Sujet Précédent Sujet Suivant

Publicité X impossible à éliminer

ayoub -  
 Utilisateur anonyme -
bonjour à tous,
j'espère que vous allez pouvoir m'aider: je suis désespéré: j'ai chopé un virus:instant access, j'ai réussi à le supprimer, enfin c'est ce que je croyai, même si je ne le vois plus, j'ai toujours des publicité cochonnes qui s'affichent dans les espaces de publicité de pages comme yahoo.fr ou le monde.fr, enfin bref, ca vient toujours s'insérer. J'ai installé Ad-Aware, pop-up stopper et spybot search and destroy, du coup je n'ai plus de nouvelles fenetres de publicité qui apparaissent mais malheureusement j'ai toujours ces filles nues qui apparaissent dans les cadres publicité des pages déja ouvertes. Pouvez vous m'indiquer comment remédier à ca problème ? J'ai passé des heures à télécharger toute sorte d'anti pop-up, je n,en ai plus mais j'ai toujours ces maudites pubs X qui apparaissent ! Ce serait très aimable d'essayer d em'aider.
merci beaucoup
A voir également:

25 réponses

  • 1
  • 2
Réponse 1 / 25
bernie61
 
salut
tu nettoies ton ordii avec ces log
logiciel CCLEANER là http://www.ccleaner.com/
Et tutorial là http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

Logiciel nettoyage tmp et traces de surf MRU-Blaster:
http://www.javacoolsoftware.com/mrublaster.html
tutorial : http://forum.pcastuces.com/sujet.asp?SUJET_ID=22717

ensuite tu fais un Hijackthis si tu as encore des pbm
http://users.skynet.be/BernieClub/index.html#hijackPROC
a+
0
ayoub
 
Merci bcp Bernie pour les infos et ta réponse rapide. Mais malheureusement j'ai fait roulé le cleaner et le MRU-blaster et éliminer les éléments détectés mais j'ai toujours des pop up X (best-promos/trafficwaypointcash) qui apparaissent si j'éteins le pop-up stopper et si je le mets j'ai toujours des pubX qui s'inserent dans les espaces pub. Au secours ! Le hi jack m'a donné plusieurs fichiers à surveiller mais je ne m'y connais pas du tout et je n'ose rien effacer ! Help ! Merci beaucoup
0
nono
 
bonjours à tous,
voila j'ai le meme problème que Yaoub, j'ai des pubX (best-promos) qui apparaissent comme par magie. J'ai lu toutes les aides que vous lui avez envoyé et j' ai essayé de faire pareil sur mon ordi mais sans résultat elles sont toujours la! j ai installé ad-aware, spybot et j ai nettoyé mon ordi avec regseeker. J'espere que vous allez pouvoir m'aider.
merci beaucoup.
0
Réponse 2 / 25
Utilisateur anonyme
 
salut

poste le pour bernie
0
Réponse 3 / 25
Whitewolf88 Messages postés 33 Statut Membre 2
 
www.antipub.com test ;)
0
Réponse 4 / 25
ayoub
 
merci bcp pour votre aide, mais j'ai toujours le meme probleme : the-best-promos qui s'affichent et trafficway-point-cash si le popu stopper ne marche pas, et meme quand je mets le popup stopper j'ai des trucx X qui apparaissent dans les espaces pubs des pages internet quelconques. Je vois aussi de tps en tps le instant Acces qui revient, meme je l'efface il revient, aidez mois svp, je ne sais plus quoi faire ! Voici le resultatd du Hi jack si cela peut vous aider a m'aider:
<?xml version="1.0" encoding="Windows-1252"?>
<a2hijackfreelog>
<version>1.20</version>
<datecreated>2005-12-28 20:14</datecreated>
<language>fr-fr</language>
<ie_version>6.0.2900.2180</ie_version>
<os>XP</os>
<os_version>5.1.2600</os_version>
<os_csd>Service Pack 2</os_csd>
<programpath>D:\Program Files</programpath>
<startuppath>D:\Documents and Settings\racchris\Start Menu\Programs\Startup</startuppath>
<systempath>D:\WINDOWS\system32</systempath>
<winpath>D:\WINDOWS</winpath>
<autoruns>
<autorun category="registry">
<name>TkBellExe</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%programpath%\Common Files\Real\Update_OB\evntsvc.exe -osboot</filepath>
</autorun>
<autorun category="registry">
<name>NvCplDaemon</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>RUNDLL32.EXE %systempath%\NvCpl.dll,NvStartup</filepath>
</autorun>
<autorun category="registry">
<name>nwiz</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>nwiz.exe /install</filepath>
</autorun>
<autorun category="registry">
<name>SMSERIAL</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>sm56hlpr.exe</filepath>
</autorun>
<autorun category="registry">
<name>Icône Symbiose</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%programpath%\Groupe documens\Commun\Icone Symbiose\IconSys.exe</filepath>
</autorun>
<autorun category="registry">
<name>ccApp</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%programpath%\Common Files\Symantec Shared\ccApp.exe</filepath>
</autorun>
<autorun category="registry">
<name>NeroCheck</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%systempath%\NeroCheck.exe</filepath>
</autorun>
<autorun category="registry">
<name>Pop-Up Stopper</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%programpath%\Panicware\Pop-Up Stopper\dpps2.exe</filepath>
</autorun>
<autorun category="registry">
<name>Pop-Up Stopper</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run</location>
<filepath>%programpath%\Panicware\Pop-Up Stopper\dpps2.exe</filepath>
</autorun>
<autorun category="startupfiles">
<location>win.ini</location>
<name>load</name>
<filepath></filepath>
</autorun>
<autorun category="startupfiles">
<location>win.ini</location>
<name>run</name>
<filepath></filepath>
</autorun>
<autorun category="startupfiles">
<location>win.ini</location>
<name>shell</name>
<filepath>Explorer.exe</filepath>
</autorun>
<autorun category="startupfiles">
<location>win.ini</location>
<name>scrnsave.exe</name>
<filepath>%systempath%\logon.scr</filepath>
</autorun>
<autorun category="autostartmenu">
<location>%startuppath%\</location>
<name>MRU-Blaster Scheduler</name>
</autorun>
<autorun category="autostartmenu">
<location>%startuppath%\</location>
<name>MRU-Blaster Silent Clean</name>
</autorun>
<autorun category="autostartmenu">
<location>D:\Documents and Settings\All Users\Start Menu\Programs\Startup\</location>
<name>Adobe Acrobat Speed Launcher</name>
</autorun>
<autorun category="autostartmenu">
<location>D:\Documents and Settings\All Users\Start Menu\Programs\Startup\</location>
<name>Adobe Gamma Loader</name>
</autorun>
<autorun category="tricky">
<name>CTFMON.EXE</name>
<location>HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\</location>
<filepath>%systempath%\CTFMON.EXE</filepath>
</autorun>
<autorun category="tricky">
<name>ALUAlert</name>
<location>HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\</location>
<filepath>%programpath%\Symantec\LiveUpdate\ALUNotify.exe</filepath>
</autorun>
<autorun category="tricky">
<name>Shell</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\</location>
<filepath>Explorer.exe</filepath>
</autorun>
<autorun category="tricky">
<name>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%winpath%\inf\unregmp2.exe /ShowWMP</filepath>
</autorun>
<autorun category="tricky">
<name>{26923b43-4d38-484f-9b9e-de460746276c}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%systempath%\system32\shmgrate.exe OCInstallUserConfigIE</filepath>
</autorun>
<autorun category="tricky">
<name>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP</filepath>
</autorun>
<autorun category="tricky">
<name>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%systempath%\system32\shmgrate.exe OCInstallUserConfigOE</filepath>
</autorun>
<autorun category="tricky">
<name>{2C7339CF-2B09-4501-B3F3-F3508C9228ED}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%systempath%\system32\regsvr32.exe /s /n /i:/UserInstall %systempath%\system32\themeui.dll</filepath>
</autorun>
<autorun category="tricky">
<name>{44BBA840-CC51-11CF-AAFA-00AA00B6015C}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%programpath%\Outlook Express\setup50.exe /APP:OE /CALLER:WINNT /user /install</filepath>
</autorun>
<autorun category="tricky">
<name>{44BBA842-CC51-11CF-AAFA-00AA00B6015B}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>rundll32.exe advpack.dll,LaunchINFSection %winpath%\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT</filepath>
</autorun>
<autorun category="tricky">
<name>{4b218e3e-bc98-4770-93d3-2731b9329278}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%systempath%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systempath%\inf\ie.inf</filepath>
</autorun>
<autorun category="tricky">
<name>{5945c046-1e7d-11d1-bc44-00c04fd912be}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>rundll32.exe advpack.dll,LaunchINFSection %winpath%\INF\msmsgs.inf,BLC.QuietInstall.PerUser</filepath>
</autorun>
<autorun category="tricky">
<name>{6BF52A52-394A-11d3-B153-00C04F79FAA6}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>rundll32.exe advpack.dll,LaunchINFSection %winpath%\INF\wmp.inf,PerUserStub</filepath>
</autorun>
<autorun category="tricky">
<name>{7790769C-0471-11d2-AF11-00C04FA35D02}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%programpath%\Outlook Express\setup50.exe /APP:WAB /CALLER:WINNT /user /install</filepath>
</autorun>
<autorun category="tricky">
<name>{89820200-ECBD-11cf-8B85-00AA005B4340}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>regsvr32.exe /s /n /i:U shell32.dll</filepath>
</autorun>
<autorun category="tricky">
<name>{89820200-ECBD-11cf-8B85-00AA005B4383}</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\</location>
<filepath>%systempath%\system32\ie4uinit.exe</filepath>
</autorun>
<autorun category="tricky">
<name>VBScript Script File</name>
<location>HKEY_CLASSES_ROOT\vbsfile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>VBScript Encoded Script File</name>
<location>HKEY_CLASSES_ROOT\vbefile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>JScript Script File</name>
<location>HKEY_CLASSES_ROOT\jsfile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>JScript Encoded Script File</name>
<location>HKEY_CLASSES_ROOT\jsefile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>Windows Script Host Settings File</name>
<location>HKEY_CLASSES_ROOT\wshfile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>Windows Script File</name>
<location>HKEY_CLASSES_ROOT\wsffile\shell\open\command\</location>
<filepath>%systempath%\System32\WScript.exe %1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>Application</name>
<location>HKEY_CLASSES_ROOT\exefile\shell\open\command\</location>
<filepath>%1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>MS-DOS Application</name>
<location>HKEY_CLASSES_ROOT\comfile\shell\open\command\</location>
<filepath>%1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>MS-DOS Batch File</name>
<location>HKEY_CLASSES_ROOT\batfile\shell\open\command\</location>
<filepath>%1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>Screen Saver</name>
<location>HKEY_CLASSES_ROOT\scrfile\shell\open\command\</location>
<filepath>%1 /S</filepath>
</autorun>
<autorun category="tricky">
<name>Shortcut to MS-DOS Program</name>
<location>HKEY_CLASSES_ROOT\piffile\shell\open\command\</location>
<filepath>%1 %*</filepath>
</autorun>
<autorun category="tricky">
<name>SCRNSAVE.EXE</name>
<location>HKEY_CURRENT_USER\Control Panel\Desktop\</location>
<filepath>%systempath%\logon.scr</filepath>
</autorun>
<autorun category="tricky">
<name>BootExecute</name>
<location>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\</location>
<filepath>autocheck autochk *</filepath>
</autorun>
<autorun category="tricky">
<name>PostBootReminder</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\</location>
<filepath>%systempath%\system32\SHELL32.dll</filepath>
</autorun>
<autorun category="tricky">
<name>CDBurn</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\</location>
<filepath>%systempath%\system32\SHELL32.dll</filepath>
</autorun>
<autorun category="tricky">
<name>WebCheck</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</autorun>
<autorun category="tricky">
<name>SysTray</name>
<location>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\</location>
<filepath>%systempath%\stobject.dll</filepath>
</autorun>
</autoruns>
<addons>
<addon category="bho">
<clsid>{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}</clsid>
<name>AcroIEHlprObj Class</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\</location>
<filepath>%programpath%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll</filepath>
</addon>
<addon category="bho">
<clsid>{53707962-6F74-2D53-2644-206D7942484F}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\</location>
<filepath>D:\PROGRA~1\SPYBOT~1\SDHelper.dll</filepath>
</addon>
<addon category="bho">
<clsid>{AE7CD045-E861-484f-8273-0445EE161910}</clsid>
<name>AcroIEToolbarHelper Class</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\</location>
<filepath>%programpath%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll</filepath>
</addon>
<addon category="shellexecutehooks">
<clsid>{AEB6717E-7E19-11d0-97EE-00C04FD91972}</clsid>
<name>URL Exec Hook</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\</location>
<filepath>shell32.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{00022613-0000-0000-C000-000000000046}</clsid>
<name>Multimedia File Property Sheet</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>mmsys.cpl</filepath>
</addon>
<addon category="shellextension">
<clsid>{176d6597-26d3-11d1-b350-080036a75b03}</clsid>
<name>ICM Scanner Management</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>icmui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{1F2E5C40-9550-11CE-99D2-00AA006E086C}</clsid>
<name>Security Shell Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>rshx32.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{3EA48300-8CF6-101B-84FB-666CCB9BCD32}</clsid>
<name>OLE Docfile Property Page</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>docprop.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{40dd6e20-7c17-11ce-a804-00aa003ca9f6}</clsid>
<name>Shell extensions for sharing</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>ntshrui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{41E300E0-78B6-11ce-849B-444553540000}</clsid>
<name>PlusPack CPL Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\themeui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{42071712-76d4-11d1-8b24-00a0c9068ff3}</clsid>
<name>Display Adapter CPL Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>deskadp.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{42071713-76d4-11d1-8b24-00a0c9068ff3}</clsid>
<name>Display Monitor CPL Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>deskmon.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{42071714-76d4-11d1-8b24-00a0c9068ff3}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath></filepath>
</addon>
<addon category="shellextension">
<clsid>{4E40F770-369C-11d0-8922-00A024AB2DBB}</clsid>
<name>Security Shell Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>dssec.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}</clsid>
<name>Compatibility Page</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>SlayerXP.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{56117100-C0CD-101B-81E2-00AA004AE837}</clsid>
<name>Shell Scrap DataHandler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>shscrap.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{59099400-57FF-11CE-BD94-0020AF85B590}</clsid>
<name>Disk Copy Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>diskcopy.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{59be4990-f85c-11ce-aff7-00aa003ca9f6}</clsid>
<name>Shell extensions for Microsoft Windows Network objects</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>ntlanui2.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{5DB2625A-54DF-11D0-B6C4-0800091AA605}</clsid>
<name>ICM Monitor Management</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\icmui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{675F097E-4C4D-11D0-B6C1-0800091AA605}</clsid>
<name>ICM Printer Management</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\icmui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{764BF0E1-F219-11ce-972D-00AA00A14F56}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath></filepath>
</addon>
<addon category="shellextension">
<clsid>{77597368-7b15-11d0-a0c2-080036af3f03}</clsid>
<name>Web Printer Shell Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>printui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7988B573-EC89-11cf-9C00-00AA00A14F56}</clsid>
<name>Microsoft Disk Quota UI</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>dskquoui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath></filepath>
</addon>
<addon category="shellextension">
<clsid>{85BBD920-42A0-1069-A2E4-08002B30309D}</clsid>
<name>Briefcase</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>syncui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{88895560-9AA2-1069-930E-00AA0030EBC8}</clsid>
<name>HyperTerminal Icon Ext</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\hticons.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{BD84B380-8CA2-1069-AB1D-08000948F534}</clsid>
<name>Fonts</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>fontext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{DBCE2480-C732-101B-BE72-BA78E9AD5B27}</clsid>
<name>ICC Profile</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\icmui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>rshx32.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}</clsid>
<name>Shell extensions for sharing</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>ntshrui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{f92e8c40-3d33-11d2-b1aa-080036a75b03}</clsid>
<name>Display TroubleShoot CPL Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>deskperf.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7444C717-39BF-11D1-8CD9-00C04FC29D45}</clsid>
<name>CryptPKO Class</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\cryptext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7444C719-39BF-11D1-8CD9-00C04FC29D45}</clsid>
<name>CryptSig Class</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\cryptext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7007ACC7-3202-11D1-AAD2-00805FC1270E}</clsid>
<name>Network Connections</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\NETSHELL.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{992CFFA0-F557-101A-88EC-00DD010CCC48}</clsid>
<name>Network Connections</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\NETSHELL.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E211B736-43FD-11D1-9EFB-0000F8757FCD}</clsid>
<name>Scanners Cameras</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>wiashext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}</clsid>
<name>Scanners Cameras</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>wiashext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{905667aa-acd6-11d2-8080-00805f6596d2}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>wiashext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{3F953603-1008-4f6e-A73A-04AAC7A992F1}</clsid>
<name>Scanners Cameras</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>wiashext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{83bbcbf3-b28a-4919-a5aa-73027445d672}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>wiashext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{F0152790-D56E-4445-850E-4F3117DB740C}</clsid>
<name>Remote Sessions CPL Extension</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\remotepg.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{60254CA5-953B-11CF-8C96-00AA00B8708C}</clsid>
<name>Shell Extension For Windows Script Host</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\wshext.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2206CDB2-19C1-11D1-89E0-00C04FD7A829}</clsid>
<name>Microsoft OLE DB Service Component Data Links</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%programpath%\Common Files\System\Ole DB\oledb32.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}</clsid>
<name>Scheduling UI icon handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\mstask.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}</clsid>
<name>Scheduling UI property sheet handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\mstask.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{D6277990-4C6A-11CF-8D87-00AA0060F5BF}</clsid>
<name>Scheduled Tasks</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\mstask.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{0DF44EAA-FF21-4412-828E-260A8728E7F1}</clsid>
<name>Taskbar and Start Menu</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath></filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>Search</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>Help and Support</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>Windows Security</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>Run...</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>Internet</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}</clsid>
<name>E-mail</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{D20EA4E1-3957-11d2-A40B-0C5020524152}</clsid>
<name>Fonts</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{D20EA4E1-3957-11d2-A40B-0C5020524153}</clsid>
<name>Administrative Tools</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\system32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}</clsid>
<name>Audio Media Properties Handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}</clsid>
<name>Video Media Properties Handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E4B29F9D-D390-480b-92FD-7DDB47101D71}</clsid>
<name>Wav Properties Handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{87D62D94-71B3-4b9a-9489-5FE6850DC73E}</clsid>
<name>Avi Properties Handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{A6FD9E45-6E44-43f9-8644-08598F5A74D9}</clsid>
<name>Midi Properties Handler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{c5a40261-cd64-4ccf-84cb-c394da41d590}</clsid>
<name>Video Thumbnail Extractor</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shmedia.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{5E6AB780-7743-11CF-A12B-00AA004AE837}</clsid>
<name>Microsoft Internet Toolbar</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{22BF0C20-6DA7-11D0-B373-00A0C9034938}</clsid>
<name>Download Status</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{91EA3F8B-C99B-11d0-9815-00C04FD91972}</clsid>
<name>Augmented Shell Folder</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{6413BA2C-B461-11d1-A18A-080036B11A03}</clsid>
<name>Augmented Shell Folder 2</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{F61FFEC1-754F-11d0-80CA-00AA005B4383}</clsid>
<name>BandProxy</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7BA4C742-9E81-11CF-99D3-00AA004AE837}</clsid>
<name>Microsoft BrowserBand</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{30D02401-6A81-11d0-8274-00C04FD5AE38}</clsid>
<name>Search Band</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{32683183-48a0-441b-a342-7c2a440a9478}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath></filepath>
</addon>
<addon category="shellextension">
<clsid>{169A0691-8DF9-11d1-A1C4-00C04FD75D13}</clsid>
<name>In-pane search</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{07798131-AF23-11d1-9111-00A0C98BA67D}</clsid>
<name>Web Search</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{AF4F6510-F982-11d0-8595-00AA004CD6D8}</clsid>
<name>Registry Tree Options Utility</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{01E04581-4EEE-11d0-BFE9-00AA005B4383}</clsid>
<name>Address</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{A08C11D2-A228-11d0-825B-00AA005B4383}</clsid>
<name>Address EditBox</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{00BB2763-6A77-11D0-A535-00C04FD7D062}</clsid>
<name>Microsoft AutoComplete</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7376D660-C583-11d0-A3A5-00C04FD706EC}</clsid>
<name>TridentImageExtractor</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{6756A641-DE71-11d0-831B-00AA005B4383}</clsid>
<name>MRU AutoComplete List</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}</clsid>
<name>Custom MRU AutoCompleted List</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7e653215-fa25-46bd-a339-34a2790f3cb7}</clsid>
<name>Accessible</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{acf35015-526e-4230-9596-becbe19f0ac9}</clsid>
<name>Track Popup Bar</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E0E11A09-5CB8-4B6C-8332-E00720A168F2}</clsid>
<name>Address Bar Parser</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{00BB2764-6A77-11D0-A535-00C04FD7D062}</clsid>
<name>Microsoft History AutoComplete List</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{03C036F1-A186-11D0-824A-00AA005B4383}</clsid>
<name>Microsoft Shell Folder AutoComplete List</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{00BB2765-6A77-11D0-A535-00C04FD7D062}</clsid>
<name>Microsoft Multiple AutoComplete List Container</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{ECD4FC4E-521C-11D0-B792-00A0C90312E1}</clsid>
<name>Shell Band Site Menu</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}</clsid>
<name>Shell DeskBarApp</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{ECD4FC4C-521C-11D0-B792-00A0C90312E1}</clsid>
<name>Shell DeskBar</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{ECD4FC4D-521C-11D0-B792-00A0C90312E1}</clsid>
<name>Shell Rebar BandSite</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{DD313E04-FEFF-11d1-8ECD-0000F87A470C}</clsid>
<name>User Assist</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}</clsid>
<name>Global Folder Settings</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\browseui.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{EFA24E61-B078-11d0-89E4-00C04FC9E26E}</clsid>
<name>Favorites Band</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{0A89A860-D7B1-11CE-8350-444553540000}</clsid>
<name>Shell Automation Inproc Service</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}</clsid>
<name>Shell DocObject Viewer</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}</clsid>
<name>Microsoft Browser Architecture</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{FBF23B40-E3F0-101B-8488-00AA003E56F8}</clsid>
<name>Internet Shortcut</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{3C374A40-BAE4-11CF-BF7D-00AA006946EE}</clsid>
<name>Microsoft Url History Service</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{FF393560-C2A7-11CF-BFF4-444553540000}</clsid>
<name>History</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7BD29E00-76C1-11CF-9DD0-00A0C9034933}</clsid>
<name>Temporary Internet Files</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7BD29E01-76C1-11CF-9DD0-00A0C9034933}</clsid>
<name>Temporary Internet Files</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{CFBFAE00-17A6-11D0-99CB-00C04FD64497}</clsid>
<name>Microsoft Url Search Hook</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}</clsid>
<name>IE4 Suite Splash Screen</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{67EA19A0-CCEF-11d0-8024-00C04FD75D13}</clsid>
<name>CDF Extension Copy Hook</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{131A6951-7F78-11D0-A979-00C04FD705A2}</clsid>
<name>ISFBand OC</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{9461b922-3c5a-11d2-bf8b-00c04fb93661}</clsid>
<name>Search Assistant OC</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}</clsid>
<name>The Internet</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{871C5380-42A0-1069-A2EA-08002B30309D}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{EFA24E64-B078-11d0-89E4-00C04FC9E26E}</clsid>
<name>Explorer Band</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\shdocvw.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\sendmail.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}</clsid>
<name></name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\sendmail.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{88C6C381-2E85-11D0-94DE-444553540000}</clsid>
<name>ActiveX Cache Folder</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\occache.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E6FB5E20-DE35-11CF-9C87-00AA005127ED}</clsid>
<name>WebCheck</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}</clsid>
<name>Subscription Mgr</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{F5175861-2688-11d0-9C5E-00AA00A45957}</clsid>
<name>Subscription Folder</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{08165EA0-E946-11CF-9C87-00AA005127ED}</clsid>
<name>WebCheckWebCrawler</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}</clsid>
<name>WebCheckChannelAgent</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}</clsid>
<name>TrayAgent</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{7D559C10-9FE9-11d0-93F7-00AA0059CE02}</clsid>
<name>Code Download Agent</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location>
<filepath>%systempath%\System32\webcheck.dll</filepath>
</addon>
<addon category="shellextension">
<clsid>{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}</clsid>
<name>ConnectionAgent</name>
<location>HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\</location
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
Utilisateur anonyme
 
pour hijack this tu t es trompé

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

A+
0
Réponse 6 / 25
ayoub
 
Merci Regis,
voici le resultat du Hijack:

Logfile of HijackThis v1.99.1
Scan saved at 11:25:12 AM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\racchris\Local Settings\Temporary Internet Files\Content.IE5\OD23S5UJ\HijackThis1-99-1[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Icône Symbiose] D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .cdx: D:\Program Files\Internet Explorer\plugins\Npcdp32.dll
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1063_XP.cab
O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1072_ASPIV4_XP.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1072_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
0
Réponse 7 / 25
bernie61
 
bonsoir à tous
relances HT et coche/fix ces lignes
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1063_XP.cab
O16 - DPF: {54579C3D-A58D-4623-B5B5-465552BDA45B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1072_ASPIV4_XP.cab
O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1072_XP.cab

nettoie les temps avec ccleaner
petit logiciel CCLEANER là http://www.ccleaner.com/
Et tutorial là http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
dis nous où tu en es
a+
0
Réponse 8 / 25
ayoub
 
Merci encore bcp d'essayer de m'aider, c vraiemnt cool ! alors j'ai éliminé les items que tu m'a sindiqué, j'ai renettoyé avec cleaner et mru-blaster. resultat: je n'ai plus de trucs X dans les espaces pubs des pages web, mais si je debloque le pop-up stopper le best-promos revient direct. J'ai l'impression que c momentané et que le folder Instant Acces va pas retarder a se repointer. Comment je fais pour me debarsser de ce best promos si je veux pas mettre le pop up stopper) ? (l'inconv du popu stopper c qu'il m'empeche d'ouvrir plus d'une fenetre web, a moins d'appuyer sur CTRL). Je te renvoie le resultat du nveau HT:
Logfile of HijackThis v1.99.1
Scan saved at 4:56:24 PM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\racchris\Local Settings\Temporary Internet Files\Content.IE5\W3YTALEJ\HijackThis1-99-1[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Icône Symbiose] D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .cdx: D:\Program Files\Internet Explorer\plugins\Npcdp32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

Merci encore bcp, a+
0
Réponse 9 / 25
bernie61
 
re
recherche sur ton ordi si ce fichier serait encore là
p2esocks_1047.dll

si oui effaces

si non passes des antispy comme adaware, spybot, spyswepper
http://users.skynet.be/BernieClub/index.html#antispy
a+
0
Réponse 10 / 25
ayoub
 
J'ai cherché le fichier il n'y était pas, j'ai passsé Adaware et effacé ce qu'il trouvait, j'ai passé Spybot Search and Destroy et j'ai toujours le même problème ! J'espère que t'as d'autres conseils et merci encore !
0
Réponse 11 / 25
bernie61
 
bonjour
tu peux vérifier ce fichier
D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe

à vérifier là http://virusscan.jotti.org/ fichier par fichier Parcourir puis SUBMIT lance ce multiple scanneur antivirus
a+
0
Réponse 12 / 25
ayoub
 
Salut,
Symbiose c'est un programme de traduction francais-anglais que j'ai installé, le problème ne vient pas de lui. Je vois toujours ces maudites pubs. Au secours !
0
Réponse 13 / 25
ayoub
 
Regis59, Bernie61, ! Aidez moi, mon cas est vraiment désespéré, j'ai tout passé au crible fin, rien à faire, je sais plus quoi faire !
Merci encore
0
Réponse 14 / 25
bernie61
 
re
passe ce pgm Ewido
celui-là EWIDO http://www.ewido.net/en/?section=features (payant après 30j)
a+
0
Réponse 15 / 25
ayoub
 
j'ai installé le prog ewido mais il n'a rien détecté a part les fichiers du prog Adware. je suis vraiment au bout du rouleau mtn.
A+
0
Réponse 16 / 25
bernie61
 
refais un hijackthis stp
a+
0
Réponse 17 / 25
ayoub
 
Voici mon HT:

Logfile of HijackThis v1.99.1
Scan saved at 5:15:38 PM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
D:\windows\system32\amycnje.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\racchris\Local Settings\Temporary Internet Files\Content.IE5\C9ER4HIJ\HijackThis1-99-1[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Icône Symbiose] D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [amycnje] d:\windows\system32\amycnje.exe amycnje
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .cdx: D:\Program Files\Internet Explorer\plugins\Npcdp32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

Merci
A+
0
Réponse 18 / 25
bernie61
 
re
relances HT et coche/fix ces lignes
O4 - HKLM\..\Run: [amycnje] d:\windows\system32\amycnje.exe amycnje
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

puis effaces ce fichier
d:\windows\system32\amycnje.exe

au fait tu te connecte comment? IP fix car je vois tjs le même 66....

a+
0
Réponse 19 / 25
ayoub
 
Voici mon nveau HT apres avoir supprimé les lignes que tu m'as indiqué. Je suis pas sur d'avoir compris ta question, je tente d'y repondre quand meme: j'ai une connexion avec arobas, un serveur 56K telephone, et j'utilise Internet explorer.
Merci d'essayer de m'aider a resoudre mes problemes. Je suis tres reconnaissant et supris de voir le temsp que vous passer a aider les autres comme ca.:
Logfile of HijackThis v1.99.1
Scan saved at 5:38:10 PM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\racchris\Local Settings\Temporary Internet Files\Content.IE5\C9ER4HIJ\HijackThis1-99-1[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edit.europe.yahoo.com/config/mail?.intl=fr
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] D:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Icône Symbiose] D:\Program Files\Groupe documens\Commun\Icone Symbiose\IconSys.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "D:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe"
O4 - Startup: MRU-Blaster Scheduler.lnk = D:\Program Files\MRU-Blaster\scheduler.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = D:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .cdx: D:\Program Files\Internet Explorer\plugins\Npcdp32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{8B85DFF1-BF32-4B5F-A02A-65E7267BBA92}: NameServer = 66.158.128.11 66.158.128.131
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
0
Réponse 20 / 25
bernie61
 
re
bon IP 66... est ok alors
je vois rien, où en sont tes pbm?

nettoie le registre avec RegSeeker
http://users.skynet.be/BernieClub/index.html#regnet
a+
0

Discussions similaires

Dimensions L x l x H : comment lire ces infos ?
Miss-Curieuse -
valou -

8 réponses
Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse