
http://www.silentrunners.org/Silent%20Runners.vbs
Execute le,atends quelques minutes, il va creer ensuite un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donnera
a+
Voici le rapport demander :
"Silent Runners.vbs", revision 40.1, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]
"MailSkinner" = "c:\program files\mailskinner\mailskinner.exe" [file not found]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"AVG7_EMC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" ["GRISOFT, s.r.o."]
"Zone Labs Client" = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
"smapp" = "C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" ["Analog Devices, Inc."]
"KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4}\(Default) = "ST" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll" [MS]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = "MSNToolBandBHO" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{59850401-6664-101B-B21C-00AA004BA90B}" = "Microsoft Office Binder Unbind"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\1036\UNBIND.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real Alternative\rpshell.dll" ["RealNetworks, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{F08F98D6-E423-4847-A115-207994B7E3F7}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\kwdmon.dll" [null data]
"{5B769505-9C8C-460F-BA42-304047223CE5}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mdcbase.dll" [file not found]
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\stnceng.dll" [null data]
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\guard.tmp" [null data]
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\kfdycl.dll" [null data]
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\MCDBGFR.DLL" [null data]
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mytvgs.dll" [null data]
"{B49C1537-1A4E-47BD-B560-80145937DE5D}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\agkctrs.dll" [null data]
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mixml2.dll" [null data]
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\wvhip6.dll" [null data]
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\sqell32.dll" [null data]
"{47A4D311-1194-47D8-8382-D1671E973DEE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\rKsrad.dll" [null data]
"{20908FDC-5F19-46AD-9AC6-967B83870361}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\svlsrv32.dll" [null data]
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\situpwbv.dll" [null data]
"{893C6A92-714D-4A6C-8757-5A647589E0E3}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dFdxof.dll" [null data]
"{05C37307-D067-4432-BC31-EF61941F6670}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dumsrpcn.dll" [null data]
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\duprop.dll" [null data]
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\aoifil32.dll" [null data]
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\oqeaut32.dll" [null data]
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\beotvid.dll" [null data]
"{CE870B20-E4AC-4792-B400-B828637954A1}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mdxml2r.dll" [null data]
"{109A92B6-9BAE-49E0-9016-94FD417384FE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\RXOCURS.DLL" [null data]
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mfdart.dll" [null data]
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\iwpeers.dll" [null data]
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ijp0l57m1.dll" [null data]
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\gltext.dll" [null data]
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\rLsadhlp.dll" [null data]
"{1D24BD19-C485-4456-8832-BC69C8816E9E}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\cavfat.dll" [null data]
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\fjntext.dll" [null data]
"{6354D83F-B627-43EE-A282-0D3BDC81E318}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\guard.tmp" [null data]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Vent de prairie.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "Windows XP" & "All Users" startup folders:
------------------------------------------------------------
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Lancement rapide d'Adobe Reader" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]
"Symantec Fax Starter Edition Port" -> shortcut to: "C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE" [MS]
"Zone Labs Security" -> shortcut to: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "MSN" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "0"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\MSMSGS.EXE" [MS]
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[Strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"
Missing lines (compared with English-language version):
[Strings]: 2 lines
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]
SoundMAX Agent Service, SoundMAX Agent Service (default), "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe" ["Analog Devices, Inc."]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs, LLC"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 54 seconds, including 18 seconds for message boxes)
A+
"Silent Runners.vbs", revision 40.1, http://www.silentrunners.org/
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]
"MailSkinner" = "c:\program files\mailskinner\mailskinner.exe" [file not found]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."]
"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"AVG7_EMC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" ["GRISOFT, s.r.o."]
"Zone Labs Client" = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
"smapp" = "C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" ["Analog Devices, Inc."]
"KernelFaultCheck" = "C:\WINDOWS\system32\dumprep 0 -k" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{9394EDE7-C8B5-483E-8773-474BF36AF6E4}\(Default) = "ST" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll" [MS]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = "MSNToolBandBHO" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{59850401-6664-101B-B21C-00AA004BA90B}" = "Microsoft Office Binder Unbind"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\1036\UNBIND.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real Alternative\rpshell.dll" ["RealNetworks, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\Audiodev.dll" [MS]
"{F08F98D6-E423-4847-A115-207994B7E3F7}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\kwdmon.dll" [null data]
"{5B769505-9C8C-460F-BA42-304047223CE5}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mdcbase.dll" [file not found]
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\stnceng.dll" [null data]
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\guard.tmp" [null data]
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\kfdycl.dll" [null data]
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\MCDBGFR.DLL" [null data]
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mytvgs.dll" [null data]
"{B49C1537-1A4E-47BD-B560-80145937DE5D}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\agkctrs.dll" [null data]
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mixml2.dll" [null data]
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\wvhip6.dll" [null data]
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\sqell32.dll" [null data]
"{47A4D311-1194-47D8-8382-D1671E973DEE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\rKsrad.dll" [null data]
"{20908FDC-5F19-46AD-9AC6-967B83870361}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\svlsrv32.dll" [null data]
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\situpwbv.dll" [null data]
"{893C6A92-714D-4A6C-8757-5A647589E0E3}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dFdxof.dll" [null data]
"{05C37307-D067-4432-BC31-EF61941F6670}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dumsrpcn.dll" [null data]
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\duprop.dll" [null data]
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\aoifil32.dll" [null data]
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\oqeaut32.dll" [null data]
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\beotvid.dll" [null data]
"{CE870B20-E4AC-4792-B400-B828637954A1}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mdxml2r.dll" [null data]
"{109A92B6-9BAE-49E0-9016-94FD417384FE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\RXOCURS.DLL" [null data]
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\mfdart.dll" [null data]
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\iwpeers.dll" [null data]
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ijp0l57m1.dll" [null data]
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\gltext.dll" [null data]
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\rLsadhlp.dll" [null data]
"{1D24BD19-C485-4456-8832-BC69C8816E9E}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\cavfat.dll" [null data]
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\fjntext.dll" [null data]
"{6354D83F-B627-43EE-A282-0D3BDC81E318}" = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\guard.tmp" [null data]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Vent de prairie.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "Windows XP" & "All Users" startup folders:
------------------------------------------------------------
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Lancement rapide d'Adobe Reader" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l" [MS]
"Symantec Fax Starter Edition Port" -> shortcut to: "C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE" [MS]
"Zone Labs Security" -> shortcut to: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "MSN" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" = "0"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\MSMSGS.EXE" [MS]
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[Strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"
Missing lines (compared with English-language version):
[Strings]: 2 lines
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\System32\Ati2evxx.exe" ["ATI Technologies Inc."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]
SoundMAX Agent Service, SoundMAX Agent Service (default), "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe" ["Analog Devices, Inc."]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs, LLC"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\System32\wdfmgr.exe" [MS]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 54 seconds, including 18 seconds for message boxes)
A+
Utilisateur anonyme
2 oct. 2005 à 15:31
2 oct. 2005 à 15:31
t'inquiete je sais bien, je ne dis pas ca pour me moquer, mais comme certains fichiers n'ont pas été supprimés, c'est normal que tu ai encore des soucis.
Apparement silentrunners à détecté quelque chose.
Télécharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
Double clic sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuie sur n'importe quelle touche puis choisis l'option #1 (et pas autre chose) et valide avec la touche entrée.
Le bloc note va s'ouvrir avec le resultat du scan.
Fais un copier coller du résultat ici.
Apparement silentrunners à détecté quelque chose.
Télécharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
Double clic sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuie sur n'importe quelle touche puis choisis l'option #1 (et pas autre chose) et valide avec la touche entrée.
Le bloc note va s'ouvrir avec le resultat du scan.
Fais un copier coller du résultat ici.
Slt, je ne suis pas vexée, pas de souci
voici le rapport :
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
"Asynchronous"=dword:00000000
"DllName"=""
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{776CF063-099A-F7E3-9433-1022FC239DD8}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extension de l'interpr‚teur de commande pour Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F08F98D6-E423-4847-A115-207994B7E3F7}"=""
"{5B769505-9C8C-460F-BA42-304047223CE5}"=""
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}"=""
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}"=""
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}"=""
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}"=""
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}"=""
"{B49C1537-1A4E-47BD-B560-80145937DE5D}"=""
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}"=""
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}"=""
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}"=""
"{47A4D311-1194-47D8-8382-D1671E973DEE}"=""
"{20908FDC-5F19-46AD-9AC6-967B83870361}"=""
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}"=""
"{893C6A92-714D-4A6C-8757-5A647589E0E3}"=""
"{05C37307-D067-4432-BC31-EF61941F6670}"=""
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}"=""
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}"=""
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}"=""
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}"=""
"{CE870B20-E4AC-4792-B400-B828637954A1}"=""
"{109A92B6-9BAE-49E0-9016-94FD417384FE}"=""
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}"=""
"{CE000992-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN Resolver"
"{CE000994-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN SearchHook"
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}"=""
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}"=""
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}"=""
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}"=""
"{1D24BD19-C485-4456-8832-BC69C8816E9E}"=""
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}"=""
"{6354D83F-B627-43EE-A282-0D3BDC81E318}"=""
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\InprocServer32]
@="C:\\WINDOWS\\system32\\kwdmon.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdcbase.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\InprocServer32]
@="C:\\WINDOWS\\system32\\stnceng.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\kfdycl.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\InprocServer32]
@="C:\\WINDOWS\\system32\\MCDBGFR.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\InprocServer32]
@="C:\\WINDOWS\\system32\\mytvgs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\InprocServer32]
@="C:\\WINDOWS\\system32\\agkctrs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\InprocServer32]
@="C:\\WINDOWS\\system32\\mixml2.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\InprocServer32]
@="C:\\WINDOWS\\system32\\wvhip6.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\InprocServer32]
@="C:\\WINDOWS\\system32\\sqell32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\InprocServer32]
@="C:\\WINDOWS\\system32\\rKsrad.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\InprocServer32]
@="C:\\WINDOWS\\system32\\svlsrv32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\InprocServer32]
@="C:\\WINDOWS\\system32\\situpwbv.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\InprocServer32]
@="C:\\WINDOWS\\system32\\dFdxof.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\InprocServer32]
@="C:\\WINDOWS\\system32\\dumsrpcn.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\InprocServer32]
@="C:\\WINDOWS\\system32\\duprop.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\InprocServer32]
@="C:\\WINDOWS\\system32\\aoifil32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oqeaut32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\InprocServer32]
@="C:\\WINDOWS\\system32\\beotvid.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdxml2r.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\InprocServer32]
@="C:\\WINDOWS\\system32\\RXOCURS.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mfdart.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\InprocServer32]
@="C:\\WINDOWS\\system32\\iwpeers.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\InprocServer32]
@="C:\\WINDOWS\\system32\\ijp0l57m1.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\InprocServer32]
@="C:\\WINDOWS\\system32\\gltext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\InprocServer32]
@="C:\\WINDOWS\\system32\\rLsadhlp.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\InprocServer32]
@="C:\\WINDOWS\\system32\\cavfat.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\InprocServer32]
@="C:\\WINDOWS\\system32\\fjntext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
mscloc~1.dll Sat 1 Oct 2005 22:34:40 A.... 20 992 20,50 K
msploc~1.dll Sat 1 Oct 2005 19:12:54 A.... 20 992 20,50 K
sirenacm.dll Sat 13 Aug 2005 21:41:12 A.... 118 784 116,00 K
vsdata.dll Mon 29 Aug 2005 19:08:34 A.... 83 712 81,75 K
vsinit.dll Mon 29 Aug 2005 19:08:46 A.... 141 056 137,75 K
vsmonapi.dll Mon 29 Aug 2005 19:08:54 A.... 104 192 101,75 K
vspubapi.dll Mon 29 Aug 2005 19:08:58 A.... 227 072 221,75 K
vsregexp.dll Mon 29 Aug 2005 19:09:02 A.... 71 424 69,75 K
vsutil.dll Mon 29 Aug 2005 19:09:14 A.... 382 720 373,75 K
vsutil~1.dll Mon 29 Aug 2005 18:55:16 A.... 54 960 53,67 K
vsxml.dll Mon 29 Aug 2005 19:09:22 A.... 100 096 97,75 K
zlcomm.dll Mon 29 Aug 2005 19:09:42 A.... 79 616 77,75 K
zlcommdb.dll Mon 29 Aug 2005 19:09:46 A.... 71 424 69,75 K
13 items found: 13 files, 0 directories.
Total of file sizes: 1 477 040 bytes 1,41 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C s'appelle Windows XP
Le num‚ro de s‚rie du volume est F8B7-A3D3
R‚pertoire de C:\WINDOWS\System32
10/01/2005 23:02 11ÿ264 Thumbs.db
10/01/2005 18:42 <REP> dllcache
09/14/2005 22:00 <REP> Microsoft
04/23/2005 22:54 233ÿ222 nsdenb32.dll
04/23/2005 19:29 233ÿ222 k6nolg5316.dll
04/23/2005 15:14 233ÿ222 fjntext.dll
04/22/2005 23:30 234ÿ659 o0660ajsedo60.dll
04/22/2005 23:30 234ÿ328 cavfat.dll
04/22/2005 21:05 236ÿ296 rLsadhlp.dll
04/22/2005 21:02 234ÿ328 gltext.dll
04/22/2005 20:56 233ÿ169 ijp0l57m1.dll
04/22/2005 20:39 234ÿ328 iwpeers.dll
04/22/2005 20:28 233ÿ169 mfdart.dll
04/22/2005 20:14 233ÿ169 kwdda.dll
04/22/2005 17:30 234ÿ352 m0lsla371d.dll
04/22/2005 17:29 233ÿ879 RXOCURS.DLL
04/21/2005 22:10 235ÿ777 mdxml2r.dll
04/21/2005 22:07 232ÿ391 beotvid.dll
04/21/2005 15:21 235ÿ774 oqeaut32.dll
04/21/2005 15:17 236ÿ198 aoifil32.dll
04/21/2005 11:41 234ÿ771 duprop.dll
04/20/2005 17:43 233ÿ691 dumsrpcn.dll
04/20/2005 14:50 235ÿ945 dFdxof.dll
04/20/2005 10:46 232ÿ765 situpwbv.dll
04/18/2005 22:57 235ÿ945 svlsrv32.dll
04/18/2005 22:24 232ÿ749 e8020idoe80c0.dll
04/18/2005 22:23 233ÿ207 fprm0391e.dll
04/18/2005 19:50 233ÿ207 rKsrad.dll
04/18/2005 14:10 235ÿ249 sqell32.dll
04/18/2005 11:36 235ÿ129 wvhip6.dll
04/18/2005 11:18 235ÿ950 irp0l57m1.dll
04/17/2005 12:26 234ÿ677 q6pslg7716.dll
04/17/2005 12:26 233ÿ222 mixml2.dll
04/17/2005 11:18 236ÿ051 gpl0l33m1.dll
04/14/2005 20:15 235ÿ144 agkctrs.dll
04/13/2005 17:59 232ÿ968 mytvgs.dll
04/12/2005 22:10 233ÿ248 MCDBGFR.DLL
04/12/2005 22:03 234ÿ971 kfdycl.dll
04/12/2005 20:44 233ÿ248 stnceng.dll
37 fichier(s) 8ÿ444ÿ884 octets
2 R‚p(s) 14ÿ268ÿ604ÿ416 octets libres
et voila ( j'espère ke je n'ai pas fais de bétise ! lol)
amicallement : Anna
voici le rapport :
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
"Asynchronous"=dword:00000000
"DllName"=""
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{776CF063-099A-F7E3-9433-1022FC239DD8}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extension de l'interpr‚teur de commande pour Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F08F98D6-E423-4847-A115-207994B7E3F7}"=""
"{5B769505-9C8C-460F-BA42-304047223CE5}"=""
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}"=""
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}"=""
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}"=""
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}"=""
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}"=""
"{B49C1537-1A4E-47BD-B560-80145937DE5D}"=""
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}"=""
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}"=""
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}"=""
"{47A4D311-1194-47D8-8382-D1671E973DEE}"=""
"{20908FDC-5F19-46AD-9AC6-967B83870361}"=""
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}"=""
"{893C6A92-714D-4A6C-8757-5A647589E0E3}"=""
"{05C37307-D067-4432-BC31-EF61941F6670}"=""
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}"=""
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}"=""
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}"=""
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}"=""
"{CE870B20-E4AC-4792-B400-B828637954A1}"=""
"{109A92B6-9BAE-49E0-9016-94FD417384FE}"=""
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}"=""
"{CE000992-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN Resolver"
"{CE000994-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN SearchHook"
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}"=""
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}"=""
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}"=""
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}"=""
"{1D24BD19-C485-4456-8832-BC69C8816E9E}"=""
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}"=""
"{6354D83F-B627-43EE-A282-0D3BDC81E318}"=""
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\InprocServer32]
@="C:\\WINDOWS\\system32\\kwdmon.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdcbase.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\InprocServer32]
@="C:\\WINDOWS\\system32\\stnceng.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\kfdycl.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\InprocServer32]
@="C:\\WINDOWS\\system32\\MCDBGFR.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\InprocServer32]
@="C:\\WINDOWS\\system32\\mytvgs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\InprocServer32]
@="C:\\WINDOWS\\system32\\agkctrs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\InprocServer32]
@="C:\\WINDOWS\\system32\\mixml2.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\InprocServer32]
@="C:\\WINDOWS\\system32\\wvhip6.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\InprocServer32]
@="C:\\WINDOWS\\system32\\sqell32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\InprocServer32]
@="C:\\WINDOWS\\system32\\rKsrad.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\InprocServer32]
@="C:\\WINDOWS\\system32\\svlsrv32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\InprocServer32]
@="C:\\WINDOWS\\system32\\situpwbv.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\InprocServer32]
@="C:\\WINDOWS\\system32\\dFdxof.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\InprocServer32]
@="C:\\WINDOWS\\system32\\dumsrpcn.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\InprocServer32]
@="C:\\WINDOWS\\system32\\duprop.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\InprocServer32]
@="C:\\WINDOWS\\system32\\aoifil32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oqeaut32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\InprocServer32]
@="C:\\WINDOWS\\system32\\beotvid.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdxml2r.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\InprocServer32]
@="C:\\WINDOWS\\system32\\RXOCURS.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mfdart.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\InprocServer32]
@="C:\\WINDOWS\\system32\\iwpeers.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\InprocServer32]
@="C:\\WINDOWS\\system32\\ijp0l57m1.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\InprocServer32]
@="C:\\WINDOWS\\system32\\gltext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\InprocServer32]
@="C:\\WINDOWS\\system32\\rLsadhlp.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\InprocServer32]
@="C:\\WINDOWS\\system32\\cavfat.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\InprocServer32]
@="C:\\WINDOWS\\system32\\fjntext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
mscloc~1.dll Sat 1 Oct 2005 22:34:40 A.... 20 992 20,50 K
msploc~1.dll Sat 1 Oct 2005 19:12:54 A.... 20 992 20,50 K
sirenacm.dll Sat 13 Aug 2005 21:41:12 A.... 118 784 116,00 K
vsdata.dll Mon 29 Aug 2005 19:08:34 A.... 83 712 81,75 K
vsinit.dll Mon 29 Aug 2005 19:08:46 A.... 141 056 137,75 K
vsmonapi.dll Mon 29 Aug 2005 19:08:54 A.... 104 192 101,75 K
vspubapi.dll Mon 29 Aug 2005 19:08:58 A.... 227 072 221,75 K
vsregexp.dll Mon 29 Aug 2005 19:09:02 A.... 71 424 69,75 K
vsutil.dll Mon 29 Aug 2005 19:09:14 A.... 382 720 373,75 K
vsutil~1.dll Mon 29 Aug 2005 18:55:16 A.... 54 960 53,67 K
vsxml.dll Mon 29 Aug 2005 19:09:22 A.... 100 096 97,75 K
zlcomm.dll Mon 29 Aug 2005 19:09:42 A.... 79 616 77,75 K
zlcommdb.dll Mon 29 Aug 2005 19:09:46 A.... 71 424 69,75 K
13 items found: 13 files, 0 directories.
Total of file sizes: 1 477 040 bytes 1,41 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C s'appelle Windows XP
Le num‚ro de s‚rie du volume est F8B7-A3D3
R‚pertoire de C:\WINDOWS\System32
10/01/2005 23:02 11ÿ264 Thumbs.db
10/01/2005 18:42 <REP> dllcache
09/14/2005 22:00 <REP> Microsoft
04/23/2005 22:54 233ÿ222 nsdenb32.dll
04/23/2005 19:29 233ÿ222 k6nolg5316.dll
04/23/2005 15:14 233ÿ222 fjntext.dll
04/22/2005 23:30 234ÿ659 o0660ajsedo60.dll
04/22/2005 23:30 234ÿ328 cavfat.dll
04/22/2005 21:05 236ÿ296 rLsadhlp.dll
04/22/2005 21:02 234ÿ328 gltext.dll
04/22/2005 20:56 233ÿ169 ijp0l57m1.dll
04/22/2005 20:39 234ÿ328 iwpeers.dll
04/22/2005 20:28 233ÿ169 mfdart.dll
04/22/2005 20:14 233ÿ169 kwdda.dll
04/22/2005 17:30 234ÿ352 m0lsla371d.dll
04/22/2005 17:29 233ÿ879 RXOCURS.DLL
04/21/2005 22:10 235ÿ777 mdxml2r.dll
04/21/2005 22:07 232ÿ391 beotvid.dll
04/21/2005 15:21 235ÿ774 oqeaut32.dll
04/21/2005 15:17 236ÿ198 aoifil32.dll
04/21/2005 11:41 234ÿ771 duprop.dll
04/20/2005 17:43 233ÿ691 dumsrpcn.dll
04/20/2005 14:50 235ÿ945 dFdxof.dll
04/20/2005 10:46 232ÿ765 situpwbv.dll
04/18/2005 22:57 235ÿ945 svlsrv32.dll
04/18/2005 22:24 232ÿ749 e8020idoe80c0.dll
04/18/2005 22:23 233ÿ207 fprm0391e.dll
04/18/2005 19:50 233ÿ207 rKsrad.dll
04/18/2005 14:10 235ÿ249 sqell32.dll
04/18/2005 11:36 235ÿ129 wvhip6.dll
04/18/2005 11:18 235ÿ950 irp0l57m1.dll
04/17/2005 12:26 234ÿ677 q6pslg7716.dll
04/17/2005 12:26 233ÿ222 mixml2.dll
04/17/2005 11:18 236ÿ051 gpl0l33m1.dll
04/14/2005 20:15 235ÿ144 agkctrs.dll
04/13/2005 17:59 232ÿ968 mytvgs.dll
04/12/2005 22:10 233ÿ248 MCDBGFR.DLL
04/12/2005 22:03 234ÿ971 kfdycl.dll
04/12/2005 20:44 233ÿ248 stnceng.dll
37 fichier(s) 8ÿ444ÿ884 octets
2 R‚p(s) 14ÿ268ÿ604ÿ416 octets libres
et voila ( j'espère ke je n'ai pas fais de bétise ! lol)
amicallement : Anna
Utilisateur anonyme
2 oct. 2005 à 15:54
2 oct. 2005 à 15:54
ok
maintenant relances l2mfix.bat
et choisis l'option 2
Il va te demander d'appuyer sur une touche pour redémarrer
appuie sur n'importe quelle touche et laisse le pc redemarrer
le bloc note va s'ouvrir, copie et colle le contenu ici
maintenant relances l2mfix.bat
et choisis l'option 2
Il va te demander d'appuyer sur une touche pour redémarrer
appuie sur n'importe quelle touche et laisse le pc redemarrer
le bloc note va s'ouvrir, copie et colle le contenu ici
Hello ! euuuuuuuuuuuh j'ai eu un petit problème, pour la 2eme étape, lorsqu'il a redémarrer j'ai eu le message suivant :
de editeur registre:
"impossible d'exporter brckregs/F08F98D6-E423-4847-A115-207994B7E3F3.reg : erreur du fichier, il pourrait y avoir une erreur de disque ou de fichier système."
j'ai effectuer 2fois l'opération, et 2 fois le même resultat
l'informatique ne m'aime vraiment pas !
voilà, A+
de editeur registre:
"impossible d'exporter brckregs/F08F98D6-E423-4847-A115-207994B7E3F3.reg : erreur du fichier, il pourrait y avoir une erreur de disque ou de fichier système."
j'ai effectuer 2fois l'opération, et 2 fois le même resultat
l'informatique ne m'aime vraiment pas !
voilà, A+
Utilisateur anonyme
2 oct. 2005 à 16:54
2 oct. 2005 à 16:54
bon, pas de chance..
refais juste l'option 1 de l2mfix et poste le rapport
refais juste l'option 1 de l2mfix et poste le rapport
hello ! pour koi la 2eme étape n'a pas voulu fonctionner (si ta une idée ...)
sinon voici le nouveau rapport :
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{776CF063-099A-F7E3-9433-1022FC239DD8}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extension de l'interpr‚teur de commande pour Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F08F98D6-E423-4847-A115-207994B7E3F7}"=""
"{5B769505-9C8C-460F-BA42-304047223CE5}"=""
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}"=""
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}"=""
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}"=""
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}"=""
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}"=""
"{B49C1537-1A4E-47BD-B560-80145937DE5D}"=""
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}"=""
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}"=""
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}"=""
"{47A4D311-1194-47D8-8382-D1671E973DEE}"=""
"{20908FDC-5F19-46AD-9AC6-967B83870361}"=""
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}"=""
"{893C6A92-714D-4A6C-8757-5A647589E0E3}"=""
"{05C37307-D067-4432-BC31-EF61941F6670}"=""
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}"=""
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}"=""
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}"=""
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}"=""
"{CE870B20-E4AC-4792-B400-B828637954A1}"=""
"{109A92B6-9BAE-49E0-9016-94FD417384FE}"=""
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}"=""
"{CE000992-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN Resolver"
"{CE000994-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN SearchHook"
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}"=""
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}"=""
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}"=""
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}"=""
"{1D24BD19-C485-4456-8832-BC69C8816E9E}"=""
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}"=""
"{6354D83F-B627-43EE-A282-0D3BDC81E318}"=""
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\InprocServer32]
@="C:\\WINDOWS\\system32\\kwdmon.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdcbase.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\InprocServer32]
@="C:\\WINDOWS\\system32\\stnceng.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\kfdycl.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\InprocServer32]
@="C:\\WINDOWS\\system32\\MCDBGFR.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\InprocServer32]
@="C:\\WINDOWS\\system32\\mytvgs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\InprocServer32]
@="C:\\WINDOWS\\system32\\agkctrs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\InprocServer32]
@="C:\\WINDOWS\\system32\\mixml2.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\InprocServer32]
@="C:\\WINDOWS\\system32\\wvhip6.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\InprocServer32]
@="C:\\WINDOWS\\system32\\sqell32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\InprocServer32]
@="C:\\WINDOWS\\system32\\rKsrad.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\InprocServer32]
@="C:\\WINDOWS\\system32\\svlsrv32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\InprocServer32]
@="C:\\WINDOWS\\system32\\situpwbv.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\InprocServer32]
@="C:\\WINDOWS\\system32\\dFdxof.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\InprocServer32]
@="C:\\WINDOWS\\system32\\dumsrpcn.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\InprocServer32]
@="C:\\WINDOWS\\system32\\duprop.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\InprocServer32]
@="C:\\WINDOWS\\system32\\aoifil32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oqeaut32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\InprocServer32]
@="C:\\WINDOWS\\system32\\beotvid.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdxml2r.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\InprocServer32]
@="C:\\WINDOWS\\system32\\RXOCURS.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mfdart.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\InprocServer32]
@="C:\\WINDOWS\\system32\\iwpeers.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\InprocServer32]
@="C:\\WINDOWS\\system32\\ijp0l57m1.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\InprocServer32]
@="C:\\WINDOWS\\system32\\gltext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\InprocServer32]
@="C:\\WINDOWS\\system32\\rLsadhlp.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\InprocServer32]
@="C:\\WINDOWS\\system32\\cavfat.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\InprocServer32]
@="C:\\WINDOWS\\system32\\fjntext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
mscloc~1.dll Sat 1 Oct 2005 22:34:40 A.... 20 992 20,50 K
msploc~1.dll Sat 1 Oct 2005 19:12:54 A.... 20 992 20,50 K
sirenacm.dll Sat 13 Aug 2005 21:41:12 A.... 118 784 116,00 K
vsdata.dll Mon 29 Aug 2005 19:08:34 A.... 83 712 81,75 K
vsinit.dll Mon 29 Aug 2005 19:08:46 A.... 141 056 137,75 K
vsmonapi.dll Mon 29 Aug 2005 19:08:54 A.... 104 192 101,75 K
vspubapi.dll Mon 29 Aug 2005 19:08:58 A.... 227 072 221,75 K
vsregexp.dll Mon 29 Aug 2005 19:09:02 A.... 71 424 69,75 K
vsutil.dll Mon 29 Aug 2005 19:09:14 A.... 382 720 373,75 K
vsutil~1.dll Mon 29 Aug 2005 18:55:16 A.... 54 960 53,67 K
vsxml.dll Mon 29 Aug 2005 19:09:22 A.... 100 096 97,75 K
zlcomm.dll Mon 29 Aug 2005 19:09:42 A.... 79 616 77,75 K
zlcommdb.dll Mon 29 Aug 2005 19:09:46 A.... 71 424 69,75 K
13 items found: 13 files, 0 directories.
Total of file sizes: 1 477 040 bytes 1,41 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C s'appelle Windows XP
Le num‚ro de s‚rie du volume est F8B7-A3D3
R‚pertoire de C:\WINDOWS\System32
10/01/2005 23:02 11ÿ264 Thumbs.db
10/01/2005 18:42 <REP> dllcache
09/14/2005 22:00 <REP> Microsoft
04/23/2005 22:54 233ÿ222 nsdenb32.dll
04/23/2005 19:29 233ÿ222 k6nolg5316.dll
04/23/2005 15:14 233ÿ222 fjntext.dll
04/22/2005 23:30 234ÿ659 o0660ajsedo60.dll
04/22/2005 23:30 234ÿ328 cavfat.dll
04/22/2005 21:05 236ÿ296 rLsadhlp.dll
04/22/2005 21:02 234ÿ328 gltext.dll
04/22/2005 20:56 233ÿ169 ijp0l57m1.dll
04/22/2005 20:39 234ÿ328 iwpeers.dll
04/22/2005 20:28 233ÿ169 mfdart.dll
04/22/2005 20:14 233ÿ169 kwdda.dll
04/22/2005 17:30 234ÿ352 m0lsla371d.dll
04/22/2005 17:29 233ÿ879 RXOCURS.DLL
04/21/2005 22:10 235ÿ777 mdxml2r.dll
04/21/2005 22:07 232ÿ391 beotvid.dll
04/21/2005 15:21 235ÿ774 oqeaut32.dll
04/21/2005 15:17 236ÿ198 aoifil32.dll
04/21/2005 11:41 234ÿ771 duprop.dll
04/20/2005 17:43 233ÿ691 dumsrpcn.dll
04/20/2005 14:50 235ÿ945 dFdxof.dll
04/20/2005 10:46 232ÿ765 situpwbv.dll
04/18/2005 22:57 235ÿ945 svlsrv32.dll
04/18/2005 22:24 232ÿ749 e8020idoe80c0.dll
04/18/2005 22:23 233ÿ207 fprm0391e.dll
04/18/2005 19:50 233ÿ207 rKsrad.dll
04/18/2005 14:10 235ÿ249 sqell32.dll
04/18/2005 11:36 235ÿ129 wvhip6.dll
04/18/2005 11:18 235ÿ950 irp0l57m1.dll
04/17/2005 12:26 234ÿ677 q6pslg7716.dll
04/17/2005 12:26 233ÿ222 mixml2.dll
04/17/2005 11:18 236ÿ051 gpl0l33m1.dll
04/14/2005 20:15 235ÿ144 agkctrs.dll
04/13/2005 17:59 232ÿ968 mytvgs.dll
04/12/2005 22:10 233ÿ248 MCDBGFR.DLL
04/12/2005 22:03 234ÿ971 kfdycl.dll
04/12/2005 20:44 233ÿ248 stnceng.dll
37 fichier(s) 8ÿ444ÿ884 octets
2 R‚p(s) 14ÿ266ÿ855ÿ424 octets libres
voilà , merci pour ton aide et surtout ta patience !
a+
sinon voici le nouveau rapport :
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{776CF063-099A-F7E3-9433-1022FC239DD8}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extension de l'interpr‚teur de commande pour Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F08F98D6-E423-4847-A115-207994B7E3F7}"=""
"{5B769505-9C8C-460F-BA42-304047223CE5}"=""
"{40D2ACD1-3F58-449C-852B-DCFBAE170F71}"=""
"{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}"=""
"{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}"=""
"{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}"=""
"{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}"=""
"{B49C1537-1A4E-47BD-B560-80145937DE5D}"=""
"{336D41A3-97B8-4668-8ECE-4B1A337B647D}"=""
"{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}"=""
"{DAE4A48C-3F21-4F95-95E9-93368AE44E34}"=""
"{47A4D311-1194-47D8-8382-D1671E973DEE}"=""
"{20908FDC-5F19-46AD-9AC6-967B83870361}"=""
"{E948BBA0-2FF6-4270-A975-A3D430A7E044}"=""
"{893C6A92-714D-4A6C-8757-5A647589E0E3}"=""
"{05C37307-D067-4432-BC31-EF61941F6670}"=""
"{A3344DF4-E50B-4900-8ACF-9C0883C04396}"=""
"{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}"=""
"{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}"=""
"{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}"=""
"{CE870B20-E4AC-4792-B400-B828637954A1}"=""
"{109A92B6-9BAE-49E0-9016-94FD417384FE}"=""
"{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}"=""
"{CE000992-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN Resolver"
"{CE000994-A58C-4441-8938-744CD72AB27F}"="i-Nav IDN SearchHook"
"{12B5C523-ECBE-49C4-93F6-E90233EA0578}"=""
"{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}"=""
"{1255D589-8D8C-45C4-9281-B8FF2D302CFE}"=""
"{E4F26128-A64C-4D24-BE89-64F810E78C7C}"=""
"{1D24BD19-C485-4456-8832-BC69C8816E9E}"=""
"{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}"=""
"{6354D83F-B627-43EE-A282-0D3BDC81E318}"=""
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F08F98D6-E423-4847-A115-207994B7E3F7}\InprocServer32]
@="C:\\WINDOWS\\system32\\kwdmon.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}]
@=""
"IDEx"="DS3"
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5B769505-9C8C-460F-BA42-304047223CE5}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdcbase.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{40D2ACD1-3F58-449C-852B-DCFBAE170F71}\InprocServer32]
@="C:\\WINDOWS\\system32\\stnceng.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{21F9B1B0-2FBC-4732-86DF-466112EBD3D9}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{032E11A0-CA7F-46B4-AF6C-FCFBF5A228CF}\InprocServer32]
@="C:\\WINDOWS\\system32\\kfdycl.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6D03F50C-4A95-4F9F-AE67-911D21C0BCD4}\InprocServer32]
@="C:\\WINDOWS\\system32\\MCDBGFR.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{5A297622-1C3C-469D-81F8-A4F57D4BF0C2}\InprocServer32]
@="C:\\WINDOWS\\system32\\mytvgs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{B49C1537-1A4E-47BD-B560-80145937DE5D}\InprocServer32]
@="C:\\WINDOWS\\system32\\agkctrs.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{336D41A3-97B8-4668-8ECE-4B1A337B647D}\InprocServer32]
@="C:\\WINDOWS\\system32\\mixml2.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{024CF0DC-41BB-4FF4-89CB-C7064D2DC09A}\InprocServer32]
@="C:\\WINDOWS\\system32\\wvhip6.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{DAE4A48C-3F21-4F95-95E9-93368AE44E34}\InprocServer32]
@="C:\\WINDOWS\\system32\\sqell32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{47A4D311-1194-47D8-8382-D1671E973DEE}\InprocServer32]
@="C:\\WINDOWS\\system32\\rKsrad.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{20908FDC-5F19-46AD-9AC6-967B83870361}\InprocServer32]
@="C:\\WINDOWS\\system32\\svlsrv32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E948BBA0-2FF6-4270-A975-A3D430A7E044}\InprocServer32]
@="C:\\WINDOWS\\system32\\situpwbv.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{893C6A92-714D-4A6C-8757-5A647589E0E3}\InprocServer32]
@="C:\\WINDOWS\\system32\\dFdxof.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{05C37307-D067-4432-BC31-EF61941F6670}\InprocServer32]
@="C:\\WINDOWS\\system32\\dumsrpcn.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{A3344DF4-E50B-4900-8ACF-9C0883C04396}\InprocServer32]
@="C:\\WINDOWS\\system32\\duprop.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{F21DE3A8-A7F8-4A91-A3AC-B4417B0C91E5}\InprocServer32]
@="C:\\WINDOWS\\system32\\aoifil32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{986F2A82-AF74-470E-BAFD-C3EC093CEB1B}\InprocServer32]
@="C:\\WINDOWS\\system32\\oqeaut32.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6C3A8C4D-E1CC-4042-A99D-78715AA2FFE3}\InprocServer32]
@="C:\\WINDOWS\\system32\\beotvid.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CE870B20-E4AC-4792-B400-B828637954A1}\InprocServer32]
@="C:\\WINDOWS\\system32\\mdxml2r.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{109A92B6-9BAE-49E0-9016-94FD417384FE}\InprocServer32]
@="C:\\WINDOWS\\system32\\RXOCURS.DLL"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{BE80E6B9-E746-4853-BE8B-A9FCEB41187F}\InprocServer32]
@="C:\\WINDOWS\\system32\\mfdart.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{12B5C523-ECBE-49C4-93F6-E90233EA0578}\InprocServer32]
@="C:\\WINDOWS\\system32\\iwpeers.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{8FA7064F-3DC9-4BBD-8B0D-E22665102D80}\InprocServer32]
@="C:\\WINDOWS\\system32\\ijp0l57m1.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1255D589-8D8C-45C4-9281-B8FF2D302CFE}\InprocServer32]
@="C:\\WINDOWS\\system32\\gltext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{E4F26128-A64C-4D24-BE89-64F810E78C7C}\InprocServer32]
@="C:\\WINDOWS\\system32\\rLsadhlp.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{1D24BD19-C485-4456-8832-BC69C8816E9E}\InprocServer32]
@="C:\\WINDOWS\\system32\\cavfat.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{4CE00E70-9DF0-4B62-A056-5A5AE89EDB6A}\InprocServer32]
@="C:\\WINDOWS\\system32\\fjntext.dll"
"ThreadingModel"="Apartment"
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{6354D83F-B627-43EE-A282-0D3BDC81E318}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
mscloc~1.dll Sat 1 Oct 2005 22:34:40 A.... 20 992 20,50 K
msploc~1.dll Sat 1 Oct 2005 19:12:54 A.... 20 992 20,50 K
sirenacm.dll Sat 13 Aug 2005 21:41:12 A.... 118 784 116,00 K
vsdata.dll Mon 29 Aug 2005 19:08:34 A.... 83 712 81,75 K
vsinit.dll Mon 29 Aug 2005 19:08:46 A.... 141 056 137,75 K
vsmonapi.dll Mon 29 Aug 2005 19:08:54 A.... 104 192 101,75 K
vspubapi.dll Mon 29 Aug 2005 19:08:58 A.... 227 072 221,75 K
vsregexp.dll Mon 29 Aug 2005 19:09:02 A.... 71 424 69,75 K
vsutil.dll Mon 29 Aug 2005 19:09:14 A.... 382 720 373,75 K
vsutil~1.dll Mon 29 Aug 2005 18:55:16 A.... 54 960 53,67 K
vsxml.dll Mon 29 Aug 2005 19:09:22 A.... 100 096 97,75 K
zlcomm.dll Mon 29 Aug 2005 19:09:42 A.... 79 616 77,75 K
zlcommdb.dll Mon 29 Aug 2005 19:09:46 A.... 71 424 69,75 K
13 items found: 13 files, 0 directories.
Total of file sizes: 1 477 040 bytes 1,41 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C s'appelle Windows XP
Le num‚ro de s‚rie du volume est F8B7-A3D3
R‚pertoire de C:\WINDOWS\System32
10/01/2005 23:02 11ÿ264 Thumbs.db
10/01/2005 18:42 <REP> dllcache
09/14/2005 22:00 <REP> Microsoft
04/23/2005 22:54 233ÿ222 nsdenb32.dll
04/23/2005 19:29 233ÿ222 k6nolg5316.dll
04/23/2005 15:14 233ÿ222 fjntext.dll
04/22/2005 23:30 234ÿ659 o0660ajsedo60.dll
04/22/2005 23:30 234ÿ328 cavfat.dll
04/22/2005 21:05 236ÿ296 rLsadhlp.dll
04/22/2005 21:02 234ÿ328 gltext.dll
04/22/2005 20:56 233ÿ169 ijp0l57m1.dll
04/22/2005 20:39 234ÿ328 iwpeers.dll
04/22/2005 20:28 233ÿ169 mfdart.dll
04/22/2005 20:14 233ÿ169 kwdda.dll
04/22/2005 17:30 234ÿ352 m0lsla371d.dll
04/22/2005 17:29 233ÿ879 RXOCURS.DLL
04/21/2005 22:10 235ÿ777 mdxml2r.dll
04/21/2005 22:07 232ÿ391 beotvid.dll
04/21/2005 15:21 235ÿ774 oqeaut32.dll
04/21/2005 15:17 236ÿ198 aoifil32.dll
04/21/2005 11:41 234ÿ771 duprop.dll
04/20/2005 17:43 233ÿ691 dumsrpcn.dll
04/20/2005 14:50 235ÿ945 dFdxof.dll
04/20/2005 10:46 232ÿ765 situpwbv.dll
04/18/2005 22:57 235ÿ945 svlsrv32.dll
04/18/2005 22:24 232ÿ749 e8020idoe80c0.dll
04/18/2005 22:23 233ÿ207 fprm0391e.dll
04/18/2005 19:50 233ÿ207 rKsrad.dll
04/18/2005 14:10 235ÿ249 sqell32.dll
04/18/2005 11:36 235ÿ129 wvhip6.dll
04/18/2005 11:18 235ÿ950 irp0l57m1.dll
04/17/2005 12:26 234ÿ677 q6pslg7716.dll
04/17/2005 12:26 233ÿ222 mixml2.dll
04/17/2005 11:18 236ÿ051 gpl0l33m1.dll
04/14/2005 20:15 235ÿ144 agkctrs.dll
04/13/2005 17:59 232ÿ968 mytvgs.dll
04/12/2005 22:10 233ÿ248 MCDBGFR.DLL
04/12/2005 22:03 234ÿ971 kfdycl.dll
04/12/2005 20:44 233ÿ248 stnceng.dll
37 fichier(s) 8ÿ444ÿ884 octets
2 R‚p(s) 14ÿ266ÿ855ÿ424 octets libres
voilà , merci pour ton aide et surtout ta patience !
a+
Utilisateur anonyme
2 oct. 2005 à 18:37
2 oct. 2005 à 18:37
Telecharge: Pocket Killbox ici
http://www.downloads.subratam.org/KillBox.exe
l'aide détaillé de la manip en video ici:
http://pageperso.aol.fr/balltrap34/killbox.htm
(methode bloc notes)
ouvre le bloc note et copie et colle la liste des fichiers à supprimer ci-dessous
une fois fait, enregistre le à un endroit ou tu pourras le retrouver facilement (sur le bureau par exemple).
1/ lance killbox.exe
2/ ouvre le fichier txt qui contient la liste des fichiers à supprimer, clic sur edition dans le menu du haut et clic sur "selectionner tout"
3/ clic une seconde fois sur "edition" et clic sur "copier"
4/ referme le bloc note.
5/ Dans killbox, selectionne "Delete on Reboot"
6/ Dans le menu du haut clic sur File, puis sur paste from clipboard
(tu devrais voir apparaitre la liste des fichier qu'il va supprimer)
7/ clic sur le rond rouge
8/ une fenetre va apparaitre pour confirmation clic sur OUI
9/ une seconde fenetre te demande si tu veux redemarrer clic sur OUI
Si le pc ne redemarre pas automatiquement ou si killbox t'envois ce message:
"Pending file Rename Operations Registry Data has been Removed by External Process"
ignore le et redemarre le pc normallement
ensuite fais un scan ici:
http://webscanner.kaspersky.fr/
apres le chargement du control active X, clic sur suivant
puis clic sur configuration et choisis "étendue"
Choisis l'analyse répertoire et choisis ton ou tes disques durs
A la fin de l'analyse, copier/coller le rapport ici
a+
http://www.downloads.subratam.org/KillBox.exe
l'aide détaillé de la manip en video ici:
http://pageperso.aol.fr/balltrap34/killbox.htm
(methode bloc notes)
ouvre le bloc note et copie et colle la liste des fichiers à supprimer ci-dessous
une fois fait, enregistre le à un endroit ou tu pourras le retrouver facilement (sur le bureau par exemple).
C:\WINDOWS\System32\nsdenb32.dll C:\WINDOWS\System32\k6nolg5316.dll C:\WINDOWS\System32\fjntext.dll C:\WINDOWS\System32\o0660ajsedo60.dll C:\WINDOWS\System32\cavfat.dll C:\WINDOWS\System32\0rLsadhlp.dll C:\WINDOWS\System32\gltext.dll C:\WINDOWS\System32\ijp0l57m1.dll C:\WINDOWS\System32\iwpeers.dll C:\WINDOWS\System32\mfdart.dll C:\WINDOWS\System32\kwdda.dll C:\WINDOWS\System32\m0lsla371d.dll C:\WINDOWS\System32\RXOCURS.DLL C:\WINDOWS\System32\mdxml2r.dll C:\WINDOWS\System32\beotvid.dll C:\WINDOWS\System32\oqeaut32.dll C:\WINDOWS\System32\aoifil32.dll C:\WINDOWS\System32\duprop.dll C:\WINDOWS\System32\dumsrpcn.dll C:\WINDOWS\System32\dFdxof.dll C:\WINDOWS\System32\situpwbv.dll C:\WINDOWS\System32\svlsrv32.dll C:\WINDOWS\System32\e8020idoe80c0.dll C:\WINDOWS\System32\fprm0391e.dll C:\WINDOWS\System32\rKsrad.dll C:\WINDOWS\System32\sqell32.dll C:\WINDOWS\System32\wvhip6.dll C:\WINDOWS\System32\irp0l57m1.dll C:\WINDOWS\System32\q6pslg7716.dll C:\WINDOWS\System32\mixml2.dll C:\WINDOWS\System32\gpl0l33m1.dll C:\WINDOWS\System32\agkctrs.dll C:\WINDOWS\System32\mytvgs.dll C:\WINDOWS\System32\MCDBGFR.DLL C:\WINDOWS\System32\kfdycl.dll C:\WINDOWS\System32\stnceng.dll C:\WINDOWS\System32\guard.tmp
1/ lance killbox.exe
2/ ouvre le fichier txt qui contient la liste des fichiers à supprimer, clic sur edition dans le menu du haut et clic sur "selectionner tout"
3/ clic une seconde fois sur "edition" et clic sur "copier"
4/ referme le bloc note.
5/ Dans killbox, selectionne "Delete on Reboot"
6/ Dans le menu du haut clic sur File, puis sur paste from clipboard
(tu devrais voir apparaitre la liste des fichier qu'il va supprimer)
7/ clic sur le rond rouge
8/ une fenetre va apparaitre pour confirmation clic sur OUI
9/ une seconde fenetre te demande si tu veux redemarrer clic sur OUI
Si le pc ne redemarre pas automatiquement ou si killbox t'envois ce message:
"Pending file Rename Operations Registry Data has been Removed by External Process"
ignore le et redemarre le pc normallement
ensuite fais un scan ici:
http://webscanner.kaspersky.fr/
apres le chargement du control active X, clic sur suivant
puis clic sur configuration et choisis "étendue"
Choisis l'analyse répertoire et choisis ton ou tes disques durs
A la fin de l'analyse, copier/coller le rapport ici
a+
hello !
Au faite j'ai deux remarque :
1) lorsque j'allume mon PC, j'ai presque toujours ce message (encore à present)
"votre système a recuperé d'une grave erreur" voulez-vous envoyer un rapport à microsoft ?
2) et sur la session de ma soeur , lorsque je vais sur document partagé , son dossier à été renomer "lola" (?!) et apparement c'été pas elle qui la fais , ainsi que le nom de la licence quand on lance word, une idée sur ces changements ?
et aussi : tu veux dire quoi par choisir l'analyse repertoire ?
voici le rapport :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, October 02, 2005 20:07:17
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 2/10/2005
Kaspersky Anti-Virus database records: 152092
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 67140
Number of viruses found: 7
Number of infected objects: 56
Number of suspicious objects: 0
Duration of the scan process: 3165 sec
Infected Object Name - Virus Name
C:\!Submit\agkctrs.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\aoifil32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\beotvid.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\cavfat.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\dFdxof.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\dumsrpcn.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\duprop.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\e8020idoe80c0.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\fjntext.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\fprm0391e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\gltext.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\gpl0l33m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\guard.tmp Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\ijp0l57m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\irp0l57m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\iwpeers.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\k6nolg5316.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\kfdycl.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\kwdda.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\m0lsla371d.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\MCDBGFR.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mdxml2r.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mfdart.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mixml2.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mytvgs.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\nsdenb32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\o0660ajsedo60.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\oqeaut32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\q6pslg7716.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\rKsrad.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\RXOCURS.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\situpwbv.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\sqell32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\stnceng.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\svlsrv32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\wvhip6.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\msipsr.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msproc32.exe Infected: Trojan-Downloader.Win32.WinAD.e
C:\mssyst32.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msupdt32.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msws16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\mswset16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\mswt16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\system\UpdInst.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\WINDOWS\system32\70tovmto.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao
C:\WINDOWS\system32\drivers\delprot.sys Infected: Trojan.Win32.Delprot.a
C:\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao
C:\WINDOWS\system32\kwdmon.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\WINDOWS\system32\msclock32.dll Infected: not-a-virus:Porn-Dialer.Win32.AsianRaw.bi
C:\WINDOWS\system32\msplock32.dll Infected: not-a-virus:Porn-Dialer.Win32.AsianRaw.bi
C:\WINDOWS\system32\rLsadhlp.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\winupdate.exe Infected: Trojan-Downloader.Win32.WinAD.e
Scan process completed.
et voilà , à +
Au faite j'ai deux remarque :
1) lorsque j'allume mon PC, j'ai presque toujours ce message (encore à present)
"votre système a recuperé d'une grave erreur" voulez-vous envoyer un rapport à microsoft ?
2) et sur la session de ma soeur , lorsque je vais sur document partagé , son dossier à été renomer "lola" (?!) et apparement c'été pas elle qui la fais , ainsi que le nom de la licence quand on lance word, une idée sur ces changements ?
et aussi : tu veux dire quoi par choisir l'analyse repertoire ?
voici le rapport :
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, October 02, 2005 20:07:17
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 2/10/2005
Kaspersky Anti-Virus database records: 152092
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 67140
Number of viruses found: 7
Number of infected objects: 56
Number of suspicious objects: 0
Duration of the scan process: 3165 sec
Infected Object Name - Virus Name
C:\!Submit\agkctrs.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\aoifil32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\beotvid.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\cavfat.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\dFdxof.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\dumsrpcn.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\duprop.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\e8020idoe80c0.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\fjntext.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\fprm0391e.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\gltext.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\gpl0l33m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\guard.tmp Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\ijp0l57m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\irp0l57m1.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\iwpeers.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\k6nolg5316.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\kfdycl.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\kwdda.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\m0lsla371d.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\MCDBGFR.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mdxml2r.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mfdart.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mixml2.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\mytvgs.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\nsdenb32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\o0660ajsedo60.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\oqeaut32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\q6pslg7716.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\rKsrad.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\RXOCURS.DLL Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\situpwbv.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\sqell32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\stnceng.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\svlsrv32.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\!Submit\wvhip6.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\msipsr.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msproc32.exe Infected: Trojan-Downloader.Win32.WinAD.e
C:\mssyst32.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msupdt32.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\msws16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\mswset16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\mswt16.exe Infected: Trojan-Downloader.Win32.WinAD.d
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1101.dll Infected: not-a-virus:AdWare.Win32.Gator.1101
C:\WINDOWS\system\UpdInst.exe Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\WINDOWS\system32\70tovmto.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao
C:\WINDOWS\system32\drivers\delprot.sys Infected: Trojan.Win32.Delprot.a
C:\WINDOWS\system32\gah95on6.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao
C:\WINDOWS\system32\kwdmon.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\WINDOWS\system32\msclock32.dll Infected: not-a-virus:Porn-Dialer.Win32.AsianRaw.bi
C:\WINDOWS\system32\msplock32.dll Infected: not-a-virus:Porn-Dialer.Win32.AsianRaw.bi
C:\WINDOWS\system32\rLsadhlp.dll Infected: not-a-virus:AdWare.Win32.Look2Me.ab
C:\winupdate.exe Infected: Trojan-Downloader.Win32.WinAD.e
Scan process completed.
et voilà , à +
Utilisateur anonyme
2 oct. 2005 à 20:25
2 oct. 2005 à 20:25
ben je vois que tu n'a pas fais le scan pour rien, lol
Tu peux supprimer le dossier C:\!Submit, c'est un dossier crée par killbox (une sauvegarde en cas de plantage).
Meme manip que tout à l'heure avec killbox
ouvre le bloc note et copie et colle la liste des fichiers à supprimer ci-dessous
une fois fait, enregistre le à un endroit ou tu pourras le retrouver facilement (sur le bureau par exemple).
1/ lance killbox.exe
2/ ouvre le fichier txt qui contient la liste des fichiers à supprimer, clic sur edition dans le menu du haut et clic sur "selectionner tout"
3/ clic une seconde fois sur "edition" et clic sur "copier"
4/ referme le bloc note.
5/ Dans killbox, selectionne "Delete on Reboot"
6/ Dans le menu du haut clic sur File, puis sur paste from clipboard
(tu devrais voir apparaitre la liste des fichier qu'il va supprimer)
7/ clic sur le rond rouge
8/ une fenetre va apparaitre pour confirmation clic sur OUI
9/ une seconde fenetre te demande si tu veux redemarrer clic sur OUI
Si le pc ne redemarre pas automatiquement ou si killbox t'envois ce message:
"Pending file Rename Operations Registry Data has been Removed by External Process"
ignore le et redemarre le pc normallement
reposte un rapport hijackthis
Pour kaspersky, regarde la petite anim ici:
http://support.kaspersky.fr/admin/u2Files/Image/webscanner/FinalWS.gif
a++
Tu peux supprimer le dossier C:\!Submit, c'est un dossier crée par killbox (une sauvegarde en cas de plantage).
Meme manip que tout à l'heure avec killbox
ouvre le bloc note et copie et colle la liste des fichiers à supprimer ci-dessous
une fois fait, enregistre le à un endroit ou tu pourras le retrouver facilement (sur le bureau par exemple).
C:\msipsr.exe C:\msproc32.exe C:\mssyst32.exe C:\msupdt32.exe C:\msws16.exe C:\mswset16.exe C:\mswt16.exe C:\WINDOWS\Downloaded Program Files\CONFLICT.2\HDPlugin1101.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.3\HDPlugin1101.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.4\HDPlugin1101.dll C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1101.dll C:\WINDOWS\system\UpdInst.exe C:\WINDOWS\system32\70tovmto.ini C:\WINDOWS\system32\drivers\delprot.sys C:\WINDOWS\system32\gah95on6.ini C:\WINDOWS\system32\kwdmon.dll C:\WINDOWS\system32\msclock32.dll C:\WINDOWS\system32\msplock32.dll C:\WINDOWS\system32\rLsadhlp.dll C:\winupdate.exe
1/ lance killbox.exe
2/ ouvre le fichier txt qui contient la liste des fichiers à supprimer, clic sur edition dans le menu du haut et clic sur "selectionner tout"
3/ clic une seconde fois sur "edition" et clic sur "copier"
4/ referme le bloc note.
5/ Dans killbox, selectionne "Delete on Reboot"
6/ Dans le menu du haut clic sur File, puis sur paste from clipboard
(tu devrais voir apparaitre la liste des fichier qu'il va supprimer)
7/ clic sur le rond rouge
8/ une fenetre va apparaitre pour confirmation clic sur OUI
9/ une seconde fenetre te demande si tu veux redemarrer clic sur OUI
Si le pc ne redemarre pas automatiquement ou si killbox t'envois ce message:
"Pending file Rename Operations Registry Data has been Removed by External Process"
ignore le et redemarre le pc normallement
reposte un rapport hijackthis
Pour kaspersky, regarde la petite anim ici:
http://support.kaspersky.fr/admin/u2Files/Image/webscanner/FinalWS.gif
a++
coucou, c bon je n'ai plus de problème lorsque je redemarre
voici le nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 21:00:12, on 10/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Windows XP\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {02478D28-C3F9-4EFB-9B51-7695ECA05670} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128167134936
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{243D494F-2B62-41D7-9CBA-92C1D15F6E70}: NameServer = 80.118.196.40 80.118.192.110
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
merci, à +
voici le nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 21:00:12, on 10/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Windows XP\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {02478D28-C3F9-4EFB-9B51-7695ECA05670} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128167134936
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{243D494F-2B62-41D7-9CBA-92C1D15F6E70}: NameServer = 80.118.196.40 80.118.192.110
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
merci, à +
Utilisateur anonyme
2 oct. 2005 à 21:28
2 oct. 2005 à 21:28
Content pour toi ;-)
C'est toi qui a installer mailskinner ?
j'ai pas reussi à trouver beaucoups d'infos sur ce prog, si tu sais à quoi il sert exactement dis le moi se serait sympa.
a+++++
C'est toi qui a installer mailskinner ?
j'ai pas reussi à trouver beaucoups d'infos sur ce prog, si tu sais à quoi il sert exactement dis le moi se serait sympa.
a+++++
Re Moe, non je ne l'ai pas installer (on a du l'autorisé avec zonealarm par erreur je pense, comme plein d'autres),désolée mé j'ai aucune idée sur ce que c'est, je l'avais trouver dans "ajouter/supprimer un prog" et je l'ai supprimer,
autre chose : de temps en temps j'ai zonalarm qui me demande:
"Genic Host Process for Win32 service tente d'utiliser WNT pour accéder à la zone sure" c'est koi ce truc ?
bilan de santé de ce PC positif ou négatif ?
tiens moi au courante et à +++
autre chose : de temps en temps j'ai zonalarm qui me demande:
"Genic Host Process for Win32 service tente d'utiliser WNT pour accéder à la zone sure" c'est koi ce truc ?
bilan de santé de ce PC positif ou négatif ?
tiens moi au courante et à +++
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
331
2 oct. 2005 à 23:24
2 oct. 2005 à 23:24
salut moe
c est une verole je pense j est trouver la meme chose sur le pc de ma niece
c est une verole je pense j est trouver la meme chose sur le pc de ma niece
Coucou balltrap34, tu pourrai traduire "une verole" ???
de plus y a même pas 5 min, internet ne fonctionner +, et sur google, dans "adresse" j'ai un nouveau logo un "G" dans un cadre ... et lorsque j'ai redemarrer, je pouvais plus acceder à aucune session ! j'ai du encore redemarrer et la ça à l'aire d'aller mieux ... mé pour combien de temps ???
en tout cas merci de votre aide et tenez moi au courant ! a+
de plus y a même pas 5 min, internet ne fonctionner +, et sur google, dans "adresse" j'ai un nouveau logo un "G" dans un cadre ... et lorsque j'ai redemarrer, je pouvais plus acceder à aucune session ! j'ai du encore redemarrer et la ça à l'aire d'aller mieux ... mé pour combien de temps ???
en tout cas merci de votre aide et tenez moi au courant ! a+
Utilisateur anonyme
3 oct. 2005 à 14:21
3 oct. 2005 à 14:21
coucou anne helene
contactez moi sur ce forum
www.hardware.fr sous le pseudo regis41 je vous expliquerez ce que vous voulez savoir, car nous allons pas encombrer le forum d explications ici
a+
contactez moi sur ce forum
www.hardware.fr sous le pseudo regis41 je vous expliquerez ce que vous voulez savoir, car nous allons pas encombrer le forum d explications ici
a+
Utilisateur anonyme
3 oct. 2005 à 19:24
3 oct. 2005 à 19:24
coucou anna,
ou en sont tes soucis de pc posséede?
remet un hijack this !!
pour hardware
http://forum.hardware.fr/hardwarefr/WindowsSoftwareReseaux/Trojan-Agent-sujet-224860-2.htm#t0
ou en sont tes soucis de pc posséede?
remet un hijack this !!
pour hardware
http://forum.hardware.fr/hardwarefr/WindowsSoftwareReseaux/Trojan-Agent-sujet-224860-2.htm#t0
Coucou , pour te poser plein de questions "métaphysique" il faut que je t'envoie un message privée c ça ?
sinon voici un nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 19:49:58, on 10/03/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\imapi.exe
C:\Documents and Settings\Windows XP\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {02478D28-C3F9-4EFB-9B51-7695ECA05670} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128167134936
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{243D494F-2B62-41D7-9CBA-92C1D15F6E70}: NameServer = 80.118.192.110 80.118.196.40
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
et voilà, à tout !!!bizzz
sinon voici un nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 19:49:58, on 10/03/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\imapi.exe
C:\Documents and Settings\Windows XP\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {02478D28-C3F9-4EFB-9B51-7695ECA05670} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128167134936
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{243D494F-2B62-41D7-9CBA-92C1D15F6E70}: NameServer = 80.118.192.110 80.118.196.40
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
et voilà, à tout !!!bizzz
Utilisateur anonyme
3 oct. 2005 à 20:18
3 oct. 2005 à 20:18
salut
supprime cette ligne avec hijackthis:
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
et supprime ce dossier:
c:\program files\mailskinner
ensuite fais un scan ici:
http://www.bitdefender.fr
et poste le rapport
a+++
supprime cette ligne avec hijackthis:
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
et supprime ce dossier:
c:\program files\mailskinner
ensuite fais un scan ici:
http://www.bitdefender.fr
et poste le rapport
a+++
Coucou Meo, voilà ta demande :
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Mon, Oct 03, 2005 - 20:30:01
--------------------------------------------------------------------------------
Info d'analyse
Fichiers scannés
2463
Infectés Fichiers
0
Virus Détectés
Aucun virus trouvé.
--------------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
je crois que c plutot encouragent non ?!
merci et à+++
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Mon, Oct 03, 2005 - 20:30:01
--------------------------------------------------------------------------------
Info d'analyse
Fichiers scannés
2463
Infectés Fichiers
0
Virus Détectés
Aucun virus trouvé.
--------------------------------------------------------------------------------
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
je crois que c plutot encouragent non ?!
merci et à+++
Utilisateur anonyme
3 oct. 2005 à 20:43
3 oct. 2005 à 20:43
ca a l'air
tu as des antispywares ? (spybot, ad-aware)
tu as des antispywares ? (spybot, ad-aware)
Re Moe, et bien grace à vous j'ai les 2, je voudrai bien ke tu me conseil sur les anti virus , par-feu ... et tout c truc, sinon je t'avais demander ça :
de temps en temps j'ai zonalarm qui me demande:
"Genic Host Process for Win32 service tente d'utiliser WNT pour accéder à la zone sure" c'est koi ce truc ?
bilan de santé de ce PC positif ou négatif ?
merci de repondre et à +++
de temps en temps j'ai zonalarm qui me demande:
"Genic Host Process for Win32 service tente d'utiliser WNT pour accéder à la zone sure" c'est koi ce truc ?
bilan de santé de ce PC positif ou négatif ?
merci de repondre et à +++
Utilisateur anonyme
3 oct. 2005 à 21:21
3 oct. 2005 à 21:21
salut
oui accepte le et garde le toujours en memoire !!!
bilan positif !!
si tu n as pas ad aware et spybot dans ta collection rajoute les et ca sera bon
a+
oui accepte le et garde le toujours en memoire !!!
bilan positif !!
si tu n as pas ad aware et spybot dans ta collection rajoute les et ca sera bon
a+
Utilisateur anonyme
4 oct. 2005 à 13:38
4 oct. 2005 à 13:38
salut
oui tu le peux
pour tes mises a jour essai ce lien
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=fr
a+
oui tu le peux
pour tes mises a jour essai ce lien
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=fr
a+
Coucou régis,
j'ai toujours le même problème concernant la mise à jour, j'obtiens le message suivant : impossibled'installer le servise pack2 pour windows XP, la clé du produit pour installer microsoft window n'est peut être pas valide. Pour obtenir + d'information sur ce message d'erreur et sur la manière de la resoudre..."
encore une enigume à resoudre ! merci pour ton aide et à+
j'ai toujours le même problème concernant la mise à jour, j'obtiens le message suivant : impossibled'installer le servise pack2 pour windows XP, la clé du produit pour installer microsoft window n'est peut être pas valide. Pour obtenir + d'information sur ce message d'erreur et sur la manière de la resoudre..."
encore une enigume à resoudre ! merci pour ton aide et à+
Utilisateur anonyme
4 oct. 2005 à 20:45
4 oct. 2005 à 20:45
salut
c est toi qui a installer xp sur ton pc? tu l as surrement pas acheter comme ca , c est une version pirate?
a+
c est toi qui a installer xp sur ton pc? tu l as surrement pas acheter comme ca , c est une version pirate?
a+
Utilisateur anonyme
4 oct. 2005 à 20:55
4 oct. 2005 à 20:55
Oui tu ne DOIS JAMAIS FAIRE DE MISES A JOUR WINDOWS, si c est une version pirate !!!
Voila ce que tu perds avec une version pirate, tu ne corrige pas les failles de xp, ce qui laisse place a tous les virus de s installer...
Voila ce que tu perds avec une version pirate, tu ne corrige pas les failles de xp, ce qui laisse place a tous les virus de s installer...
2 oct. 2005 à 13:58
1) dans "ajouter/supprimer" je n'ai + de programme tojyvhes.exe
2)pour : c:\windows\system32\tojyvhes.exe , comme je l'ai dis à ton collègue, lorsque j'ai cliker dessus ,il a "disparu" et la je compter aller revoir (en mode sans echec c bien ça ?)
3) voici le nouveau rapport :
Logfile of HijackThis v1.99.1
Scan saved at 13:56:06, on 10/02/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Windows XP\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {02478D28-C3F9-4EFB-9B51-7695ECA05670} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128167134936
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{243D494F-2B62-41D7-9CBA-92C1D15F6E70}: NameServer = 80.118.196.41 80.118.192.111
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Alors c grave docteur ? lol
bisou , A+