Probleme win antivirus pro

Résolu/Fermé
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017 - 3 mai 2007 à 02:20
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 - 16 mai 2007 à 07:50
Bonjour, j'ai surement un trojan qui me fait ouvrir une fenetre
sur site win antivirus pro

voici log hi jack this

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:16:30, on 2007-05-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://canoe.com/news/national/b-c-mountie-fired-after-sending-flirty-texts-pics-to-teen-in-sex-assault-case
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {25460568-378B-4C71-AE25-518B7C817EFF} - C:\WINDOWS\system32\awtss.dll
O2 - BHO: (no name) - {4DE762CF-3B33-44B8-A3A5-0C782E110415} - C:\WINDOWS\system32\awtss.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5467614E-11FE-4DFA-ADB3-A8EE423FD63d} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: (no name) - {748A45DC-B425-4DE7-B569-6BDC51D51D2b} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\tuvvuvw.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D44F8DD9-2A9E-4199-9931-F1E31C109531} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\knsglijb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\scipmfbd.dll",realset
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3923991098-3364668374-130356450-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'laurie')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - Winlogon Notify: awtss - C:\WINDOWS\system32\awtss.dll
O20 - Winlogon Notify: tuvvuvw - C:\WINDOWS\SYSTEM32\tuvvuvw.dll
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Nero\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
A voir également:

34 réponses

raleuboleu Messages postés 5022 Date d'inscription mercredi 13 décembre 2006 Statut Membre Dernière intervention 14 mars 2012 79
3 mai 2007 à 21:58
salut

oui pas mal de soucis !! fait 1 scan ici :

http://www.liutilities.com/products/campaigns/plib/rbplib/1/

et post le rapport ainsi qu'un nouveau log hijack stp

biz
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
3 mai 2007 à 23:18
Bonsoir,

stefou, tu ne fais que la partie gratuite de l'outil.

Il y a des outils gratuits pour faire la totalité du travail.

Bonne suite.
0
raleuboleu Messages postés 5022 Date d'inscription mercredi 13 décembre 2006 Statut Membre Dernière intervention 14 mars 2012 79
3 mai 2007 à 23:23
re

merci a toi lyonnais visiblement je n'étais pas sur la bonne piste voir mauvais lien !!

merci a toi

biz
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
4 mai 2007 à 00:50
Comment faire pour envoyer le rapport de uniblue registry booster, j'ai fait le scan mais comment avoir le rapport???

merci!
0
raleuboleu Messages postés 5022 Date d'inscription mercredi 13 décembre 2006 Statut Membre Dernière intervention 14 mars 2012 79
4 mai 2007 à 00:52
t'as t'il troouvé quelque chose?
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
4 mai 2007 à 00:59
voilà je me réveille voici les rapport

Scanning Date 2007-05-03 18:52:48
Entries Found 609
Entries Deleted 15
Entries HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.002
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.021
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.022
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.aom
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.bif
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.BUP
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BWI\OpenWithList
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BWS\OpenWithList
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BWT\OpenWithList
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BWT\OpenWithList
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.ccd
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.crp
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.csl
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.cue
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.hdr
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.ibt
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.idx
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ISO\OpenWithList
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdf\OpenWithList
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mds\OpenWithList
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrg\OpenWithList
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.PlayList
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.r30
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.r36
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.RPT
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.sfv
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.tmp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithList
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithProgids
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithList
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.vc6
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\.vdf
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
HKEY_CURRENT_USER\Software\microsoft\windows\currentVersion\explorer\fileexts\OpenWithList
HKEY_CLASSES_ROOT\.a2s
HKEY_CLASSES_ROOT\.avd
HKEY_CLASSES_ROOT\.avgdi
HKEY_CLASSES_ROOT\.awf
HKEY_CLASSES_ROOT\.b5t
HKEY_CLASSES_ROOT\.b6t
HKEY_CLASSES_ROOT\.mmjb_mime
HKEY_CLASSES_ROOT\.sav
HKEY_CLASSES_ROOT\adcs\CLSID
HKEY_CLASSES_ROOT\adobe.workflow.files\shell\open
HKEY_CLASSES_ROOT\adobe.workflow.files\Version
HKEY_CLASSES_ROOT\asquared.scanner.settings\shell\open
HKEY_CLASSES_ROOT\avgdiagfile\shell\open
HKEY_CLASSES_ROOT\blindwrite toc file\shell\Open
HKEY_CLASSES_ROOT\blindwriteautoplay\shell\BlindWriteAutoplay_741406
HKEY_CLASSES_ROOT\connection manager profile\shell\open
HKEY_CLASSES_ROOT\connection manager profile\shell\Settings...
HKEY_CLASSES_ROOT\convcom.microsoft.3\CLSID
HKEY_CLASSES_ROOT\filetype\{00020821-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\headerfooter.headerfooter.1\CLSID
HKEY_CLASSES_ROOT\htmlfile\BrowseInPlace
HKEY_CLASSES_ROOT\htmlfile_fullwindowembed\BrowseInPlace
HKEY_CLASSES_ROOT\mhtmlfile\BrowseInPlace
HKEY_CLASSES_ROOT\office.binder.9\shell\Open
HKEY_CLASSES_ROOT\office.binder.wizard.9\shell\Open
HKEY_CLASSES_ROOT\oisemffile
HKEY_CLASSES_ROOT\oistiffile
HKEY_CLASSES_ROOT\oiswmffile
HKEY_CLASSES_ROOT\rollercoaster tycoonfile0\shell\open
HKEY_CLASSES_ROOT\rollercoaster tycoonfile1\shell\open
HKEY_CLASSES_ROOT\rollercoaster tycoonfile2\shell\open
HKEY_CLASSES_ROOT\rollercoaster tycoonfile3\shell\open
HKEY_CLASSES_ROOT\scheduleplus.application.7\shell\Open
HKEY_CLASSES_ROOT\software\Apple Computer, Inc.
HKEY_CLASSES_ROOT\spamblockerconfig.application\CLSID
HKEY_CLASSES_ROOT\spamblockerconfig.application.1\CLSID
HKEY_CLASSES_ROOT\system.mxdigitalsignature\CLSID
HKEY_CLASSES_ROOT\xmlfile\BrowseInPlace
HKEY_CLASSES_ROOT\xslfile\BrowseInPlace
HKEY_CLASSES_ROOT\{43191d98-5d34-4103-be42-226a55c2312a}\Programmable
HKEY_CLASSES_ROOT\{7ad7a9d5-5fdc-427b-baff-85b0f81cbd75}\Programmable
HKEY_CLASSES_ROOT\CLSID\{0002CE02-0000-0000-C000-000000000046}\LocalServer32
HKEY_CLASSES_ROOT\CLSID\{00b71cfb-6864-4346-a978-c0a14556272c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{00D05E48-F6FB-458F-9D3C-D6C22765FFCC}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0392234A-1576-463f-B89E-CD34D52B6AD1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0414BC58-2B23-4444-9EF0-8CFFD14A0917}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0428E932-E5A1-436B-9156-2067CBA7B520}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0482E074-C5B7-101A-82E0-08002B36A333}\LocalServer32
HKEY_CLASSES_ROOT\CLSID\{04F75E88-19F2-4687-B62D-756956F918FD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{05BFD481-9274-4E7B-B5A5-F686B339BE77}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{05C3F9E2-1E76-439F-9E37-9020946A191A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{05EA3003-7997-4BB1-8CC2-07B9C4396EA0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{05EB6C68-DBAB-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{085ABA8A-CA46-4BF7-8BB3-A4292980F770}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{090CD9A2-DA1A-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{090CD9AA-DA1A-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{090CD9AE-DA1A-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{090CD9AF-DA1A-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{0A0140D2-AF25-40DB-B2DB-313FDF6ECC48}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0A07AF29-4681-4839-93E4-D2C2A47184F2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0b1511cd-37ee-4f0a-9647-cb2785b68a29}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0B365333-F00A-4598-924E-04C5AD497AD7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0B6DC6EE-C4FD-11d1-819A-00C04FB69B4D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{0DAFC491-C671-4086-A8B7-71487A3A2D01}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0E761A4F-D33C-480E-BF74-B1F23B899123}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{0edcdb7d-cd9e-44e6-9e9a-adbaa85540e8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{11FF998B-8193-4E3B-A9CA-8B30AC920637}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{1204F8E8-C39C-4D61-9406-477DD85370CB}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{125C7450-8FBD-4F92-AF4A-D2F2DDB592B5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{13DE4A42-8D21-4C8E-BF9C-8F69CB068FCA}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{1557B435-8242-4686-9AA3-9265BF7525A4}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{16E527BD-34D7-5ECA-2DEF-5973AF941512}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{1B224B56-AF76-4A73-A742-05B08CF9254C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{1B753011-98FE-4828-AE65-92DC2E061BC7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{1c613f47-70c5-4551-a264-f7254139854c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{1F432874-5865-47DC-9AF6-9BDB29CC4938}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{203b1eed-db9f-40fb-87bd-1990982017d2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{21631A1F-8A41-4F97-8EBD-23474878579A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{22D6F312-B0F6-11D0-94AB-0080C74C7E95}\LocalServer32
HKEY_CLASSES_ROOT\CLSID\{24800CD0-0F4E-4df7-9F69-3C6903C89224}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{24cdf6ea-0b88-4d7a-aaf0-2048f90c2e1c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{25542F82-E526-44A4-B438-0985B7A6D6BD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{261F6572-578B-40A7-B72E-61B7261D9F0C}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{2828F628-D906-42DD-9943-B8AFFECC551E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2871FC9B-5E34-4AAE-9E9C-EBD1652D5C92}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{28938272-B0CC-4F7A-93DE-88DEAD28BB38}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{29582CF9-99B3-41AC-A2D5-865805EF7C5F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{29AE739D-6564-47A5-A179-D6BED7AD6CF2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2B992972-69FB-470B-B823-3AA54ADB0D5E}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{2c079982-25c8-4edf-9840-21d863a4716c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2D75DDED-5AF7-413F-BAB4-7C5E4B5B81A5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2DA9BB3D-970B-48AD-B2EF-A7F5DA34C029}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2DD6613D-F38D-4068-B8AD-0165E69D0E8E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{2F26B9C0-DB31-11CD-B3CA-00AA0047BA4F}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{30A7EC74-C70C-42ff-8364-9DDFABB88A5A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3134A25B-8C00-4685-8F93-55173F5140E6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{31DCBC0C-20D8-40b0-A409-F4474A942358}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3246A6CF-2898-4541-AA7E-3F847903D29B}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{330F9D46-A8D6-4902-BA81-E3975340DA3E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{331C43BD-0723-45AA-A62E-9357CD310406}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3336B8BF-45AF-429F-85CB-8C435FBF21E4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{33952FBF-60B0-48AA-98BE-5A6236D75BF9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{33FE69C0-E650-4E51-8AED-20D77E878ABB}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{35122E86-6A03-4FD0-A260-56487EB1ED70}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{35AAEA84-40DC-4397-9A80-613FD196FBAD}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{365ADAF1-82C3-4DEB-A4DC-1D4C5EBE224C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3753737C-DD75-11D2-966A-00C04F79487A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{386394FB-53C2-442A-B4B0-AA0E0493C4F7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3918D75F-0ACB-41F2-B733-92AA15BCECF6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{395D6DF5-B3CD-40BE-ABF9-99CFA64BF41B}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{39A2C2A6-4778-11D2-9BDB-204C4F4F5020}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{39A2C2A9-4778-11D2-9BDB-204C4F4F5020}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{39C6D76A-684E-4FF9-B9E9-E6E967276BF4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3A49495B-9FF5-460C-811C-03E6DC1E5CE2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3B158650-D9FD-4ABF-9B87-0D762113274F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer
HKEY_CLASSES_ROOT\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer
HKEY_CLASSES_ROOT\CLSID\{408D8603-3F5D-44D2-9D0D-6E9F52E001F6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{415853A9-74E1-4BB7-AA68-990B0858BA2D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4201EA99-BBA5-4741-967E-11DC189CA4D5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4315938A-643E-495C-8675-30A3D54AF90D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{44AA7970-BBD9-4369-ADAE-D58C81BA2DCF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{457A23DF-6F2A-4684-91D0-317FB768D87C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{466D66FA-9616-11D2-9342-0000F875AE17}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{479DB8BD-6716-4C5B-B2E3-DE0395B88CD1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4937851F-DDA1-4FA1-A52F-36CDA7AB99FE}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{49601784-B369-4FBD-B575-235B1B524E73}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{49F38A32-84D7-413E-99E9-AE6A3D54E5E7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4C7A1FE9-5047-4E61-90A0-872436277809}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{4CFB5280-800B-4367-848F-5A13EBF27F1D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{4E0C05AC-175E-4D84-B7FB-B63F8CA50718}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4EB769D9-6A0B-4A99-92EC-0BD033B6E58E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4ECB650F-4630-41D3-AC9A-C8F926FC5907}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4F9B9553-DCE9-4899-BB45-4D62B0CDF2E3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{4FB4D512-655E-4CC8-AEBA-7F61AF7457A9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{52A86041-4D4F-493B-ACDC-5EB5D79B4504}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5440837F-4BFF-4AE5-A1B1-7722ECC6332A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5487C2E7-3897-4FF7-9F18-BBA544EC0FCF}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{54AB8CD6-1E2D-48D3-8DD8-FA8669055DC7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{566A2EFF-5651-4020-AC1A-EB48E4571EA3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{56939612-C6A6-4B0A-9D12-2F6E5A0E9000}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{57D7EF0A-65F5-4228-B7E1-6E37D28303E2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{58090452-1482-4201-83E8-6FE433F6C915}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5899A9C7-2B93-4C40-89C1-6F065EDCBDCD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{58AB70D7-458C-4D97-BFA8-7CB4E88C4977}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{59D2D5CB-63F2-4948-B45D-A87CC4C18D12}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5bdb98cc-b3f5-4d33-9a91-cbc986bea087}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5C05BE20-6358-4C26-9C49-F4D404105A45}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5C096A69-C5BE-4F02-AA8E-E0FE7B83E676}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5C53A11C-E070-4D50-B6FB-DDDA78FE936C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5CBAD860-46EE-4193-8FDF-5EF8625E0CA1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5CF59E0D-7364-4E0F-8539-062D90FD6B2E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5E732966-974D-48AB-A149-6C41E048B20F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5F50C571-B3FC-4B91-BA21-99D025F6ECC4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{5F9F8BEA-39A4-4EB7-85E4-8B5733FD3034}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6089A37E-EB8A-482D-BD6F-F9F46904D16D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{612fbd09-aad2-4f1c-ba97-f56658b1161b}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{632A2D3D-86AF-411A-8654-7511B51B3D5F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{63338267-37c4-44cf-8e46-756fbe9c8fdc}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{638E5FD6-CD56-4209-AD98-75C3CD356EC6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6399CB9B-E126-4BF3-A9C9-B34EFD036AFD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{63FF8EFA-61AB-2B67-AA5E-8BDBE3F7D4EC}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{64577982-86D7-11d1-BDFC-00C04FA31009}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{649EEC1E-B579-4E8C-BB3B-4997F8426536}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{64CFBE02-3BA1-42E1-AE08-808D1AF4AF28}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6572EE16-5FE5-4331-BB6D-76A49C56E423}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6734F80F-B893-4DD9-B643-B1A972164CA2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{68733359-7539-49F6-AE55-4F6020BFB0CF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6929678F-1631-4749-A76F-7626710EBA7D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{697F5202-0494-11D6-A2B0-0060B0FBD872}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6991D90E-D8CB-4BC4-B01E-185699B0F144}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{69C1DD9E-87E7-40F3-877E-DA23063E8EB8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6A006473-447A-4426-9B02-03A4619B732F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6BEF5B00-D46E-49B0-BFD2-49847061ED73}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{6C25DFE6-07CB-4394-A330-CE22B42425DC}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6CFEF5A7-69DC-4B5C-819E-E3D0510E4C47}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{6E44394B-C5E5-4341-91B4-88908F02E2C9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{712a2867-02b2-402b-8f8d-74437494dcfb}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7173F6A6-ABD3-489F-8A1C-0F0FA8E61C9B}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{72CCEDBA-2B38-465C-A18C-F093D2286DD3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{72D12FA1-29F9-4B9A-9604-4A4EAF2F1808}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7312c0a0-a397-4a19-b432-9ac90c4466af}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{73CA2532-42DE-449F-8C8A-229B8AAF3B68}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC9}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer
HKEY_CLASSES_ROOT\CLSID\{77FBF4E9-5EB2-4817-8705-A04537932CBF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{786CDB70-1628-44A0-853C-5D340A499137}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{79678AC0-AC58-4695-9E7D-2B38AA6E8760}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7AD6875D-6918-494C-A1D7-DF5BCE923988}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7B4558F0-EFA4-dc1a-A485-F6E59E539360}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7B5C20CA-A75F-4335-A966-66E9F7D561FD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7b9717b1-2d9b-4d14-b2da-d4bf5a28c6af}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7D4734E6-047E-41e2-AEAA-E763B4739DC4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7D7D642B-6DCE-4C31-A932-B37A09680434}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7E0BB26B-DD31-4FA7-B501-8F43CAD28CB2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{7FE9E0AD-FE05-4E53-B346-541310BFDD56}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{800DD100-DB43-11CE-914E-00A004000162}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{80EE9910-D470-4AED-AC5D-987046FDB574}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8119C7CE-1CC2-4C9A-A5F5-5F07C40B3001}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{81397204-F51A-4571-8D7B-DC030521AABD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{829AAB88-DBFE-4F19-A405-B511A9E9A322}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{836FA1B6-1190-4005-B434-7ED921BE2026}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{847B4DF5-4B61-11D2-9BDB-204C4F4F5020}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8619FFAE-8AE1-481F-84B2-41A3C9669C0A}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{863BB89C-CC97-4DDE-8ECA-63B37FB30BD5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8730E151-B169-4AD9-9BB4-499454CA8BB5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{87A1500B-E3FD-40EE-B904-283D2B36C80F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8869C7FC-908F-484F-912D-B2FFB4876A03}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{888D5481-CABB-11D1-8505-00A0C91F9CA0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{88FD09AC-83F2-47B2-B1FB-0906DE5714C6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8A03567A-63CB-4BA8-BAF6-52119816D1EF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8A17CA50-7EDE-46DA-BBC7-87408B393CFB}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{8bb882d5-de37-4630-84e9-cc4bd7c44cb1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8BF5AAAB-B027-4550-8CA3-5B99292AF8E7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8CB246E7-721A-46E1-8B1C-C8CDD4F8C4C8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8CE04236-95B9-414E-9F05-26CCE5111DF0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8DD448E6-C188-4aed-AF92-44956194EB1F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8DE9B44D-4FBB-456B-8AC9-14927DE552D6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8e0d4de5-3180-4024-a327-4dfad1796a8d}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8EC31897-D1E6-4758-80BE-31E873AC2903}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{8EC31898-D1E6-4758-80BE-31E873AC2903}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{8EE4C235-F2CE-4C3B-9ADE-DD68718AE32A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8EF6758B-DB26-4800-B916-611D4AE85A73}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{8FE57A36-62A0-452C-8DB6-6F6A1E4A1FB2}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{927907A6-7387-48AC-B718-82A0407C38D9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{929FCAAA-D665-43FA-90E2-CCDEA01DB4FD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{93C20E78-573D-C147-A049-0A4647AB608E}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{93C20E78-573D-C147-A049-0A4647AB608E}\ProgID
HKEY_CLASSES_ROOT\CLSID\{93E466F0-FC71-409F-8B37-20DD0798BE24}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{940f79d9-2062-41b7-a22f-9e99ffdd1b85}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{949DB7D2-36F2-4CCA-8CA8-A3A6D4E5911C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{94A7BA64-092F-475C-B6D6-AA81DF210B96}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9580490D-C16D-40b2-A42D-5E7D3EB8504B}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9759CE7F-F7F3-4AAE-BA33-F93AA19C6D4C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{98462E8B-36B7-46A7-9CC9-B49E43C2F9D5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9871f8af-152a-4651-834c-cdc5fe61c14c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{98E6F5A2-9190-44CB-8B69-37DCEC63358F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{99AEE710-6559-432D-BF79-E2E6A2921992}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9B2F7308-3420-4CEF-B7C6-253CBA9085AC}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9BBC9DD2-9FAB-4D87-BE0D-18AB2D640D6C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9CA04A04-14F7-4B2F-BCF4-CD2CD63DF785}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9D13E607-106F-4892-8A83-FF9827C0A3D5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9D75E16A-8F19-47E7-8DD0-F35DE33D3EE5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9e42f1b8-de23-4af5-a79a-0976e9ec5781}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{9E99A754-C8C3-4C5C-912F-41BD393FAE2D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A04716D3-DFBD-4323-BEFA-E4FA6354DCE0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A0F93E27-F05D-4153-A151-F3720369A4C7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A138CF39-2CAE-42c2-ADB3-022658D79F2F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A1E75357-881A-419E-83E2-BB16DB197C68}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A1F4519C-A8C9-450A-8FEF-83B5C69AD697}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A1F4E726-8CF1-11D1-BF92-0060081ED811}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A1F925B8-279B-4B43-83E2-E65B0B162B45}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A2742123-4139-4E7C-94EF-320AA91CDE2F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A3111133-2FCF-4B6C-988C-A9DBA32F4E02}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A4A476B1-6960-4609-8E27-BFE2655DD8AD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A4F0AA70-4C43-4D33-A3DA-7F0F7A35BB74}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A5B020FD-E04B-4E67-B65A-E7DEED25B2CF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A66B44F4-23C1-44EC-83D4-97265F249C26}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A6B08A68-8B12-4D54-94CB-91B6B633A2D0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A6FC7F7B-28A9-4776-A07D-57AFAC2140F0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7215BC3-0BEF-454A-9CC9-5896AD7AD682}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A78766F6-7B02-488E-99C1-A44DB69C173F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7B9ECA1-BB45-45E3-B0BC-0512487082B7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7C1338F-F457-4B06-8825-3865FFC95940}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7E3622C-FFAA-40C2-A09F-5CC60AE51DA3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7E5BC03-7521-40D1-AEAE-AB26BE03A696}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A7EE7F34-3BD1-427f-9231-F941E9B7E1FE}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{a861a366-0c7a-484b-9116-f366bf0fa23f}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A8F76733-11DE-42F2-9081-1F2E79D42FF4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A90353F2-421E-4D4E-863E-7957FB512DD1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A90C92D2-86D7-4EB8-BC25-88DB5A52BCC6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{A91338AD-E292-419A-B62E-9B110EC2B82B}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{aa9c1a1e-b91a-424e-9e27-3f1967b707f1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AB128D4F-2D4A-4ABD-9640-8F6FFE95C31E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AB77609F-2178-4E6F-9C4B-44AC179D937A}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{AD207CB1-CA58-4F40-8A51-4BB1CC59CC3F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{ad763fa6-3b90-41ab-bd44-4f832beee55f}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AD9F90A6-EF57-4349-B00A-C6EBCC987CA1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AE86EC85-634D-4942-8866-AE75E7AA7184}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AE9B7800-EAE9-47AE-84EC-B1A0FE35C135}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AE9C47F8-B41B-48FA-964E-528EB2B4ACE9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{aef7e664-dc9b-48b2-8b35-5422d3f08c77}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AF341FAA-6CC7-4C1A-8A5E-8FA804BAEBB7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AFC9A67C-D3E2-4013-8614-73285A5F303D}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{AFEAEEE6-4ABD-4177-BC96-FF00F611DE1A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B0F749A2-9890-4745-B79A-5AC191EAD5CB}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B1E29D59-A675-11D2-8302-00C04F8EE6C0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B2076241-7598-4B88-AA6B-A6517A75D8AF}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B2106E35-40CC-4B25-9535-D46E428E8C64}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B2A7FD52-301F-4348-B93A-638C6DE49229}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B3E0E785-BD78-4366-9560-B7DABE2723BE}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{B43896D9-D6B8-4A29-B035-A04A1372046F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{b4774192-c038-4350-986d-1bd91c20379a}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B5E5DA7B-82CF-42AA-A5D8-ECE3B26A7630}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B635E8E2-6408-411F-A655-67875FF0325E}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B64D4B36-9269-4DA6-B895-B912126D84CA}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B84BDEBE-D276-4E19-B6A2-90D003DAAB19}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B86C6BD0-60B4-438C-8B6F-6AD6779E6DF9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B8E622FC-D912-4C4D-B0F9-616AA3B44EED}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B8E73C1F-7B6C-42E8-926B-4E3C2C72BB3A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{B96E535C-CE87-45C0-8611-1B6CE34F03A8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{BBAA51A9-D87F-40E5-A74E-CB0F763B1EA6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{BC226061-0380-4880-B2B3-57D425071B2F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{bc91ed21-e702-44e5-aa88-9f2f70e986c6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{BD8F3B29-8DF9-428E-8A42-5FEFCA202F94}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{BE3A9727-9379-4B83-BFC6-ED6FFE1BD309}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{BF426F7E-7A5E-44D6-830C-A390EA9462A3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C05C2220-3B6B-4B16-8885-345C3A7A3BB8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C1B65E05-740F-4479-B278-C7D673E863A8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C399A2B6-7010-448A-A6B6-5D59348FFEC5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C399C61B-8B8A-445A-B952-A2F6A1D3BDD7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C50DDF4D-15FE-43C5-95F5-422E6ED43BF3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C52FF1FD-EB6C-42CF-9140-83DEFECA7E29}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C63C29DE-2339-449B-A781-EDF5A503512A}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{C671F780-ADB4-4d15-A97C-F0F5596DB6C9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{C78A19A3-0A67-F91B-1D64-9652D116DB79}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{C79C43B0-39E2-4B5E-B99F-79CCCAF66475}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CAA9BB3D-B885-4a82-8393-E2D765EC52C7}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CAF933C7-C65A-46D2-AA63-1FC84EB43954}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CB23CD64-FDE3-4AC8-BA08-3E4457AAF50A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CBA8E474-EF73-43AD-849C-F8EAC3CD107E}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{CD89D352-5A13-49F8-9EB5-7E6D1FB0CD57}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CE98CB75-6D7A-46C6-BFA3-C39B767C1068}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CED7A51B-F21B-4F62-888E-1C50C5E16BA1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CEE3268C-6DEF-4F91-9BB8-1AD11E5DDD70}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{CF3189CE-E33C-4D8F-BB31-BA57F2DD06CA}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D025B009-F49E-4029-B5DA-DFF66213CFD9}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D091CEF9-B225-466D-A68B-5D3CA685F278}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D285F465-CF7C-46E2-94FD-343F321FDF91}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{d4704c9e-adbf-411a-9ef2-87feb99ccf69}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D47A2935-2558-4E00-B219-D609CF9F3952}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D4DF7678-2911-4FB0-8FAD-8AF5BCA661DD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D57E26B6-C9E4-4F2D-8413-7CCC5F5C5BB0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D6EAFF5D-25CA-4CCC-8A07-CE296F7F1F0B}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D7176929-FD53-466E-B584-65B0432688D0}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D887F25F-02A3-44D7-841F-583DD5231B5F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{D9C027CF-DF75-4D2C-B763-AC1CA31C4AF8}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{D9F6EE60-58C9-458B-88E1-2F908FD7F87C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{DA93E903-C843-11D2-A084-00C04F8EF9B5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{DBC984C1-6AB3-4290-A925-38B80FAB9819}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{DCF6C8B2-F6C0-461b-82DA-35945EADF54A}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{DE815B00-9460-4F6E-9471-892ED2275EA5}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{DEFA1B68-AAC8-472B-87BC-163A97DA55D6}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E1E50A82-ADC9-4263-A175-9454A6A4D7AA}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E242B0B6-5291-4CDA-9B27-4EAC8AC0BD1F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E56CCB42-598C-462D-9AD8-4FD5B4498C5D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{e5b2709a-0e6b-45d3-83c8-ef90c2ed5340}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E5CC3639-8A3A-46C5-8BE2-2A475B75DAFE}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{e6028af3-ee0a-4e49-a043-c44437680ad8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{e73e119c-be36-4693-8a47-88c16829008c}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E8EFAA5A-D95F-4C16-BDBD-4087354D025D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{E8EFAA5B-D95F-4C16-BDBD-4087354D025D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{E8EFAA5C-D95F-4C16-BDBD-4087354D025D}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{E98BB2AB-D061-10fa-DC10-237B6D762715}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{E9A6AB1B-0C9C-44AC-966E-560C2771D1E8}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{EABCE037-690C-47C6-90A2-52484B349F9F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{EAEE3656-6576-462E-A0C1-3241242E40A3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{ec39bf14-ca12-46cd-8ea2-b48d5a44350a}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{EEFFD4A6-FC5D-4427-920D-E4917AAD09DD}\InprocServer32
HKEY_CLASSES_ROOT\CLSID\{EFB4A0CB-A01F-451C-B6B7-56F02F77D76F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F0291081-E87C-4E07-97DA-A0A03761E586}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{f1f2ece6-0289-4992-a536-f82dfc6f6d6e}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F22F0013-8CD2-4BD2-ADE7-825AB6E5009C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F271A1C1-C57E-44E2-A8B1-E0E5A0348D9C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F321D5CF-D366-401B-B48A-EFD26CE80525}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F3DB80BA-A80D-4C8D-B976-7BF2EFE5BD03}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F43DE3E1-E995-43A6-8DD7-E30AC2D27BE3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{f495ebbe-a068-41fb-89b6-c605d20a2df3}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F4BB8064-5B53-46C0-83CE-8D545009E284}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F4D17614-D60A-454B-9305-E495ED74C822}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F4DADE71-C483-4F81-8D84-F5D64907A079}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F55C10A6-A9B2-4AC3-AFE1-142FA2CD8962}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F5767D1D-D882-4165-B0D4-6151EB9BB244}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F5FBAF04-FD33-4492-A889-6734076B2339}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{F9C59115-8651-42C3-B913-E859B51C209C}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FB74F625-7D25-4455-B840-7B870B5B9322}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FC48CC30-4F3E-4fa1-803B-AD0E196A83B1}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FC71E6A2-8B0A-47BD-A86F-0AB8767AEC9F}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CD9-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CDB-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CDC-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CDD-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CDE-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CDF-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CE0-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CE1-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CE2-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CE3-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD853CED-7F86-11d0-8252-00C04FD85AB4}\TypeLib
HKEY_CLASSES_ROOT\CLSID\{FD86956C-91CA-4b4b-BCC7-DEEEBD140E23}\TypeLib
HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{06DD38D0-D187-11CF-A80D-00C04FD74AD8}\1.0\0\win32
HKEY_CLASSES_ROOT\TypeLib\{2F93D606-28F9-4B2D-A024-2DDEE124B542}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{3732EC5C-C584-44B8-B4DA-04E0054414C0}\1.0\0\win32
HKEY_CLASSES_ROOT\TypeLib\{3732EC5C-C584-44B8-B4DA-04E0054414C0}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{43136EB0-D36C-11CF-ADBC-00AA00A80033}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{4B0AB3E1-80F1-11CF-86B4-444553540000}\8.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{4B0AB3E1-80F1-11CF-86B4-444553540000}\CS\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{8AE029D0-08E3-11D1-BAA2-444553540000}\3.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{9E93C96F-CF0D-43F6-8BA8-B807A3370712}\1.9\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{A26D7621-6FA0-11ce-A166-00AA004CD65C}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{AEB84C80-95DC-11D0-B7FC-B61140119C4A}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{C1D8C091-AC66-4159-B738-E70A12B983A4}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{E503D000-5C7F-11D2-8B74-00104B2AFB41}\1.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{EE008642-64A8-11CE-920F-08002B369A33}\2.0\HELPDIR
HKEY_CLASSES_ROOT\TypeLib\{FF2C7A51-78F9-11ce-B762-00AA004CD65C}\1.0\HELPDIR
HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\TypeLib
HKEY_CLASSES_ROOT\Interface\{CA8A9781-280D-11CF-A24D-444553540000}\TypeLib
HKEY_CLASSES_ROOT\Interface\{CA8A9782-280D-11CF-A24D-444553540000}\TypeLib
HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BackWeb-8876480 Uninstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BlindWrite 6_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BlindWrite 6_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB893803v2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\gothic.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\nfsc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Sims2EP1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Sims2EP2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Sims2SP1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\table30.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\yourapp.Exe
HKEY_CURRENT_USER\Control Panel\Desktop
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Database
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Database
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\General
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\General
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\General
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\General
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\General
HKEY_CURRENT_USER\Software\Ahead\Nero BackItUp\Options\LogFileOPtions
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\ABE1051053CEF9F48898B33E645EAD31\SourceList\Net
HKEY_LOCAL_MACHINE\Software\Aardwork\GameShadow
HKEY_LOCAL_MACHINE\Software\Adobe\Color\Monitor\Monitor1
HKEY_LOCAL_MACHINE\Software\Ahead\Shared
HKEY_LOCAL_MACHINE\Software\Electronic Arts\EA Core\Installed Games\eagames\NFS-2007\online_content\NFS_carbon_na
HKEY_LOCAL_MACHINE\Software\Electronic Arts\Need for Speed Carbon
HKEY_LOCAL_MACHINE\Software\Logitech\ImageStudio\Rubicon
HKEY_LOCAL_MACHINE\Software\Macrovision\Safecast\ShellWizards\0xb338a000\Info\InstallPath
HKEY_LOCAL_MACHINE\Software\Macrovision\Safecast\ShellWizards\0xb338a000\Info\ProtectedProductPath
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup
HKEY_LOCAL_MACHINE\Software\Microsoft\Intelligent Search\RNL\1.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\DeluxeCD\Providers\Provider0000
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\DeluxeCD\Providers\Provider0001
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\BlindWriteAutoplay_741406
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\GamesToFindOnWindowsUpgrade\{9237007A-D09E-425B-89C7-252792A7646E}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\GameUX\GamesToFindOnWindowsUpgrade\{9237007A-D09E-425B-89C7-252792A7646E}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Url History
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\MS-DOSOptions\Mouse
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Asr\Commands
HKEY_LOCAL_MACHINE\Software\Sony Corporation\SonicStage\Tools\Backup
HKEY_LOCAL_MACHINE\Software\Trymedia Systems\ActiveMARK Software\662B5A02F3A30C0F80FDB0DE2EA0821E
HKEY_LOCAL_MACHINE\Software\VSO
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4Config.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4CustomAssets.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4CustomMaps.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4CustomMods.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4Logs.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4Patch.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4Replays.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4Saves.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4ScreenShots.lnk
C:\Documents and Settings\Propriétaire\Application Data\Firaxis Games\Sid Meier's Civilization 4\Warlords\_Civ4TransferredMaps.lnk
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Sites Internet\www.cdv-online.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Sites Internet\www.cossacks2.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Sites Internet\www.gsc-game.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Websites\www.cdv-online.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Websites\www.cossacks2.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Cossacks 2 - Battle for Europe\Websites\www.gsc-game.com.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\JoWooD\Gothic II\Gothic II Forum.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\JoWooD\Gothic II\JoWooD Homepage.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\JoWooD\Gothic II\ReadMe.lnk
C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\JoWooD\Gothic II\Register the game online.lnk
C:\Documents and Settings\Propriétaire\Voisinage réseau\document on www.amanseau.qc.ca\target.lnk
C:\Documents and Settings\Propriétaire\Voisinage réseau\My Web Sites on MSN\target.lnk

hi jack rapport


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:57:55, on 2007-05-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://canoe.com/news/national/b-c-mountie-fired-after-sending-flirty-texts-pics-to-teen-in-sex-assault-case
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {34EAC442-80B9-46C0-9992-BE2342577ED2} - C:\WINDOWS\system32\awtss.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5467614E-11FE-4DFA-ADB3-A8EE423FD63d} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: (no name) - {748A45DC-B425-4DE7-B569-6BDC51D51D2b} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {970D022E-A884-4D2A-BB4A-EBC22D2FEBD2} - C:\WINDOWS\system32\tuvvuvw.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D44F8DD9-2A9E-4199-9931-F1E31C109531} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\knsglijb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\vvebyeqv.dll",realset
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - Winlogon Notify: awtss - C:\WINDOWS\system32\awtss.dll
O20 - Winlogon Notify: tuvvuvw - C:\WINDOWS\SYSTEM32\tuvvuvw.dll
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Nero\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
0
raleuboleu Messages postés 5022 Date d'inscription mercredi 13 décembre 2006 Statut Membre Dernière intervention 14 mars 2012 79
4 mai 2007 à 01:33
re

des que tu peux fais 1 scan en ligne par panda , ici :
http://pandasoftware.fr

marche uniquement sur internet explorer pas sur firefox , ca prendra du temps je te previens d'avance lol

bizz
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
4 mai 2007 à 03:23
le voila


Incident Statut Analyse

Adware:Adware/Henbang No Désinfecté C:\WINDOWS\system32\owoeoakw.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\scipmfbd.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\tuvvuvw.dll
Dialer:dialer.asl No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1426AC5-8CE5-4A00-B71E-011D35709AC6}
Outil indésirable:application/mywebsearch No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[BaaaaBaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[VaaaaaaaBaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[Dvnny.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[Baaaaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[Dex.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[Dix.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-460d36d0.zip[Dux.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[BaaaaBaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[VaaaaaaaBaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[Dvnny.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[Baaaaa.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[Dex.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[Dix.class]
Virus:JS/Downloader.NOE Désinfecté C:\Documents and Settings\Invité\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4c22d8b9-7081b36a.zip[Dux.class]
Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@ad.yieldmanager[1].txt
Spyware:Cookie/AdDynamix No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@ads.addynamix[1].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@advertising[1].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@atdmt[2].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@bluestreak[1].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@c5.zedo[2].txt
Spyware:Cookie/Sextracker No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@counter8.sextracker[1].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@fastclick[2].txt
Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@hitbox[2].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@media.fastclick[1].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@mediaplex[1].txt
Spyware:Cookie/Sextracker No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@sextracker[1].txt
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@statcounter[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@tradedoubler[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@weborama[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@xiti[1].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Invité\Cookies\invité@zedo[2].txt
Spyware:Spyware/Virtumonde No Désinfecté C:\Documents and Settings\Invité\Local Settings\Temp\ddrghbqb.dll
Adware:Adware/Henbang No Désinfecté C:\Documents and Settings\Invité\Local Settings\Temp\wiqivsrv.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\Documents and Settings\Invité\Local Settings\Temp\xfbncbuj.dll
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\laurie\Cookies\laurie@bluestreak[1].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\laurie\Cookies\laurie@doubleclick[1].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\laurie\Cookies\laurie@weborama[2].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\laurie\Cookies\laurie@xiti[1].txt
Adware:Adware/888Bar No Désinfecté C:\Documents and Settings\laurie\net.exe
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@247realmedia[1].txt
Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@247realmedia[2].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@2o7[1].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@2o7[2].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@doubleclick[1].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@drivecleaner[2].txt
Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@hitbox[2].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@mediaplex[1].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@mediaplex[2].txt
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@statcounter[2].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats.drivecleaner[2].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats.drivecleaner[3].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[1].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[3].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[2].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@winantispyware[1].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@winantispyware[2].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@winantivirus[2].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@winantivirus[3].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.winantiviruspro[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@xiti[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@xiti[2].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Propriétaire\Cookies\propriétaire@zedo[1].txt
Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@2o7[1].txt
Spyware:Cookie/Adrevolver No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@adrevolver[1].txt
Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@adtech[2].txt
Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@advertising[1].txt
Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@apmebf[2].txt
Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@atdmt[2].txt
Spyware:Cookie/Bfast No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@bfast[2].txt
Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@bluestreak[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@bs.serving-sys[2].txt
Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@doubleclick[2].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@drivecleaner[1].txt
Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@fastclick[1].txt
Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@fe.lea.lycos[1].txt
Spyware:Cookie/Findwhat No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@findwhat[1].txt
Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@fl01.ct2.comclick[2].txt
Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@hitbox[2].txt
Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@mediaplex[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@overture[1].txt
Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@perf.overture[1].txt
Spyware:Cookie/QkSrv No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@qksrv[2].txt
Spyware:Cookie/Server.iad.Liveperson No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@serving-sys[2].txt
Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@statcounter[1].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@stats.drivecleaner[2].txt
Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@stats1.reliablestats[2].txt
Spyware:Cookie/WebtrendsLive No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@statse.webtrendslive[1].txt
Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@tradedoubler[2].txt
Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@weborama[1].txt
Spyware:Cookie/Winantivirus No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@winantivirus[1].txt
Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@www.drivecleaner[1].txt
Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@xiti[1].txt
Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@zedo[1].txt
Adware:Adware/WinAntivirus2006 No Désinfecté C:\Documents and Settings\Virginie\Local Settings\Temp\lhvaeexx.dll
Adware:Adware/WinAntivirus2006 No Désinfecté C:\Documents and Settings\Virginie\Local Settings\Temp\ugelpoog.dll
Virus:Trj/Shutdown.Z Désinfecté C:\Drive\SmitfraudFix\SmitfraudFix\restart.exe
Virus:Trj/Agent.EYO Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc141.exe
Adware:Adware/888Bar No Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc142.exe
Virus:Trj/Agent.EYO Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc147.exe
Adware:Adware/888Bar No Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc148.exe
Virus:Trj/Agent.EYO Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc149.exe
Adware:Adware/888Bar No Désinfecté C:\RECYCLER\S-1-5-21-3923991098-3364668374-130356450-1005\Dc150.exe
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\aiypywcg.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\aprvfmpx.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\awtqnkh.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\awtstrr.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\bliulqkt.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\bqepggnl.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\byxyvut.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\ddccdde.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\dxduejkw.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\egrruvgo.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\evfvapbq.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\ftssjrtv.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\gebxyax.dll
Adware:Adware/Henbang No Désinfecté C:\WINDOWS\system32\hgjpiqap.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\iiffgfd.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\iifggec.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\iynvugdp.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\khffcba.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\kosoebdg.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\ldwtusbl.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\ljjijih.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\lwhiledh.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\mljhffg.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\mljihee.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\ngfxgfru.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\nnnnljk.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\nokdixio.dll
Virus:Trj/Agent.EYO Désinfecté C:\WINDOWS\system32\oo.exe
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\opnmljk.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\pmnlmki.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\qomklii.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\tucuiges.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\tuvtqro.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\urqqopn.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\vlcdbeqt.dll
Adware:Adware/Henbang No Désinfecté C:\WINDOWS\system32\whbgtgkn.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\wvuvuvw.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\xfwoplxq.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\xgkoefnb.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\xtmdtfew.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\yayayya.dll
Spyware:Spyware/Virtumonde No Désinfecté C:\WINDOWS\system32\yflwoeur.dll
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
4 mai 2007 à 07:48
Bonjour,

1) Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer.

Clique sur le bouton Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
Démarre ton PC à nouveau.

Virtumonde devrait partir.

2) Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge Toolbar.bfu (de Chercheur) :
Fais un clik droit ici : : http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger Toolbar.bfu (de Chercheur).
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".

Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Tu as une démo animée ici (merci balltrap34):
http://perso.orange.fr/rginformatique/section%20virus/bfu%20demo.htm
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Toolbar.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot :-) Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.

3) Remets un log Hijackthis.

@+
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
4 mai 2007 à 08:00
Re,

la suite :

Démarrer, panneau de configuration, ajout/suppression de programmes, supprimlmer win antivirus pro xxxx s'il apparait dans la liste.

Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisation du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Fais l'extraction dans un dossier propre à lui
Ensuite double clique sur navilog1.bat
Laisse-toi guider. Au menu principal, choisis 1 et valides.
ne fais pas le choix 2,3 ou 4 sans notre avis/accord
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
4 mai 2007 à 19:46
voici les trois rapports
BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 13:26:31, on 2007-05-04

Option Unload Explorer: Yes
Failed: DllUnregister C:\Program Files\Mozilla Firefox\plugins\NPND2FN.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Internet Explorer\msimg32.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MSN Messenger\msimg32.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\2.bin\NPND2FN.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\3.bin\NPND2FN.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\3.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\4.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\5.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\6.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Need2Find\bar\7.bin\ND2FNBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\INSTAFINK\instafink.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\RXToolBar\RXToolBar.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\RXToolBar\sfcont.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\1.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\2.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\3.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\4.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\5.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\6.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\7.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\8.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\9.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\a.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\b.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\c.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\d.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\e.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\f.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\i.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\bar\l.bin\*.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\6.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\7.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\8.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\9.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\a.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\b.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\c.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\d.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearch\SrchAstt\e.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearchWB\bar\1.bin\NPMYSRWB.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MyWebSearchWB\bar\2.bin\NPMYSRWB.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\Uninstall My Web Search.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\SrchAstt\1.bin\MTSSRCAS.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\SrchAstt\2.bin\MTSSRCAS.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\SrchAstt\3.bin\MTSSRCAS.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\SrchAstt\4.bin\MTSSRCAS.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\SrchAstt\5.bin\MTSSRCAS.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\bar\1.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\MyTotalSearch\bar\5.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\mybar.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\installr\1.bin\myezsetp.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\1.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\2.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\3.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\4.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\5.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\6.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\7.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\8.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\9.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\a.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\b.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\c.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\mybar\d.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\srchastt\1.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\srchastt\2.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\srchastt\3.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mywaysa\srchasde\1.bin\desrcas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mywaysa\srchasde\desrcas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\1.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\2.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\3.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\4.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\5.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\6.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\7.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\8.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\9.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\10.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myway\SearchAt\11.bin\MWSSRCAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\myglobalsearch\bar\1.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myglobalsearch\bar\2.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myglobalsearch\bar\3.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\myglobalsearch\bar\4.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\bar\3.bin\ASKTBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\bar\4.bin\ASKTBAR.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\SrchAstt\3.bin\A5SRCHAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\AskTBar\SrchAstt\4.bin\A5SRCHAS.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\1.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\2.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\3.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\4.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\5.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\bar\i.bin\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\installr\1.bin\s4ezsetp.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\srchastt\1.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\srchastt\2.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\srchastt\3.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\srchastt\4.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\mysearch\srchastt\5.bin\mysrchas.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.6.1.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.6.2.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.6.4.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.6.4.1\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.0.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.1.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.2.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.2.1\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.3.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.5.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.7.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.8.0.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.8.2.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.8.4.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.8.7.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\bin\4.7.3.0\rb2f.tmp\hbt*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\Bin.7.5.0\HbtWallpaper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hbtools\hbtv\hbtvhelper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.1.7.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.1.8.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.6.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.8.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.11.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.13.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.1.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.5.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.6.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.9.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.0.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.2.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.5.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.8.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.9.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.0.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.1.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.3.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.6.1.0\*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.1.7.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.1.8.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.6.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.8.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.11.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.2.13.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.1.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.5.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.6.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.3.9.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.0.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.2.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.5.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.8.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.4.9.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.0.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.1.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.5.3.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\hotbar\bin\4.6.1.0\rb24e.tmp\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\0.4.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.0.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.0.5.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.0.10.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.1.1.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\1.3.0.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\2.0.0\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShopperReports\Bin\2.0.20\ShprRprt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ShoppingReportBin\2.0.21\ShoppingReport.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SmartShopper\Bin\1.0.9.0\SmrtShpr.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\smartshopper\bin\2.0.1\smrtshpr.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\shoppingreport\shoppingreport.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\SmartShopper\js.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\smartshopper\shoppingreport.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\SmartShopper\SmartShopper0.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\starware\bin\starware.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\starware305\bin\starware305.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\starware316\bin\starware316.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Starware343\bin\Starware343.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\minijuegos\bin\minijuegos.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\starware\bin\dlls\jokester.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\temp\asearchassist.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\adesktopsearch.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\asearchassist.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\atl71.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\atoolbar.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\AToolbarCN.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\atts.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\mapidll.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\accoona\viewers\AThes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\gamesbar\oberontb.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\vstoolbar\vstoolbar.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\vsadd-in\vsadd-in.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\8848\mysearch\0.9.4.2\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\8848\mysearch\0.9.5.0\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\8848\mysearch\0.9.7.6\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\8848\mysearch\0.9.8.4\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\8848\mysearch\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\downloaded program files\hbinstie.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\Downloaded Program Files\instafin.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\Downloaded Program Files\mwsearch.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\Downloaded Program Files\pagerevisor.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\azentretien.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\cpu.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\iasada.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\zsettings.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\azentretien.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\hbhostie.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\iacad.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\iasad.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\iasada.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\lmhhmbhe.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\xcite.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\zolk.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\zolker*.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\system32\ztoolb*.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Uninstall Fun Web Products.dll|1 (file not found)
Failed: DllUnregister C:\Documents and Settings\Propriétaire\Bureau\a7find.dll|1 (file not found)
Failed: DllUnregister C:\Documents and Settings\Propriétaire\Bureau\wmeayl32.dll|1 (file not found)
Failed: DllUnregister C:\msearch.dll|1 (file not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\hbtools (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\hotbar (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\searchtoolbarcorp (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\ShopperReports (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\ShopperReportss (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\SpamBlocker (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\SpamBlockerUtility (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\starware (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\starware305 (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\starware316 (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\starware343 (folder not found)
Failed: FolderDelete C:\Documents and Settings\Propriétaire\Application Data\HbTools_Icons (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\HbTools_Icons (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\hbtools (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\ShopperReports (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\starware (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\starware305 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\starware316 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\starware343 (folder not found)
Failed: FolderDelete C:\WINDOWS\system32\shoppingreport (folder not found)
Failed: FolderDelete C:\WINDOWS\system32\SmartShopper (folder not found)
Failed: FolderDelete C:\Program Files\accoona (folder not found)
Failed: FolderDelete C:\Program Files\AskTBar (folder not found)
Failed: FolderDelete C:\Program Files\FunWebProducts (folder not found)
Failed: FolderDelete C:\Program Files\GamesBar (folder not found)
Failed: FolderDelete C:\Program Files\hbinst (folder not found)
Failed: FolderDelete C:\Program Files\hbtools (folder not found)
Failed: FolderDelete C:\Program Files\HbTools_Icons (folder not found)
Failed: FolderDelete C:\Program Files\hotbar (folder not found)
Failed: FolderDelete C:\Program Files\INSTAFIN (folder not found)
Failed: FolderDelete C:\Program Files\INSTAFINK (folder not found)
Failed: FolderDelete C:\Program Files\minijuegos (folder not found)
Failed: FolderDelete C:\Program Files\myglobalsearch (folder not found)
Failed: FolderDelete C:\Program Files\mysearch (folder not found)
Failed: FolderDelete C:\Program Files\MyTotalSearch (folder not found)
Failed: FolderDelete C:\Program Files\myway (folder not found)
Failed: FolderDelete C:\Program Files\mywaysa (folder not found)
Failed: FolderDelete C:\Program Files\MyWebSearch (folder not found)
Failed: FolderDelete C:\Program Files\MyWebSearchWB (folder not found)
Failed: FolderDelete C:\Program Files\Need2Find (folder not found)
Failed: FolderDelete C:\Program Files\rxtoolbar (folder not found)
Failed: FolderDelete C:\Program Files\ShopperReports (folder not found)
Failed: FolderDelete C:\Program Files\ShoppingReport (folder not found)
Failed: FolderDelete C:\Program Files\SmartShopper (folder not found)
Failed: FolderDelete C:\Program Files\SpamBlockerUtility (folder not found)
Failed: FolderDelete C:\Program Files\SpamBlockerUtility_Icons (folder not found)
Failed: FolderDelete C:\Program Files\starware (folder not found)
Failed: FolderDelete C:\Program Files\starware305 (folder not found)
Failed: FolderDelete C:\Program Files\starware316 (folder not found)
Failed: FolderDelete C:\Program Files\starware343 (folder not found)
Failed: FolderDelete C:\Program Files\vsadd-in (folder not found)
Failed: FolderDelete C:\Program Files\vstoolbar (folder not found)
Failed: FolderDelete C:\Program Files\8848 (folder not found)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFE493.tmp (operation failed)
Script completed.


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:29:23, on 2007-05-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://canoe.com/news/national/b-c-mountie-fired-after-sending-flirty-texts-pics-to-teen-in-sex-assault-case
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5467614E-11FE-4DFA-ADB3-A8EE423FD63d} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: (no name) - {734531AA-AB3D-488C-9C96-334B50401CDC} - C:\WINDOWS\system32\awtss.dll (file missing)
O2 - BHO: (no name) - {748A45DC-B425-4DE7-B569-6BDC51D51D2b} - C:\WINDOWS\system32\owoeoakw.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D44F8DD9-2A9E-4199-9931-F1E31C109531} - C:\WINDOWS\system32\owoeoakw.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\vvebyeqv.dll",realset
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Nero\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
4 mai 2007 à 21:31
Re,

Ouvre ce lien (merci a S!RI pour ce programme). http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.

Regarde le tuto
Exécute le en choisissant l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.

Télécharge :
Ad-Aware (gratuit)
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Tuto :
http://perso.orange.fr/entraide-hijackthis/AdAware/AdAware.htm

*Spybot (gratuit) :
Téléchargement :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
voir demo d utilisation (merci Balltrap)
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm

->Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
========================================
->Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
========================================

Remets un log Hijackthis

@+

une référence pour moi
http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453094312
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
5 mai 2007 à 02:53
voici les 2 rapports

SmitFraudFix v2.174

Rapport fait à 17:21:54,09, 2007-05-04
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Uniblue\RegistryBooster2\RegistryBooster.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{588599f4-de26-4c28-ba14-f4eb17e33481}"="emptins"



»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:50:01, on 2007-05-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://canoe.com/news/national/b-c-mountie-fired-after-sending-flirty-texts-pics-to-teen-in-sex-assault-case
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5467614E-11FE-4DFA-ADB3-A8EE423FD63d} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O2 - BHO: (no name) - {734531AA-AB3D-488C-9C96-334B50401CDC} - C:\WINDOWS\system32\awtss.dll (file missing)
O2 - BHO: (no name) - {748A45DC-B425-4DE7-B569-6BDC51D51D2b} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D44F8DD9-2A9E-4199-9931-F1E31C109531} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\vvebyeqv.dll",realset
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Nero\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
5 mai 2007 à 08:30
Bonjour,

pour tes spywares, 2 choses à faire :

- installe un parefeu. Va sur ce lien pour télécharger et configurer kerio :
http://kerio.probb.fr/Systemesd-exploitation-c1/Logiciels-et-tutoriels-gratuits-tries-par-categorie-f6/Tutoriel-pour-Kerio-4-version-gratuite-t201.htm

- pases régulièrement tes antispy après les avoir mis à jour. Vaccine avec Spybot. utilise la protection résidente de Spybot (le teatimer).
==============================
Relance HijackThis.

Choisis Do a scan only

Coche la case devant les lignes suivantes

O2 - BHO: (no name) - {5467614E-11FE-4DFA-ADB3-A8EE423FD63d} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O2 - BHO: (no name) - {734531AA-AB3D-488C-9C96-334B50401CDC} - C:\WINDOWS\system32\awtss.dll (file missing)
O2 - BHO: (no name) - {748A45DC-B425-4DE7-B569-6BDC51D51D2b} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O2 - BHO: (no name) - {D44F8DD9-2A9E-4199-9931-F1E31C109531} - C:\WINDOWS\system32\owoeoakw.dll (file missing)
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\vvebyeqv.dll",realset


Ferme toutes les fenêtres (hormis HijackThis), y compris ton navigateur.

Clique sur fix checked.

Ferme Hijackthis.
=======================================
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
=======================================
Ouvre le bloc notes (Démarrer >> exécuter et tape notepad), et copie le texte en italique

@ echo off

if exist \BUG09.TXT del \BUG09.TXT
IF EXIST %windir%\bdoscandel.exe ECHO bdoscandel.exe Présent>>\BUG09.TXT
IF NOT EXIST %windir%\bdoscandel.exe ECHO %windir%\bdoscandel.exe Non trouvé>>\BUG09.TXT
IF EXIST "%windir%\Network Diagnostic\xpnetdiag.exe" ECHO %windir%\Network Diagnostic\xpnetdiag.exe Présent>>\BUG09.TXT
IF NOT EXIST "%windir%\Network Diagnostic\xpnetdiag.exe" ECHO "%windir%\Network Diagnostic\xpnetdiag.exe" Non trouvé>>\BUG09.TXT

REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" >>\BUG09.TXT

notepad \BUG09.TXT
exit


Dans le menu du bloc notes, clic sur "Fichier" >> Enregistrer sous.
Choisis le bureau comme lieu d'enregistrement, puis dans:

Type -> choisis "tous les fichiers"
Nom du fichier -> tape xxxxxx.bat
clic sur enregistrer.

Sur ton bureau tu auras maintenant un fichier nommé xxxxxx.bat.
Double clic sur le fichier xxxxxx.bat.
Une fenêtre noire va s'ouvrir et se refermer rapidement, c'est normal.
Le bloc note va s'ouvrir ensuite avec le listing des fichiers que le scrïpt aura détecté.
Copie et colle ici le contenu de ce rapport.

========================================

remets un log Hijackthis
@+

0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
5 mai 2007 à 15:13
bonjour, j'ai fait la premiere partie avec hijack. J'ai déjà soumis ce problème sans réponse, je ne peux plus redémarer mon ordi en mode sans échec.

Lorsque j'essai de redémarrer en mode sans échec, je revient au menu : chosissez le systeme d'exploitation à démarrer, je choisis microsoft windows xp edition familial ( mode sans echec est écrit en bleu au bas de l'ecran) mais le système fait un reset et l'ordi redémarre.

À toi...

merci!
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
5 mai 2007 à 19:13
Re,

fais le reste de la manip (y compris remettre un log Hijackthis).
@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
5 mai 2007 à 20:31
voila


SmitFraudFix v2.174

Rapport fait à 14:19:32,85, 2007-05-05
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{588599f4-de26-4c28-ba14-f4eb17e33481}"="emptins"


»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 24.200.241.37
DNS Server Search Order: 24.201.245.77
DNS Server Search Order: 24.200.243.189

HKLM\SYSTEM\CCS\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\..\{95B43E26-4EBD-4B42-A75F-41CD71FF849B}: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.200.241.37 24.201.245.77 24.200.243.189


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

bdoscandel.exe Présent
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Présent

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Pré-chargeur Browseui
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Démon de cache des catégories de composant


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:30:55, on 2007-05-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Nero\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Nero\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
5 mai 2007 à 20:55
Re,

installe kerio.

Le démarrage en mode sans échec est toujours impossible ?

@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
5 mai 2007 à 22:59
kerio est installé, tjrs impossible de démarrer en mode sans echec

est-ce normal que registry booster trouve encore 601 probleme ou est-ce du faque pour vendre le logiciel?
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
6 mai 2007 à 00:02
Bonjour,

j'ai testé, il me trouve plus de 200 malwares sur mon pc.

Pour réparer le registre, Ccleaner.

Téléchargement :
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !

¤ Lance CCleaner.

Suppression des incohérence du registre

• Clique sur l'icône Erreurs situés dans la marge à gauche.
• Puis clique sur Analyser les erreurs
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur Corriger les erreurs.

Réessaye le mode sans échec (même si je n'y crois pas trop).
@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
6 mai 2007 à 00:25
cc cleaner est passé sur mon pc

mode sans echec ne fonctionne tjrs pas

merci
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
6 mai 2007 à 09:17
Bonjour,

fais ceci :

démarrer, exécuter, tu tapes "regedit", OK

La fenêtre de regedit s'ouvre.

Edition, rechercher, tu tapes "Safeboot".

puis tu fais F3 pour chercher la clé suivante et tu recommences jusqu'à ce qu'il ne trouve plus rien.

Elles sont de la forme :
HKey_Local_Machine\system\ControlSet001\Control\SafeBoot

Tu dois avoir ControlSet001 et 002 et 003 et CurrentControlSet.

@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
6 mai 2007 à 21:26
bonjour

voilà c'est fait

merci
0
Lyonnais92 Messages postés 25159 Date d'inscription vendredi 23 juin 2006 Statut Contributeur sécurité Dernière intervention 16 septembre 2016 1 536
6 mai 2007 à 22:16
Re,

désolé, ma demande était formulée d'une manière idiote. Je voulais savoir lesquelles tu avais (les 4 ou moins, ou plus).

J'y reviendrai peut être plus tard. Pour le moment, je vais essayer plus simple.

Bien qu'il n'y ait aucune trace de bagle dans tout ce que tu as dit, je vais te faire passer un outil qui l'éradique mais qui surtout, dans le cas de ce virus, rétablit l'accès au mode sans échec.

Si on a de la chance, ça fonctionnera ici aussi.

Rends toi sur ce site :
http://www.zonavirus.com/datos/descargas/95/elibagla.asp
tout en bas de cette page tu trouveras un outil
à télécharger,clique sur escargar Elibagla 10.09
installe ce fichier sur le bureau.
ensuite double-clic sur Elibagla.exe
>laisse la case "eliminar ficheros automaticamente" coché
>clique sur"explorar"
>laisse-le travailler
>poste le rapport final qui sera dans c:\infosat.txt

Si, dans le rapport, tu vois un texte semblable à celui-ci

Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24
a "virus@satinfo.es". Gracias;

envoie ce(s) fichier(s) (dans l'exemple C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24 ) à l'adresse e-mail indiquée (virus@satinfo.es).

L'outil a rencontré un fichier qu'il reconnait mais ne sait pas encore éradiquer. Dans 24 heures environ, sur le site, la version de déchargement (v10.24 dans l'exemple) aura changé par rapport à celle actuelle. Tu retéléchargeras l'outil, tu le relanceras et tu posteras le rapport.

et tu réessayes le mode sans échec.
@+
0
stefou38 Messages postés 78 Date d'inscription dimanche 3 décembre 2006 Statut Membre Dernière intervention 25 mars 2017
7 mai 2007 à 00:03
désolé je ne vois pas le prog a downloader
0