CommentCaMarche
Recherche
Posez votre question Signaler

Mon ordi est assailli de pub [Résolu]

contempo 10Messages postés dimanche 7 janvier 2007Date d'inscription 20 janvier 2007Dernière intervention - Dernière réponse le 20 janv. 2007 à 15:46
Bonjour à toutes et à tous,
Cela fait un moment que j'ai sollicité l'aide de ce forum en ce qui concerne ce raport ci-dessous, mais malheureuresement je n'ai pas encore reçu des réponses. Veuillez m'aider s'ils vous plait, mon ordi est assailli de pub intempésptive et qu'il est devenu trés lourd.
Merci d'avance pour votre aide.
Logfile of HijackThis v1.99.1
Scan saved at 18:08:26, on 31/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\usnsvc.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Seemi\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [ONE MEMO PURE PLAN] C:\Documents and Settings\All Users\Application Data\BlueKindOneMemo\bonebend.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [deleteslow] C:\DOCUME~1\Seemi\APPLIC~1\CAMPIN~1\Regs the.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Lire la suite 
Réponse
+0
moins plus
Bonjour,


Peux tu me définir ton anti-virus et ton pare-feu ??


On va començer avec ce log pour les pubs

Télécharge Blacklight(de F-Secure) a l’une des 2 adresses :
https://europe.f-secure.com/blacklight/try.shtml
http://www.f-secure.com/blacklight/try.shtml

et sauvegarde le sur ton Bureau.

Double-clique blbeta.exeet accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie/colle le rapport


Bon courage

A++

Ajouter un commentaire
Réponse
+0
moins plus
Merci Marie,

L'anti-virus est AVGfree edition, et le pare-feu est Windows.

les deux fichiers sont:

rebonjour#2007 01 15%2015%3A48%3A5701/15/07 16:19:49 [Info]: BlackLight Engine 1.0.55 initialized
01/15/07 16:19:49 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/15/07 16:19:49 [Note]: 7019 4
01/15/07 16:19:49 [Note]: 7005 0
01/15/07 16:19:49 [Note]: 7006 0
01/15/07 16:20:02 [Note]: 7011 1976
01/15/07 16:20:02 [Note]: 8001 2
01/15/07 16:20:06 [Note]: FSRAW library version 1.7.1021




01/15/07 16:17:34 [Info]: BlackLight Engine 1.0.55 initialized
01/15/07 16:17:34 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/15/07 16:17:35 [Note]: 7019 4
01/15/07 16:17:35 [Note]: 7005 0
01/15/07 16:17:35 [Note]: 7006 0
01/15/07 16:17:36 [Note]: 7011 1976
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:48 [Note]: FSRAW library version 1.7.1021
01/15/07 16:20:02 [Note]: 7007 0
Ajouter un commentaire
Réponse
+0
moins plus
Ok

Faut installer un pare-feu.
Le pare-feu windows n'est pas efficace
Faut trouver un pare-feu qui s'associe avec ton anti-viru




Ensuite


C:\DOCUME~1\Seemi\LOCALS~1\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
Il est mal placé, faudra le refaire aussi.

Fait le nettoyage qui suit


Télécharge (sauf si tu les as) et colle les 3 rapports dans l’ordre

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
http://www.ccleaner.com/ccdownload.asp
Tutorial ici:
http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :
http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport

E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
http://assiste.free.fr/p/antivirus_gratuits_en_ligne/antivirus_en_ligne.php
http://www.bitdefender.fr/scan8/ie.html
TUTO
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Copie/COLLE le rapport entier

F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++
contempo 10Messages postés dimanche 7 janvier 2007Date d'inscription 20 janvier 2007Dernière intervention - 15 janv. 2007 à 22:48
Bonsoir Marie,

Je n'ai pas encore trouvé un autre pare-feu pour changer celui de pas éfficace de Windows.

Concernant les différents rapports, je pense ,aprés avoir passé toute la journée sur les analyses, que je me perds!

En éffet, j'ai suivé la procédure comme tu me l'as clairement éxpliqué, mais franchement, je suis.

Pour Adware.
*** Installation Started 01/15/2007 16:58 ***
Title: Ad-Aware SE Personal
Source: C:\Documents and Settings\Seemi\Bureau\aawsepersonal.exe
Display Text: Uninstall complete.
Made Dir: C:\Program Files\Lavasoft
Made Dir: C:\Program Files\Lavasoft\Ad-Aware SE Personal
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\UNWISE.EXE
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: Ad-Aware SE Personal
RegDB Name: DisplayName
RegDB Root: 2
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
RegDB Name: UninstallString
RegDB Root: 2
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\alert.wav
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
Made Dir: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask
Made Dir: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Plugins
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\license.txt
Made Dir: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Lang
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Lang\default.awl
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\manual.chm
File Copy: C:\Program Files\Lavasoft\Ad-Aware SE Personal\unregaaw.exe
Shell Link: C:\Documents and Settings\All Users\Bureau\Ad-Aware SE Personal.lnk
Made Dir: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft Ad-Aware SE Personal
Shell Link: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft Ad-Aware SE Personal\Ad-Aware SE Personal.lnk
Shell Link: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft Ad-Aware SE Personal\Ad-Aware SE Manual.lnk
Shell Link: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft Ad-Aware SE Personal\Uninstall Ad-Aware SE Personal.lnk
Shell Link: C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware SE Personal.lnk
Shell Link: C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware SE Personal.lnk
File Tree: C:\Documents and Settings\Seemi\Application Data\Lavasoft\Ad-Aware
RegDB TREE: SOFTWARE\Lavasoft\Ad-Aware SE
RegDB Root: 1
RegDB TREE: SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ad-Aware
RegDB Root: 2
RegDB TREE: SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ad-Watch
RegDB Root: 2
RegDB TREE: SOFTWARE\Classes\Drive\shell\Scan with Ad-Aware
RegDB Root: 1
RegDB TREE: SOFTWARE\Classes\Directory\shell\Scan with Ad-Aware
RegDB Root: 1
RegDB TREE: SYSTEM\CurrentControlSet\Services\Eventlog\Application\Adwatch
RegDB Root: 1
File Tree: C:\Documents and Settings\Seemi\Application Data\Lavasoft\Ad-Aware
File Tree: C:\PROGRA~1\Lavasoft\AD-AWA~1
Execute Program: C:\PROGRA~1\Lavasoft\AD-AWA~1\unregaaw.exe
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: http://www.lavasoft.com
RegDB Name: HelpLink
RegDB Root: 2
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: Lavasoft
RegDB Name: Publisher
RegDB Root: 2
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe,-0
RegDB Name: DisplayIcon
RegDB Root: 2
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: http://www.lavasoft.com
RegDB Name: URLInfoAbout
RegDB Root: 2
RegDB Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Aware SE Personal
RegDB Val: 1.06
RegDB Name: DisplayVersion
RegDB Root: 2
User Rights: Admin



Pour Spybot:

Pour Ccleaner:

v1.36.430
- Fixed bug with Hotfix and logfile cleaning.
- Added Office 2007 cleaning.
- Minor tweaks and optimizations.

v1.35.424
- Fixed IE7 Autocomplete form data cleaning.
- Updated Vista detection routines.
- Added code signing to program executable.
- Fixed bug in Temporary folder detection.
- Fixed some IE7 cookie handling issues.
- Added additional error checking to folder routines.
- Added Paint Shop Pro XI cleaning.
- Updated French translation.
- Minor display fixes.

--------------------------------------------
www.ccleaner.com

Pour AVG:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 19:14:17 15/01/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP388\A0056773.dll -> Adware.Minibug : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP388\A0056775.exe -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP388\A0056774.exe -> Dropper.Small : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport


Pour Bitdeffender:





#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x7c9110f3, pid=2192, tid=2884
#
# Java VM: Java HotSpot(TM) Client VM (1.5.0_06-b05 mixed mode, sharing)
# Problematic frame:
# C [ntdll.dll+0x10f3]
#

--------------- T H R E A D ---------------

Current thread (0x003377a0): JavaThread "AWT-EventQueue-17" [_thread_in_native, id=2884]

siginfo: ExceptionCode=0xc0000005, writing address 0x0b7ecf74

Registers:
EAX=0x00000000, EBX=0x2b3462c8, ECX=0x0484f6b4, EDX=0x0b7ecf6c
ESP=0x0484f6c4, EBP=0x0484f6fc, ESI=0x0b7ecf58, EDI=0x0b7ecf6c
EIP=0x7c9110f3, EFLAGS=0x00010246

Top of Stack: (sp=0x0484f6c4)
0x0484f6c4: 6d0d7ce2 0b7ecf6c 003377a0 00337860
0x0484f6d4: 6d0c80a3 003377a0 2aaf1ec0 2b3462c8
0x0484f6e4: 21a60ab8 00000000 0484f6d8 0484fbe4
0x0484f6f4: 6d0f34d0 00000000 0484f730 081e899c
0x0484f704: 00337860 0484f740 00000011 21a60ab8
0x0484f714: 0484f70c 00000000 0484f740 2b347238
0x0484f724: 00000000 2b3462c8 0484f740 0484f760
0x0484f734: 081e2923 00000000 081e6449 21a60ab8

Instructions: (pc=0x7c9110f3)
0x7c9110e3: 24 00 00 00 00 90 90 90 90 90 8b 54 24 04 33 c0
0x7c9110f3: ff 4a 08 75 26 89 42 0c f0 ff 4a 04 7d 03 c2 04


Stack: [0x04750000,0x04850000), sp=0x0484f6c4, free space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [ntdll.dll+0x10f3]
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+67
j java.awt.Container.removeAll()V+82
j sun.plugin.viewer.frame.IExplorerEmbeddedFrame.windowClosing(Ljava/awt/event/WindowEvent;)V+18
j java.awt.Window.processWindowEvent(Ljava/awt/event/WindowEvent;)V+68
j java.awt.Window.processEvent(Ljava/awt/AWTEvent;)V+69
j java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V+477
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19
j java.awt.Component.dispatchEvent(Ljava/awt/AWTEvent;)V+2
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+46
j java.awt.EventDispatchThread.pumpOneEventForHierarchy(ILjava/awt/Component;)Z+233
J java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V
v ~RuntimeStub::alignment_frame_return Runtime1 stub
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3
j java.awt.EventDispatchThread.run()V+9
v ~StubRoutines::call_stub
V [jvm.dll+0x845a9]
V [jvm.dll+0xd9317]
V [jvm.dll+0x8447a]
V [jvm.dll+0x841d7]
V [jvm.dll+0x9ed69]
V [jvm.dll+0x109fe3]
V [jvm.dll+0x109fb1]
C [msvcrt.dll+0x2a3b0]
C [kernel32.dll+0xb50b]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+67
j java.awt.Container.removeAll()V+82
j sun.plugin.viewer.frame.IExplorerEmbeddedFrame.windowClosing(Ljava/awt/event/WindowEvent;)V+18
j java.awt.Window.processWindowEvent(Ljava/awt/event/WindowEvent;)V+68
j java.awt.Window.processEvent(Ljava/awt/AWTEvent;)V+69
j java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V+477
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19
j java.awt.Component.dispatchEvent(Ljava/awt/AWTEvent;)V+2
j java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V+46
j java.awt.EventDispatchThread.pumpOneEventForHierarchy(ILjava/awt/Component;)Z+233
J java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V
v ~RuntimeStub::alignment_frame_return Runtime1 stub
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3
j java.awt.EventDispatchThread.run()V+9
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x074352b8 JavaThread "Thread-133" [_thread_blocked, id=3996]
0x07558a38 JavaThread "Keep-Alive-Timer" daemon [_thread_blocked, id=2492]
0x075db3f0 JavaThread "Thread-125" [_thread_in_native, id=2864]
=>0x003377a0 JavaThread "AWT-EventQueue-17" [_thread_in_native, id=2884]
0x0b7aac20 JavaThread "thread applet-ChatApplet.class" [_thread_blocked, id=3376]
0x04257a48 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=3288]
0x0b710448 JavaThread "AWT-Shutdown" [_thread_blocked, id=3688]
0x075447f8 JavaThread "Java Sound Event Dispatcher" daemon [_thread_blocked, id=2568]
0x075b3008 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2472]
0x075a7e70 JavaThread "AWT-Windows" daemon [_thread_in_native, id=2224]
0x07582e60 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=228]
0x07530100 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=3948]
0x07531bd8 JavaThread "CompilerThread0" daemon [_thread_blocked, id=2828]
0x07530fa0 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3676]
0x07490248 JavaThread "Finalizer" daemon [_thread_blocked, id=2356]
0x07490a10 JavaThread "Reference Handler" daemon [_thread_blocked, id=272]
0x07454a20 JavaThread "main" [_thread_in_native, id=488]

Other Threads:
0x0742e540 VMThread [id=1220]
0x0742e5e8 WatcherThread [id=592]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 1280K, used 975K [0x20a70000, 0x20bd0000, 0x211d0000)
eden space 1152K, 83% used [0x20a70000, 0x20b61dd8, 0x20b90000)
from space 128K, 5% used [0x20bb0000, 0x20bb1e60, 0x20bd0000)
to space 128K, 0% used [0x20b90000, 0x20b90000, 0x20bb0000)
tenured generation total 15656K, used 11883K [0x211d0000, 0x2211a000, 0x26a70000)
the space 15656K, 75% used [0x211d0000, 0x21d6afa0, 0x21d6b000, 0x2211a000)
compacting perm gen total 8192K, used 2218K [0x26a70000, 0x27270000, 0x2aa70000)
the space 8192K, 27% used [0x26a70000, 0x26c9a8a0, 0x26c9aa00, 0x27270000)
ro space 8192K, 63% used [0x2aa70000, 0x2af7b178, 0x2af7b200, 0x2b270000)
rw space 12288K, 46% used [0x2b270000, 0x2b809fa8, 0x2b80a000, 0x2be70000)

Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\iexplore.exe
0x7c910000 - 0x7c9c7000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c904000 C:\WINDOWS\system32\kernel32.dll
0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll
0x77d10000 - 0x77da0000 C:\WINDOWS\system32\USER32.dll
0x77ef0000 - 0x77f37000 C:\WINDOWS\system32\GDI32.dll
0x77f40000 - 0x77fb6000 C:\WINDOWS\system32\SHLWAPI.dll
0x77da0000 - 0x77e4c000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e50000 - 0x77ee1000 C:\WINDOWS\system32\RPCRT4.dll
0x77720000 - 0x7788c000 C:\WINDOWS\system32\SHDOCVW.dll
0x779e0000 - 0x77a76000 C:\WINDOWS\system32\CRYPT32.dll
0x77a80000 - 0x77a92000 C:\WINDOWS\system32\MSASN1.dll
0x76610000 - 0x76694000 C:\WINDOWS\system32\CRYPTUI.dll
0x76be0000 - 0x76c0e000 C:\WINDOWS\system32\WINTRUST.dll
0x76c40000 - 0x76c68000 C:\WINDOWS\system32\IMAGEHLP.dll
0x770e0000 - 0x7716c000 C:\WINDOWS\system32\OLEAUT32.dll
0x774a0000 - 0x775dd000 C:\WINDOWS\system32\ole32.dll
0x6fee0000 - 0x6ff34000 C:\WINDOWS\system32\NETAPI32.dll
0x77aa0000 - 0x77b47000 C:\WINDOWS\system32\WININET.dll
0x76f10000 - 0x76f3d000 C:\WINDOWS\system32\WLDAP32.dll
0x77bd0000 - 0x77bd8000 C:\WINDOWS\system32\VERSION.dll
0x77390000 - 0x77492000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7c9d0000 - 0x7d1f3000 C:\WINDOWS\system32\SHELL32.dll
0x58b50000 - 0x58be7000 C:\WINDOWS\system32\comctl32.dll
0x5b090000 - 0x5b0c8000 C:\WINDOWS\system32\uxtheme.dll
0x63000000 - 0x63014000 C:\WINDOWS\system32\SynTPFcs.dll
0x74690000 - 0x746db000 C:\WINDOWS\system32\MSCTF.dll
0x10000000 - 0x10008000 C:\WINDOWS\system32\TWVMHK.DLL
0x76010000 - 0x76075000 C:\WINDOWS\system32\MSVCP60.dll
0x75f10000 - 0x7600d000 C:\WINDOWS\system32\BROWSEUI.dll
0x20000000 - 0x20013000 C:\WINDOWS\system32\browselc.dll
0x77b50000 - 0x77b72000 C:\WINDOWS\system32\appHelp.dll
0x76f80000 - 0x76fff000 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 - 0x770d4000 C:\WINDOWS\system32\COMRes.dll
0x77170000 - 0x7720e000 C:\WINDOWS\system32\urlmon.dll
0x77fc0000 - 0x77fd1000 C:\WINDOWS\system32\Secur32.dll
0x778e0000 - 0x779d8000 C:\WINDOWS\system32\SETUPAPI.dll
0x01cf0000 - 0x01e1d000 c:\program files\google\googletoolbar1.dll
0x71a10000 - 0x71a1a000 C:\WINDOWS\system32\WSOCK32.dll
0x719f0000 - 0x71a07000 C:\WINDOWS\system32\WS2_32.dll
0x719e0000 - 0x719e8000 C:\WINDOWS\system32\WS2HELP.dll
0x76ae0000 - 0x76b0f000 C:\WINDOWS\system32\WINMM.dll
0x76310000 - 0x76315000 C:\WINDOWS\system32\MSIMG32.dll
0x5d3f0000 - 0x5d491000 C:\WINDOWS\system32\DBGHELP.DLL
0x76e90000 - 0x76ecc000 C:\WINDOWS\system32\RASAPI32.DLL
0x76e40000 - 0x76e52000 C:\WINDOWS\system32\rasman.dll
0x76e60000 - 0x76e8f000 C:\WINDOWS\system32\TAPI32.dll
0x76e30000 - 0x76e3e000 C:\WINDOWS\system32\rtutils.dll
0x77c40000 - 0x77c63000 C:\WINDOWS\system32\msv1_0.dll
0x76d10000 - 0x76d29000 C:\WINDOWS\system32\iphlpapi.dll
0x72220000 - 0x72225000 C:\WINDOWS\system32\sensapi.dll
0x76960000 - 0x76a15000 C:\WINDOWS\system32\USERENV.dll
0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll
0x76930000 - 0x76956000 C:\WINDOWS\system32\ntshrui.dll
0x76ac0000 - 0x76ad1000 C:\WINDOWS\system32\ATL.DLL
0x71a60000 - 0x71a72000 C:\WINDOWS\system32\MPR.dll
0x75ef0000 - 0x75ef7000 C:\WINDOWS\System32\drprov.dll
0x71b70000 - 0x71b7e000 C:\WINDOWS\System32\ntlanman.dll
0x71c30000 - 0x71c47000 C:\WINDOWS\System32\NETUI0.dll
0x71bf0000 - 0x71c30000 C:\WINDOWS\System32\NETUI1.dll
0x71be0000 - 0x71be7000 C:\WINDOWS\System32\NETRAP.dll
0x71b50000 - 0x71b63000 C:\WINDOWS\System32\SAMLIB.dll
0x75f00000 - 0x75f09000 C:\WINDOWS\System32\davclnt.dll
0x02080000 - 0x0212d000 C:\PROGRA~1\Crawler\ctbr.dll
0x76340000 - 0x7638a000 C:\WINDOWS\system32\comdlg32.dll
0x01e40000 - 0x01e4e000 C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
0x02490000 - 0x0276a000 C:\WINDOWS\system32\xpsp2res.dll
0x02970000 - 0x02c36000 C:\WINDOWS\system32\msi.dll
0x77210000 - 0x772c1000 C:\WINDOWS\system32\SXS.DLL
0x01ed0000 - 0x01ede000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x01ef0000 - 0x01f37000 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
0x7d4c0000 - 0x7d7a6000 C:\WINDOWS\system32\Mshtml.dll
0x74630000 - 0x74657000 C:\WINDOWS\system32\msls31.dll
0x032d0000 - 0x032ee000 C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
0x03300000 - 0x0331c000 C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
0x77650000 - 0x77671000 C:\WINDOWS\system32\NTMARTA.DLL
0x03360000 - 0x0337f000 C:\WINDOWS\system32\dla\tfswshx.dll
0x03380000 - 0x0338f000 C:\WINDOWS\system32\tfswapi.dll
0x03390000 - 0x0342b000 C:\WINDOWS\system32\dla\tfswcres.dll
0x6d600000 - 0x6d62d000 C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
0x5f140000 - 0x5f157000 C:\WINDOWS\system32\OLEPRO32.DLL
0x03470000 - 0x034c4000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
0x72f50000 - 0x72f76000 C:\WINDOWS\system32\WINSPOOL.DRV
0x03710000 - 0x0379e000 C:\WINDOWS\system32\shdoclc.dll
0x75d30000 - 0x75dc1000 C:\WINDOWS\system32\mlang.dll
0x71990000 - 0x719d0000 C:\WINDOWS\system32\mswsock.dll
0x62e40000 - 0x62e99000 C:\WINDOWS\system32\hnetcfg.dll
0x719d0000 - 0x719d8000 C:\WINDOWS\System32\wshtcpip.dll
0x037b0000 - 0x037ba000 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
0x037c0000 - 0x037d9000 c:\progra~1\mcafee.com\vso\McVSSkt.dll
0x76ed0000 - 0x76ef7000 C:\WINDOWS\system32\DNSAPI.dll
0x76f70000 - 0x76f76000 C:\WINDOWS\system32\rasadhlp.dll
0x76320000 - 0x7633d000 C:\WINDOWS\system32\IMM32.DLL
0x325c0000 - 0x325d2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x75be0000 - 0x75c4e000 C:\WINDOWS\system32\jscript.dll
0x73250000 - 0x732b7000 C:\WINDOWS\system32\vbscript.dll
0x73d20000 - 0x73e1e000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 - 0x61d7e000 C:\WINDOWS\system32\MFC42LOC.DLL
0x72c70000 - 0x72c79000 C:\WINDOWS\system32\wdmaud.drv
0x72c60000 - 0x72c68000 C:\WINDOWS\system32\msacm32.drv
0x77bb0000 - 0x77bc5000 C:\WINDOWS\system32\MSACM32.dll
0x77ba0000 - 0x77ba7000 C:\WINDOWS\system32\midimap.dll
0x6d8f0000 - 0x6d8fa000 C:\WINDOWS\system32\ddrawex.dll
0x736b0000 - 0x736f9000 C:\WINDOWS\system32\DDRAW.dll
0x73b10000 - 0x73b16000 C:\WINDOWS\system32\DCIMAN32.dll
0x761c0000 - 0x76231000 C:\WINDOWS\system32\mshtmled.dll
0x71ca0000 - 0x71cbc000 C:\WINDOWS\system32\actxprxy.dll
0x08190000 - 0x081a2000 C:\Program Files\Dell\QuickSet\dadkeyb.dll
0x6d590000 - 0x6d5a2000 C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
0x6d400000 - 0x6d417000 C:\Program Files\Java\jre1.5.0_06\bin\jpiexp32.dll
0x76f60000 - 0x76f68000 C:\WINDOWS\System32\winrnr.dll
0x6d450000 - 0x6d468000 C:\Program Files\Java\jre1.5.0_06\bin\jpishare.dll
0x6d670000 - 0x6d804000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\client\jvm.dll
0x6d280000 - 0x6d288000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\hpi.dll
0x76ba0000 - 0x76bab000 C:\WINDOWS\system32\PSAPI.DLL
0x6d640000 - 0x6d64c000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\verify.dll
0x6d300000 - 0x6d31d000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\java.dll
0x6d660000 - 0x6d66f000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\zip.dll
0x6d000000 - 0x6d167000 C:\Program Files\Java\jre1.5.0_06\bin\awt.dll
0x73890000 - 0x73960000 C:\WINDOWS\system32\D3DIM700.DLL
0x6d240000 - 0x6d27d000 C:\Program Files\Java\jre1.5.0_06\bin\fontmanager.dll
0x6d1f0000 - 0x6d203000 C:\Program Files\Java\jre1.5.0_06\bin\deploy.dll
0x6d5d0000 - 0x6d5ef000 C:\Program Files\Java\jre1.5.0_06\bin\RegUtils.dll
0x6d3e0000 - 0x6d3f5000 C:\Program Files\Java\jre1.5.0_06\bin\jpicom32.dll
0x6d4c0000 - 0x6d4d3000 C:\Program Files\Java\jre1.5.0_06\bin\net.dll
0x6d1c0000 - 0x6d1e3000 C:\Program Files\Java\jre1.5.0_06\bin\dcpr.dll
0x6d4e0000 - 0x6d4e9000 C:\Program Files\Java\jre1.5.0_06\bin\nio.dll

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~2.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~2.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~2.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE15~2.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~2.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~2.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~2.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol vfprintf
java_command: <unknown>
Launcher Type: generic

Environment Variables:
PATH=C:\PROGRA~1\Java\JRE15~2.0_0\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.
USERNAME=Seemi
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 1 family 6, cmov, cx8, fxsr, mmx, sse, sse2

Memory: 4k page, physical 515452k(229432k free), swap 1259452k(814520k free)

vm_info: Java HotSpot(TM) Client VM (1.5.0_06-b05) for windows-x86, built on Nov 10 2005 11:12:14 by "java_re" with MS VC++ 6.0



#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x7c9110f3, pid=300, tid=3852
#
# Java VM: Java HotSpot(TM) Client VM (1.5.0_06-b05 mixed mode)
# Problematic frame:
# C [ntdll.dll+0x10f3]
#

--------------- T H R E A D ---------------

Current thread (0x0a12e308): JavaThread "thread applet-EIRC" [_thread_in_native, id=3852]

siginfo: ExceptionCode=0xc0000005, writing address 0x0a019bcc

Registers:
EAX=0x00000000, EBX=0x161ac7a0, ECX=0x0a56f670, EDX=0x0a019bc4
ESP=0x0a56f680, EBP=0x0a56f6b8, ESI=0x0a019bb0, EDI=0x0a019bc4
EIP=0x7c9110f3, EFLAGS=0x00010246

Top of Stack: (sp=0x0a56f680)
0x0a56f680: 6d0d7ce2 0a019bc4 0a12e308 0a12e3c8
0x0a56f690: 6d0c80a3 0a12e308 161ac7a0 161ac7a0
0x0a56f6a0: 11878bd0 00000000 0a56f694 0a56fae4
0x0a56f6b0: 6d0f34d0 00000000 0a56f6ec 06e8899c
0x0a56f6c0: 0a12e3c8 0a56f6fc 00000001 11878bd0
0x0a56f6d0: 0a56f6c8 00000000 0a56f6fc 161aee98
0x0a56f6e0: 00000000 161ac7a0 0a56f6fc 0a56f71c
0x0a56f6f0: 06e82923 00000000 06e86449 11878bd0

Instructions: (pc=0x7c9110f3)
0x7c9110e3: 24 00 00 00 00 90 90 90 90 90 8b 54 24 04 33 c0
0x7c9110f3: ff 4a 08 75 26 89 42 0c f0 ff 4a 04 7d 03 c2 04


Stack: [0x0a470000,0x0a570000), sp=0x0a56f680, free space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [ntdll.dll+0x10f3]
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+67
j java.awt.Container.removeNotify()V+38
j java.awt.Container.remove(I)V+43
j java.awt.Container.remove(Ljava/awt/Component;)V+45
j c.if(Ljava/lang/String;)V+46
j EIRC.a(Lb/a/a/e/a/a;)V+15
j b.a.a.e.f.a()V+22
j b.a.a.e.f.int()V+14
j EIRC.stop()V+26
j sun.applet.AppletPanel.run()V+447
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub
V [jvm.dll+0x845a9]
V [jvm.dll+0xd9317]
V [jvm.dll+0x8447a]
V [jvm.dll+0x841d7]
V [jvm.dll+0x9ed69]
V [jvm.dll+0x109fe3]
V [jvm.dll+0x109fb1]
C [msvcrt.dll+0x2a3b0]
C [kernel32.dll+0xb50b]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+67
j java.awt.Container.removeNotify()V+38
j java.awt.Container.remove(I)V+43
j java.awt.Container.remove(Ljava/awt/Component;)V+45
j c.if(Ljava/lang/String;)V+46
j EIRC.a(Lb/a/a/e/a/a;)V+15
j b.a.a.e.f.a()V+22
j b.a.a.e.f.int()V+14
j EIRC.stop()V+26
j sun.applet.AppletPanel.run()V+447
j java.lang.Thread.run()V+11
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x0b3d08a8 JavaThread "Thread-21" [_thread_blocked, id=2452]
0x0552cbb8 JavaThread "Thread-9" [_thread_in_native, id=3008]
0x05679de8 JavaThread "Image Animator 0" daemon [_thread_blocked, id=3288]
0x04aea9f0 JavaThread "Java Sound Event Dispatcher" daemon [_thread_blocked, id=1220]
0x056446a8 JavaThread "AWT-EventQueue-2" [_thread_blocked, id=3144]
=>0x0a12e308 JavaThread "thread applet-EIRC" [_thread_in_native, id=3852]
0x05577288 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=1240]
0x05597c78 JavaThread "AWT-Shutdown" [_thread_blocked, id=456]
0x055804f0 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=3752]
0x055776a8 JavaThread "AWT-Windows" daemon [_thread_in_native, id=220]
0x055717f8 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=188]
0x04a3f9c8 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=1884]
0x04a63620 JavaThread "CompilerThread0" daemon [_thread_blocked, id=3304]
0x04aa27c0 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3256]
0x05520e18 JavaThread "Finalizer" daemon [_thread_blocked, id=2692]
0x04a39198 JavaThread "Reference Handler" daemon [_thread_blocked, id=4088]
0x04a2c538 JavaThread "main" [_thread_blocked, id=916]

Other Threads:
0x04a18d48 VMThread [id=3528]
0x04a47ba8 WatcherThread [id=2632]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 3136K, used 1288K [0x10010000, 0x10370000, 0x10770000)
eden space 2816K, 40% used [0x10010000, 0x1012b018, 0x102d0000)
from space 320K, 48% used [0x102d0000, 0x102f7060, 0x10320000)
to space 320K, 0% used [0x10320000, 0x10320000, 0x10370000)
tenured generation total 40372K, used 39492K [0x10770000, 0x12edd000, 0x16010000)
the space 40372K, 97% used [0x10770000, 0x12e010f0, 0x12e01200, 0x12edd000)
compacting perm gen total 8448K, used 8328K [0x16010000, 0x16850000, 0x1a010000)
the space 8448K, 98% used [0x16010000, 0x16832218, 0x16832400, 0x16850000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\iexplore.exe
0x7c910000 - 0x7c9c7000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c904000 C:\WINDOWS\system32\kernel32.dll
0x77be0000 - 0x77c38000 C:\WINDOWS\system32\msvcrt.dll
0x77d10000 - 0x77da0000 C:\WINDOWS\system32\USER32.dll
0x77ef0000 - 0x77f37000 C:\WINDOWS\system32\GDI32.dll
0x77f40000 - 0x77fb6000 C:\WINDOWS\system32\SHLWAPI.dll
0x77da0000 - 0x77e4c000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e50000 - 0x77ee1000 C:\WINDOWS\system32\RPCRT4.dll
0x77720000 - 0x7788e000 C:\WINDOWS\system32\SHDOCVW.dll
0x779e0000 - 0x77a76000 C:\WINDOWS\system32\CRYPT32.dll
0x77a80000 - 0x77a92000 C:\WINDOWS\system32\MSASN1.dll
0x76610000 - 0x76694000 C:\WINDOWS\system32\CRYPTUI.dll
0x76be0000 - 0x76c0e000 C:\WINDOWS\system32\WINTRUST.dll
0x76c40000 - 0x76c68000 C:\WINDOWS\system32\IMAGEHLP.dll
0x770e0000 - 0x7716c000 C:\WINDOWS\system32\OLEAUT32.dll
0x774a0000 - 0x775dd000 C:\WINDOWS\system32\ole32.dll
0x6fee0000 - 0x6ff34000 C:\WINDOWS\system32\NETAPI32.dll
0x77aa0000 - 0x77b47000 C:\WINDOWS\system32\WININET.dll
0x76f10000 - 0x76f3d000 C:\WINDOWS\system32\WLDAP32.dll
0x77bd0000 - 0x77bd8000 C:\WINDOWS\system32\VERSION.dll
0x77390000 - 0x77492000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7c9d0000 - 0x7d1f3000 C:\WINDOWS\system32\SHELL32.dll
0x58b50000 - 0x58be7000 C:\WINDOWS\system32\comctl32.dll
0x5b090000 - 0x5b0c8000 C:\WINDOWS\system32\uxtheme.dll
0x651b0000 - 0x651d2000 C:\PROGRA~1\FICHIE~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x6af90000 - 0x6afee000 C:\Program Files\Fichiers communs\Symantec Shared\ccL40.dll
0x7c3a0000 - 0x7c41b000 C:\WINDOWS\system32\MSVCP71.dll
0x63000000 - 0x63014000 C:\WINDOWS\system32\SynTPFcs.dll
0x74690000 - 0x746db000 C:\WINDOWS\system32\MSCTF.dll
0x10000000 - 0x10008000 C:\WINDOWS\system32\TWVMHK.DLL
0x76010000 - 0x76075000 C:\WINDOWS\system32\MSVCP60.dll
0x75f10000 - 0x7600d000 C:\WINDOWS\system32\BROWSEUI.dll
0x20000000 - 0x20013000 C:\WINDOWS\system32\browselc.dll
0x77b50000 - 0x77b72000 C:\WINDOWS\system32\appHelp.dll
0x76f80000 - 0x76fff000 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 - 0x770d4000 C:\WINDOWS\system32\COMRes.dll
0x77170000 - 0x7720e000 C:\WINDOWS\system32\urlmon.dll
0x77fc0000 - 0x77fd1000 C:\WINDOWS\system32\Secur32.dll
0x765b0000 - 0x76606000 C:\WINDOWS\System32\cscui.dll
0x76590000 - 0x765ad000 C:\WINDOWS\System32\CSCDLL.dll
0x778e0000 - 0x779d8000 C:\WINDOWS\system32\SETUPAPI.dll
0x6a1f0000 - 0x6a212000 C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll
0x01ef0000 - 0x021ca000 C:\WINDOWS\system32\xpsp2res.dll
0x76960000 - 0x76a15000 C:\WINDOWS\system32\userenv.dll
0x023f0000 - 0x023fe000 C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
0x02450000 - 0x02486000 C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
0x024d0000 - 0x024de000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
0x024e0000 - 0x02527000 C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
0x76e90000 - 0x76ecc000 C:\WINDOWS\system32\RASAPI32.DLL
0x76e40000 - 0x76e52000 C:\WINDOWS\system32\rasman.dll
0x719f0000 - 0x71a07000 C:\WINDOWS\system32\WS2_32.dll
0x719e0000 - 0x719e8000 C:\WINDOWS\system32\WS2HELP.dll
0x76e60000 - 0x76e8f000 C:\WINDOWS\system32\TAPI32.dll
0x76e30000 - 0x76e3e000 C:\WINDOWS\system32\rtutils.dll
0x76ae0000 - 0x76b0f000 C:\WINDOWS\system32\WINMM.dll
0x7d4c0000 - 0x7d7a6000 C:\WINDOWS\system32\Mshtml.dll
0x74630000 - 0x74657000 C:\WINDOWS\system32\msls31.dll
0x71a10000 - 0x71a1a000 C:\WINDOWS\system32\wsock32.dll
0x77c40000 - 0x77c63000 C:\WINDOWS\system32\msv1_0.dll
0x76d10000 - 0x76d29000 C:\WINDOWS\system32\iphlpapi.dll
0x72220000 - 0x72225000 C:\WINDOWS\system32\sensapi.dll
0x02c30000 - 0x02c4e000 C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
0x77210000 - 0x772c1000 C:\WINDOWS\system32\SXS.DLL
0x02c70000 - 0x02c8c000 C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
0x02cd0000 - 0x02cea000 C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
0x02d10000 - 0x02d2f000 C:\WINDOWS\system32\dla\tfswshx.dll
0x02d30000 - 0x02d3f000 C:\WINDOWS\system32\tfswapi.dll
0x02d40000 - 0x02ddb000 C:\WINDOWS\system32\dla\tfswcres.dll
0x6d600000 - 0x6d62d000 C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
0x5f140000 - 0x5f157000 C:\WINDOWS\system32\OLEPRO32.DLL
0x66f70000 - 0x66f8a000 C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
0x6b350000 - 0x6b367000 C:\Program Files\Fichiers communs\Symantec Shared\ccVrTrst.dll
0x67160000 - 0x67163400 C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\SHEXTRES.DLL
0x02e20000 - 0x02f49000 c:\program files\google\googletoolbar2.dll
0x76310000 - 0x76315000 C:\WINDOWS\system32\MSIMG32.dll
0x02f70000 - 0x03002000 C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
0x03030000 - 0x0306d000 C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\mtbres.dll
0x748f0000 - 0x74a20000 C:\WINDOWS\system32\msxml3.dll
0x4d5e0000 - 0x4d638000 C:\WINDOWS\system32\WINHTTP.dll
0x75d30000 - 0x75dc1000 C:\WINDOWS\system32\mlang.dll
0x03980000 - 0x039d4000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
0x72f50000 - 0x72f76000 C:\WINDOWS\system32\WINSPOOL.DRV
0x039e0000 - 0x03a6e000 C:\WINDOWS\system32\shdoclc.dll
0x71990000 - 0x719d0000 C:\WINDOWS\system32\mswsock.dll
0x62e40000 - 0x62e99000 C:\WINDOWS\system32\hnetcfg.dll
0x719d0000 - 0x719d8000 C:\WINDOWS\System32\wshtcpip.dll
0x03850000 - 0x0385a000 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
0x04070000 - 0x04336000 C:\WINDOWS\system32\msi.dll
0x76ed0000 - 0x76ef7000 C:\WINDOWS\system32\DNSAPI.dll
0x76f70000 - 0x76f76000 C:\WINDOWS\system32\rasadhlp.dll
0x74660000 - 0x7468a000 C:\WINDOWS\system32\msimtf.dll
0x76320000 - 0x7633d000 C:\WINDOWS\system32\IMM32.DLL
0x325c0000 - 0x325d2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x75be0000 - 0x75c4e000 C:\WINDOWS\system32\jscript.dll
0x672b0000 - 0x672f0000 C:\WINDOWS\system32\iepeers.dll
0x761c0000 - 0x76231000 C:\WINDOWS\system32\mshtmled.dll
0x04f60000 - 0x04f72000 C:\Program Files\Dell\QuickSet\dadkeyb.dll
0x72c70000 - 0x72c79000 C:\WINDOWS\system32\wdmaud.drv
0x72c60000 - 0x72c68000 C:\WINDOWS\system32\msacm32.drv
0x77bb0000 - 0x77bc5000 C:\WINDOWS\system32\MSACM32.dll
0x77ba0000 - 0x77ba7000 C:\WINDOWS\system32\midimap.dll
0x73250000 - 0x732b7000 C:\WINDOWS\system32\vbscript.dll
0x73d20000 - 0x73e1e000 C:\WINDOWS\system32\MFC42.DLL
0x61d70000 - 0x61d7e000 C:\WINDOWS\system32\MFC42LOC.DLL
0x30000000 - 0x30222000 C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
0x76340000 - 0x7638a000 C:\WINDOWS\system32\comdlg32.dll
0x69000000 - 0x6900e000 C:\WINDOWS\system32\Macromed\Common\SwSupport.dll
0x6d8f0000 - 0x6d8fa000 C:\WINDOWS\system32\ddrawex.dll
0x736b0000 - 0x736f9000 C:\WINDOWS\system32\DDRAW.dll
0x73b10000 - 0x73b16000 C:\WINDOWS\system32\DCIMAN32.dll
0x5e430000 - 0x5e43d000 C:\WINDOWS\system32\PSTOREC.DLL
0x76ac0000 - 0x76ad1000 C:\WINDOWS\system32\ATL.DLL
0x71ca0000 - 0x71cbc000 C:\WINDOWS\system32\actxprxy.dll
0x6d590000 - 0x6d5a2000 C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
0x6d400000 - 0x6d417000 C:\Program Files\Java\jre1.5.0_06\bin\jpiexp32.dll
0x76f60000 - 0x76f68000 C:\WINDOWS\System32\winrnr.dll
0x6d450000 - 0x6d468000 C:\Program Files\Java\jre1.5.0_06\bin\jpishare.dll
0x6d670000 - 0x6d804000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\client\jvm.dll
0x6d280000 - 0x6d288000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\hpi.dll
0x76ba0000 - 0x76bab000 C:\WINDOWS\system32\PSAPI.DLL
0x6d640000 - 0x6d64c000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\verify.dll
0x6d300000 - 0x6d31d000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\java.dll
0x6d660000 - 0x6d66f000 C:\PROGRA~1\Java\JRE15~2.0_0\bin\zip.dll
0x6d000000 - 0x6d167000 C:\Program Files\Java\jre1.5.0_06\bin\awt.dll
0x73890000 - 0x73960000 C:\WINDOWS\system32\D3DIM700.DLL

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~2.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~2.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~2.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE15~2.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~2.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~2.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~2.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol vfprintf
java_command: <unknown>
Launcher Type: generic

Environment Variables:
PATH=C:\PROGRA~1\Java\JRE15~2.0_0\bin;C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;.
USERNAME=Seemi
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 1 family 6, cmov, cx8, fxsr, mmx, sse, sse2

Memory: 4k page, physical 515452k(129780k free), swap 1259452k(737504k free)

vm_info: Java HotSpot(TM) Client VM (1.5.0_06-b05) for windows-x86, built on Nov 10 2005 11:12:14 by "java_re" with MS VC++ 6.0

01/15/07 16:19:49 [Info]: BlackLight Engine 1.0.55 initialized
01/15/07 16:19:49 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/15/07 16:19:49 [Note]: 7019 4
01/15/07 16:19:49 [Note]: 7005 0
01/15/07 16:19:49 [Note]: 7006 0
01/15/07 16:20:02 [Note]: 7011 1976
01/15/07 16:20:02 [Note]: 8001 2
01/15/07 16:20:06 [Note]: FSRAW library version 1.7.1021
01/15/07 16:30:55 [Note]: 7007 0


01/15/07 16:17:34 [Info]: BlackLight Engine 1.0.55 initialized
01/15/07 16:17:34 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/15/07 16:17:35 [Note]: 7019 4
01/15/07 16:17:35 [Note]: 7005 0
01/15/07 16:17:35 [Note]: 7006 0
01/15/07 16:17:36 [Note]: 7011 1976
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:48 [Note]: FSRAW library version 1.7.1021
01/15/07 16:20:02 [Note]: 7007 0


rebonjour#2007 01 15%2015%3A48%3A57Logfile of HijackThis v1.99.1
Scan saved at 16:07:49, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\DOCUME~1\Seemi\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://fr.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [ONE MEMO PURE PLAN] C:\Documents and Settings\All Users\Application Data\BlueKindOneMemo\bonebend.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [deleteslow] C:\DOCUME~1\Seemi\APPLIC~1\CAMPIN~1\Regs the.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: E-Compagnon.lnk = C:\Program Files\ColiPoste\e-COMO\e-COMO.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe



01/15/07 16:17:34 [Info]: BlackLight Engine 1.0.55 initialized
01/15/07 16:17:34 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/15/07 16:17:35 [Note]: 7019 4
01/15/07 16:17:35 [Note]: 7005 0
01/15/07 16:17:35 [Note]: 7006 0
01/15/07 16:17:36 [Note]: 7011 1976
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:36 [Note]: 7026 0
01/15/07 16:17:48 [Note]: FSRAW library version 1.7.1021
01/15/07 16:20:02 [Note]: 7007 0
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Slt


Refais moi le rapport Bitdefender (regarde bien la démo)


Ouvre ce lien (merci a S!RI pour ce programme)
http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.

Regarde le tuto

Exécute le en choisissant l’option 1,
il va générer un rapport
Copie/colle le sur le poste stp.
Ajouter un commentaire
Réponse
+0
moins plus
Bonsoir Marie,

Voilà le rapport de BitDeffender ( je n'arrive pas à le coupier/coller) :
Temps: 01:24:48
Objets:360285
Repértoires:4804
Secteurs Boot:3
Archives:4544
Fichiers en paquets:35659
Aucun virus trouvé



SmitFraudFix v2.132

Rapport fait à 21:41:20,67, 16/01/2007
Executé à partir de C:\WINDOWS\BDOSCAN8\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Seemi


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Seemi\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Seemi\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Merci Marie.
Ajouter un commentaire
Réponse
+0
moins plus
Désolé Marie, c'est là le rapport de BitDefender:
BitDefender Online Scanner - Rapport virus en temps réel



Généré à: Tue, Jan 16, 2007 - 22:00:17


--------------------------------------------------------------------------------





Info d'analyse



Fichiers scannés
360782

Infectés Fichiers
0








Virus Détectés



Aucun virus trouvé.











--------------------------------------------------------------------------------



Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.





Merci.
Keruit- 17 janv. 2007 à 14:20
Bonjour Contempo,

Tu as deux barres de tâches qui ne sont pas signé par un copyright.

Il faut que tu les supprimes.

- Redémarre ton pc

- Fixes ces lignes avec HIJACKTHIS :

O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)

- Ensuite désactive la RESTAURATION DU SYSTEME

- Nettoie ton registre en profondeur avec CCLEANER

- Règle ton pare-feu sur une sensibilité moyenne
OU ALORS règle ton bouclier AVG sur "élevé"

- Redémarre ton pc

- Fais une analyse antivirus

Et dis moi ici même quel virus est détecté (ces deux barres de navigation internet doivent être incrustées de trojans backdoor, ceux là même qui ouvre des portes dérobées dans lesquelles s'engouffrent des fenêtres intempestives, des pubs et d'autres virus)
Répondre
^^Marie^^ 113608Messages postés mardi 6 septembre 2005Date d'inscription 22 mars 2015Dernière intervention contempo - 17 janv. 2007 à 14:58
Cotempo,
Je repasserai dans la sirée
Tu as un blème avec MSN

A++
Répondre
contempo 10Messages postés dimanche 7 janvier 2007Date d'inscription 20 janvier 2007Dernière intervention contempo - 17 janv. 2007 à 22:33
Bonsoir Keruit,

Merci pour ta collaboration à rsoudre le problème de pub intempéstive. Comme tu l'as proposé, j'ai éffectivement procédé étape par étape, mais malheureusement sans résultats probants.
Pas de virus détécté non plus.

Merci encore.
Répondre
^^Marie^^ 113608Messages postés mardi 6 septembre 2005Date d'inscription 22 mars 2015Dernière intervention contempo - 18 janv. 2007 à 07:08
Salut

On reprend,...

Fais ce qui suit
Merci


C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
http://www.ccleaner.com/ccdownload.asp
Tutorial ici:
http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :
http://www.ewido.net/en/download/
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport

E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
http://assiste.free.fr/p/antivirus_gratuits_en_ligne/antivirus_en_ligne.php
http://www.bitdefender.fr/scan8/ie.html
TUTO
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Copie/COLLE le rapport entier

F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++





Répondre
contempo 10Messages postés dimanche 7 janvier 2007Date d'inscription 20 janvier 2007Dernière intervention contempo - 19 janv. 2007 à 00:47
Salut Marie,

voilà ce que j'ai pu faire:

Logfile of HijackThis v1.99.1
Scan saved at 00:33:28, on 19/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [ONE MEMO PURE PLAN] C:\Documents and Settings\All Users\Application Data\BlueKindOneMemo\bonebend.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [deleteslow] C:\DOCUME~1\Seemi\APPLIC~1\CAMPIN~1\Regs the.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?e766757d3726471688d1b0886357a388
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe



AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 12:54:51 18/01/2007

+ Résultat de l'analyse:



C:\Documents and Settings\All Users\Application Data\BlueKindOneMemo\bonebend.exe -> Trojan.Inject.au : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Seemi\Application Data\camp intra type\otujblry.exe -> Trojan.Inject.au : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport



Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\system32\\DIMM.DLL"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\Real\\WeatherBug\\MiniBugTransporter.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\Symantec Shared\\SPManifests\\DJSNETCN.spm"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Windows.Forms.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.EnterpriseServices.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.JScript.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.Drawing.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscoree.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\mscorlib.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\System.tlb"=dword:00001000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Microsoft.NET\\Framework\\v1.0.3705\\Microsoft.Vsa.Vb.CodeDOMProcessor.tlb"=dword:00001000

[HKEY_CLASSES_ROOT\.IDAf]


[HKEY_CLASSES_ROOT\LK.Auto]


[HKEY_CLASSES_ROOT\mail]


[HKEY_CLASSES_ROOT\McciCPE.McciCPE2W2]


[HKEY_CLASSES_ROOT\OISbmpfile]
@=""


[HKEY_CLASSES_ROOT\OISemffile]
@=""


[HKEY_CLASSES_ROOT\OISgiffile]
@=""


[HKEY_CLASSES_ROOT\OISjpegfile]
@=""


[HKEY_CLASSES_ROOT\OISpngfile]
@=""


[HKEY_CLASSES_ROOT\OIStiffile]
@=""


[HKEY_CLASSES_ROOT\OISwmffile]
@=""


[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]


[HKEY_CLASSES_ROOT\wmpbd]
@=""


[HKEY_CLASSES_ROOT\WMPCD]


[HKEY_CLASSES_ROOT\WMTContent]
@=""


[HKEY_CLASSES_ROOT\WMTMedia]
@=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aom]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aom\OpenWithList]
"a"="AdobeDownloadManager.exe"
"MRUList"="ba"
"b"="iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aom\OpenWithProgids]
"AOM"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ask]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ask\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList]
"a"="realplay.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.conf]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.conf\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.key]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.key\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.key\OpenWithProgids]
"regfile"=hex(0):


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lpk]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lpk\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mez]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.part\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pf\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.r1m]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.r1m\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.r3t]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgs]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rjs]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rjt]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rt]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sbl]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sbl\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdp]
"Application"=""


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srt\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TT_]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TT_\OpenWithList]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WKS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WKS\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\OpenWithList]


[HKEY_CLASSES_ROOT\1_auto_file\shell\open]

[HKEY_CLASSES_ROOT\1_auto_file\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\realplay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\acrobat\DefaultIcon]
@="C:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AcroRd32.exe"


[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"

[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"


[HKEY_CLASSES_ROOT\Azureus\DefaultIcon]
@="C:\\Program Files\\Azureus\\Azureus.exe,0"


[HKEY_CLASSES_ROOT\Azureus\shell\open]

[HKEY_CLASSES_ROOT\Azureus\shell\open\command]
@="\"C:\\Program Files\\Azureus\\Azureus.exe\" \"%1\""


[HKEY_CLASSES_ROOT\cifile\DefaultIcon]
@="C:\\Program Files\\Club-Internet\\Lanceur\\lanceur.exe,0"


[HKEY_CLASSES_ROOT\cifile\shell\open]

[HKEY_CLASSES_ROOT\cifile\shell\open\command]
@="\"C:\\Program Files\\Club-Internet\\Lanceur\\lanceur.exe\" %1"


[HKEY_CLASSES_ROOT\ComPlusMetaData.MsCorHost]

[HKEY_CLASSES_ROOT\ComPlusMetaData.MsCorHost\CLSID]
@="{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}"


[HKEY_CLASSES_ROOT\ComPlusMetaData.MsCorHost.2]
@="Microsoft COM+ Runtime Meta Data"

[HKEY_CLASSES_ROOT\ComPlusMetaData.MsCorHost.2\CLSID]
@="{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}"


[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE,1"


[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE \"%1\""


[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE /settings \"%1\""


[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"


[HKEY_CLASSES_ROOT\DirectAnimation.PathControl]
@="Microsoft DirectAnimation Path"

[HKEY_CLASSES_ROOT\DirectAnimation.PathControl\CLSID]
@="{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}"


[HKEY_CLASSES_ROOT\DirectAnimation.Sequence]
@="Microsoft DirectAnimation Sequence"

[HKEY_CLASSES_ROOT\DirectAnimation.Sequence\CLSID]
@="{4F241DB1-EE9F-11D0-9824-006097C99E51}"


[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl]
@="Microsoft DirectAnimation Sequencer"

[HKEY_CLASSES_ROOT\DirectAnimation.SequencerControl\CLSID]
@="{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}"


[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl]
@="Microsoft DirectAnimation Sprite"

[HKEY_CLASSES_ROOT\DirectAnimation.SpriteControl\CLSID]
@="{FD179533-D86E-11D0-89D6-00A0C90833E6}"


[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl]
@="Microsoft DirectAnimation Structured Graphics"

[HKEY_CLASSES_ROOT\DirectAnimation.StructuredGraphicsControl\CLSID]
@="{369303C2-D7AC-11D0-89D5-00A0C90833E6}"


[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"


[HKEY_CLASSES_ROOT\ed2k\DefaultIcon]
@="C:\\Program Files\\eMule\\eMule.exe,0"


[HKEY_CLASSES_ROOT\ed2k\shell\open]

[HKEY_CLASSES_ROOT\ed2k\shell\open\command]
@="\"C:\\Program Files\\eMule\\eMule.exe\" \"%1\""


[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"


[HKEY_CLASSES_ROOT\HeaderFooter.HeaderFooter.1]
@="Template Printer class"

[HKEY_CLASSES_ROOT\HeaderFooter.HeaderFooter.1\CLSID]
@="{30c3f6cd-98b5-11cf-bb82-00aa00bdce0b}"


[HKEY_CLASSES_ROOT\IFO_auto_file\shell\open]

[HKEY_CLASSES_ROOT\IFO_auto_file\shell\open\command]
@="\"C:\\Program Files\\Azureus\\Azureus.exe\" \"%1\""


[HKEY_CLASSES_ROOT\igfx.CUITestConfig.1]
@="CUITestConfig Class"

[HKEY_CLASSES_ROOT\igfx.CUITestConfig.1\CLSID]
@="c"


[HKEY_CLASSES_ROOT\Magnet\DefaultIcon]
@="C:\\Program Files\\Azureus\\Azureus.exe,0"


[HKEY_CLASSES_ROOT\Magnet\shell\open]

[HKEY_CLASSES_ROOT\Magnet\shell\open\command]
@="\"C:\\Program Files\\Azureus\\Azureus.exe\" \"%1\""


[HKEY_CLASSES_ROOT\MailFileAtt]
@=""

[HKEY_CLASSES_ROOT\MailFileAtt\CLSID]
@="{00020D05-0000-0000-C000-000000000046}"


[HKEY_CLASSES_ROOT\mapifvbx.object]
@="MAPIForm object"

[HKEY_CLASSES_ROOT\mapifvbx.object\Clsid]
@="{41116C00-8B90-101B-96CD-00AA003B14FC}"


[HKEY_CLASSES_ROOT\mapifvbx.object.1]
@="MAPIForm object (V 1.0)"

[HKEY_CLASSES_ROOT\mapifvbx.object.1\Clsid]
@="{41116C00-8B90-101B-96CD-00AA003B14FC}"


[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"


[HKEY_CLASSES_ROOT\PaltalkFile\DefaultIcon]
@="C:\\Program Files\\Paltalk Messenger\\Paltalk.exe,0"


[HKEY_CLASSES_ROOT\PaltalkFile\shell\Open]

[HKEY_CLASSES_ROOT\PaltalkFile\shell\Open\Command]
@="C:\\Program Files\\Paltalk Messenger\\Paltalk.exe \"%1\""


[HKEY_CLASSES_ROOT\RealPlayer.MND.6\DefaultIcon]
@="C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe,2"


[HKEY_CLASSES_ROOT\RealPlayer.MND.6\shell\open]

[HKEY_CLASSES_ROOT\RealPlayer.MND.6\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\RealPlayer.MNS.6\DefaultIcon]
@="C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe,2"


[HKEY_CLASSES_ROOT\RealPlayer.MNS.6\shell\open]

[HKEY_CLASSES_ROOT\RealPlayer.MNS.6\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\RealPlayer.R3T.6\DefaultIcon]
@="C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe,1"


[HKEY_CLASSES_ROOT\RealPlayer.R3T.6\shell\open]

[HKEY_CLASSES_ROOT\RealPlayer.R3T.6\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\RealPlayer.REC.1\DefaultIcon]
@="C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe,1"


[HKEY_CLASSES_ROOT\RealPlayer.REC.1\shell\open]

[HKEY_CLASSES_ROOT\RealPlayer.REC.1\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\RichFX.VPG.1\DefaultIcon]
@="C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe,1"


[HKEY_CLASSES_ROOT\RichFX.VPG.1\shell\open]

[HKEY_CLASSES_ROOT\RichFX.VPG.1\shell\open\command]
@="\"C:\\Program Files\\Real\\RealOne Player\\RealPlay.exe\" \"%1\""


[HKEY_CLASSES_ROOT\RSSearch.CustomWordbreaker]
@="MSN Desktop Search Custom Word Breaker"

[HKEY_CLASSES_ROOT\RSSearch.CustomWordbreaker\CLSID]
@="{A373F27E-7B87-11D3-B1C1-00C04F68155C}"

[HKEY_CLASSES_ROOT\RSSearch.CustomWordbreaker\CurVer]
@="RSSearch.CustomWordbreaker.1"


[HKEY_CLASSES_ROOT\RSSearch.CustomWordbreaker.1]
@="MSN Desktop Search Custom Word Breaker"

[HKEY_CLASSES_ROOT\RSSearch.CustomWordbreaker.1\CLSID]
@="{A373F27E-7B87-11D3-B1C1-00C04F68155C}"


[HKEY_CLASSES_ROOT\SymAData.ActiveDataInfo]
@="ActiveDataInfo Class"

[HKEY_CLASSES_ROOT\SymAData.ActiveDataInfo\CLSID]
@="{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}"

[HKEY_CLASSES_ROOT\SymAData.ActiveDataInfo\CurVer]
@="SymAData.ActiveDataInfo.1"


[HKEY_CLASSES_ROOT\SymAData.ActiveDataInfo.1]
@="ActiveDataInfo Class"

[HKEY_CLASSES_ROOT\SymAData.ActiveDataInfo.1\CLSID]
@="{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}"


[HKEY_CLASSES_ROOT\SymWriter.pdb]
@="Pdb based SymWriter"

[HKEY_CLASSES_ROOT\SymWriter.pdb\CLSID]
@="{520DC67A-752E-11D3-8D56-00C04F680B2B}"


[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"


[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"


[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"


[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"


[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"


[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"


[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"


[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"


[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"


[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"


[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"


[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"


[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"


[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"


[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"


[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"


[HKEY_CLASSES_ROOT\uTorrent\shell\open]

[HKEY_CLASSES_ROOT\uTorrent\shell\open\command]
@="\"C:\\Program Files\\utorrent\\utorrent.exe\" \"%1\""


[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"


[HKEY_CLASSES_ROOT\CLSID\{0029EA03-63CA-442D-8EDC-3E624F0F7738}]
"AppID"="{635F4C33-355A-49EC-85FF-E3E6263E889A}"
@="LUCallback Class"

[HKEY_CLASSES_ROOT\CLSID\{0029EA03-63CA-442D-8EDC-3E624F0F7738}\InprocServer32]
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISLuCbk.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{0029EA03-63CA-442D-8EDC-3E624F0F7738}\ProgID]
@="ISLuCbk.LUCallback.1"

[HKEY_CLASSES_ROOT\CLSID\{0029EA03-63CA-442D-8EDC-3E624F0F7738}\TypeLib]
@="{56EBB89D-BB5A-4408-BA3F-04F68EB28690}"

[HKEY_CLASSES_ROOT\CLSID\{0029EA03-63CA-442D-8EDC-3E624F0F7738}\VersionIndependentProgID]
@="ISLuCbk.LUCallback"


[HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32]
@="C:\\Program Files\\MyWebSearch\\SrchAstt\\1.bin\\MWSSRCAS.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\Programmable]


[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]
@="ActiveXPlugin Object"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]
@="C:\\WINDOWS\\system32\\plugin.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]
@="Microsoft.ActiveXPlugin.1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]
@="C:\\WINDOWS\\system32\\plugin.ocx, 1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]
@="{06DD38D0-D187-11CF-A80D-00C04FD74AD8}"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]
@="Microsoft.ActiveXPlugin"


[HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
@="My &Web Search"

[HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32]
@="C:\\Program Files\\MyWebSearch\\bar\\1.bin\\MWSBAR.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib]
@="{07B18EA0-A523-4961-B6BB-170DE4475CCA}"


[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}]
@="Rule Class"

[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}\InprocServer32]
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISWrap.dll"
"ThreadingModel"="both"

[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}\ProgID]
@="CcFWSettg.Rule.1"

[HKEY_CLASSES_ROOT\CLSID\{096F54CF-6ED7-4725-AFBF-29C5AFF8BFAC}\VersionIndependentProgID]
@="CcFWSettg.Rule"


[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}]
@="Message Class"

[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}\InprocServer32]
@="C:\\PROGRA~1\\Skype\\toolbars\\SKYPEF~1\\SKYPEA~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}\ProgID]
@="SkypeAPIIE.Message.1"

[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}\TypeLib]
@="{7CEBBBBF-07C0-45d1-B086-337380F24ADC}"

[HKEY_CLASSES_ROOT\CLSID\{0AA89D54-52DA-4804-8198-E48DC4A9A6E5}\VersionIndependentProgID]
@="SkypeAPIIE.Message"


[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}]
@="UserInformation Class"

[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}\InprocServer32]
@="C:\\PROGRA~1\\Skype\\toolbars\\SKYPEF~1\\SKYPEA~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}\ProgID]
@="SkypeAPIIE.UserInformation.1"

[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}\TypeLib]
@="{7CEBBBBF-07C0-45d1-B086-337380F24ADC}"

[HKEY_CLASSES_ROOT\CLSID\{0D7089E7-20EA-4a04-A79D-23AB1D9E6E9A}\VersionIndependentProgID]
@="SkypeAPIIE.UserInformation"


[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}]
@="CddbWinamp5UI Class"

[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\InprocServer32]
@="C:\\Program Files\\Winamp\\Plugins\\cddbuiwinamp.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\ProgID]
@="CDDBUIControlWinamp5.CddbWinamp5UI.1"

[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\TypeLib]
@="{70891d64-b465-4e35-bbfa-6772bb37c966}"

[HKEY_CLASSES_ROOT\CLSID\{0dabacb1-1a16-4082-a610-3d0b3a2a94fc}\VersionIndependentProgID]
@="CDDBUIControlWinamp5.CddbWinamp5UI"


[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}]
"AppID"="{111C85E9-BB62-4528-A806-F0BE908E02F0}"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\InprocServer32]
@="\"C:\\PROGRA~1\\MSNMES~1\\msgsc.dll\""
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\LocalServer32]
@="\"C:\\PROGRA~1\\MSNMES~1\\msnmsgr.exe\""
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\ProgID]
@="MSNMessenger.ContactsPicker"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Programmable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{111C85E9-BB62-4528-A806-F0BE908E02F0}\VersionIndependentProgID]
@="MSNMessenger.ContactsPicker.1"


[HKEY_CLASSES_ROOT\CLSID\{1363FF65-F4D7-4A35-8DFD-BA9AFAAE6855}]
@="PSFactoryBuffer"

[HKEY_CLASSES_ROOT\CLSID\{1363FF65-F4D7-4A35-8DFD-BA9AFAAE6855}\InProcServer32]
@="c:\\progra~1\\mcafee.com\\vso\\naiannps.dll"
"ThreadingModel"="Both"


[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}]
@="Controller Class"
"AppID"="{1EB06D67-16AD-4E08-82D7-22A7B7C468C3}"

[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}\InprocServer32]
@="C:\\Program Files\\Microsoft Windows OneCare Live\\WinSSWebAgent.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}\ProgID]
@="WinSSWebAgent.Controller.1"

[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}\Programmable]
@=""

[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}\TypeLib]
@="{615B6FA5-128D-4A94-88DB-C79CE78333B5}"

[HKEY_CLASSES_ROOT\CLSID\{13EC55CF-D993-475B-9ACA-F4A384957956}\VersionIndependentProgID]
@="WinSSWebAgent.Controller"


[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}]
@="UserCollection Class"

[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}\InprocServer32]
@="C:\\PROGRA~1\\Skype\\toolbars\\SKYPEF~1\\SKYPEA~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}\ProgID]
@="SkypeAPIIE.UserCollection.1"

[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}\TypeLib]
@="{7CEBBBBF-07C0-45d1-B086-337380F24ADC}"

[HKEY_CLASSES_ROOT\CLSID\{15111E4F-017B-46ca-949B-1C410015F4C6}\VersionIndependentProgID]
@="SkypeAPIIE.UserCollection"


[HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}]
@=""
"AppID"="{183643C8-EE67-4574-9A38-927852E34163}"

[HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}\LocalServer32]
@="C:\\PROGRA~1\\Crawler\\CToolbar.exe"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}\ProgID]
@="CToolbar.TB4Server"

[HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}\TypeLib]
@="{506F578A-91E1-46CE-830F-E2F4268E9966}"

[HKEY_CLASSES_ROOT\CLSID\{183643C8-EE67-4574-9A38-927852E34163}\Version]
@="1.0"


[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}]
@="VSOInfoObject Class"

[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}\InprocServer32]
@="c:\\PROGRA~1\\mcafee.com\\vso\\vsoupd.dll"

[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}\ProgID]
@="Vsoupd.VSOInfoObject.1"

[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}\TypeLib]
@="{16D183F4-86B7-40A0-944C-A70D5E94B2C4}"

[HKEY_CLASSES_ROOT\CLSID\{1BCD38AE-A539-40D6-B448-04F20D47433F}\VersionIndependentProgID]
@="Vsoupd.VSOInfoObject"


[HKEY_CLASSES_ROOT\CLSID\{1FC5DE05-74EA-4A65-8EFF-35018D59CC16}]
@="StartGPRS.Application"
"AppID"="{1FC5DE05-74EA-4A65-8EFF-35018D59CC16}"

[HKEY_CLASSES_ROOT\CLSID\{1FC5DE05-74EA-4A65-8EFF-35018D59CC16}\InprocHandler32]
@="ole32.dll"

[HKEY_CLASSES_ROOT\CLSID\{1FC5DE05-74EA-4A65-8EFF-35018D59CC16}\LocalServer32]
@="C:\\DOCUME~1\\Seemi\\MESDOC~1\\HASSAN~1\\GPRSv2\\STARTG~1.EXE"

[HKEY_CLASSES_ROOT\CLSID\{1FC5DE05-74EA-4A65-8EFF-35018D59CC16}\ProgID]
@="StartGPRS.Application"


[HKEY_CLASSES_ROOT\CLSID\{246137A9-56C9-41b3-A35F-1CE793118640}]
@="ChatCollection Class"

[HKEY_CLASSES_ROOT\CLSID\{246137A9-56C9-41b3-A35F-1CE793118640}\InprocServer32]
@="C:\\PROGRA~1\\Skype\\toolbars\\SKYPEF~1\\SKYPEA~1.DLL"
"ThreadingModel"="both"

[HKEY_CLASSES_ROOT\CLSID\{246137A9-56C9-41b3-A35F-1CE793118640}\ProgID]
@="SkypeAPIIE.ChatCollection.1"

[HKEY_CLASSES_ROOT\CLSID\{246137A9-56C9-41b3-A35F-1CE793118640}\VersionIndependentProgID]
@="SkypeAPIIE.ChatCollection"


[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}]
@="DataCtrl Class"

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Control]

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32]
@="C:\\Program Files\\MyWebSearch\\bar\\1.bin\\F3DTACTL.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1]
@="132497"

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib]
@="{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}"

[HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version]
@="1.0"


[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}]
@="AccBtn.AccCmd"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Control]
@=""

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}]

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}]

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}]

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}]

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\InprocServer32]
@="C:\\Documents and Settings\\Seemi\\Mes documents\\Hassan Documents\\GPRSv2\\acccmd.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\MiscStatus\1]
@="135569"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\ProgID]
@="AccBtn.AccCmd"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\ToolboxBitmap32]
@="C:\\Documents and Settings\\Seemi\\Mes documents\\Hassan Documents\\GPRSv2\\acccmd.ocx, 30000"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\TypeLib]
@="{D1E1396C-7195-4274-BE77-3465569B3AC8}"

[HKEY_CLASSES_ROOT\CLSID\{25B34409-DE03-414A-AAB3-ABEAC84A2EAE}\VERSION]
@="3.2"


[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}]
@="accmenu.pcMouse"

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}]

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\InprocServer32]
@="C:\\Documents and Settings\\Seemi\\Mes documents\\Hassan Documents\\GPRSv2\\accmenu.dll"

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\ProgID]
@="accmenu.pcMouse"

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\TypeLib]
@="{84574483-4332-47A3-AB14-00E68D59B384}"

[HKEY_CLASSES_ROOT\CLSID\{27BBFFB1-14D8-4796-A992-970196F54B89}\VERSION]
@="1.2"


[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}]
@="ASAPEnvelope Class"

[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}\InprocServer32]
@="C:\\Program Files\\SpamBlockerUtility\\Bin\\4.7.1.0\\ASAPCom.dll"
"ThreadingModel"="Both"

[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}\ProgID]
@="ASAPCom.ASAPEnvelope.1"

[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}\TypeLib]
@="{BCE2E826-D0F5-41C8-97BE-28A6F540CEEB}"

[HKEY_CLASSES_ROOT\CLSID\{286E500C-EF0A-4AA3-A94D-E495F653EF4B}\VersionIndependentProgID]
@="ASAPCom.ASAPEnvelope"


[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}]
@="SymHomeNetCore Class"

[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}\InprocServer32]
"ThreadingModel"="Apartment"
@="C:\\Program Files\\Norton AntiVirus\\IWP\\HNetCore.dll"

[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}\ProgID]
@="HomeNetCore.SymHomeNetCore.1"

[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}\TypeLib]
@="{A7336B62-3374-4D2F-8C3F-946D6A9DE725}"

[HKEY_CLASSES_ROOT\CLSID\{2A20B6AF-7CC0-4F0F-B3B7-073E7F1388A1}\VersionIndependentProgID]
@="HomeNetCore.SymHomeNetCore"


[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}]
@="MiniBugTransporterX Class"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Control]

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\InprocServer32]
@="C:\\Program Files\\Fichiers communs\\Real\\WeatherBug\\MiniBugTransporter.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\MiscStatus\1]
@="132497"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\ProgID]
@="MiniBugTransporter.MiniBugTransporterX.1"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\ToolboxBitmap32]
@="C:\\Program Files\\Fichiers communs\\Real\\WeatherBug\\MiniBugTransporter.dll, 101"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\TypeLib]
@="{3C2D2A1E-031F-4397-9614-87C932A848E0}"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}\VersionIndependentProgID]
@="MiniBugTransporter.MiniBugTransporterX"


[HKEY_CLASSES_ROOT\CLSID\{305F5F49-F5B1-4501-BDDF-712C5E67154A}]
@="McAfee.com VirusScan Online Realtime Engine"
"AppID"="{B39A807E-9ED1-48b9-BF0D-2FADE4302288}"

[HKEY_CLASSES_ROOT\CLSID\{305F5F49-F5B1-4501-BDDF-712C5E67154A}\LocalServer32]
@="c:\\program files\\mcafee.com\\vso\\mcvsrte.exe"


[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}]
@="ASAPMessage Class"

[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}\InprocServer32]
@="C:\\Program Files\\SpamBlockerUtility\\Bin\\4.7.1.0\\ASAPCom.dll"
"ThreadingModel"="Both"

[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}\ProgID]
@="ASAPCom.ASAPMessage.1"

[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}\TypeLib]
@="{BCE2E826-D0F5-41C8-97BE-28A6F540CEEB}"

[HKEY_CLASSES_ROOT\CLSID\{319260AB-BE0C-4025-8569-7A27ED2FAAB9}\VersionIndependentProgID]
@="ASAPCom.ASAPMessage"


[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}]
@="Mcafee PC Clinic Edisk Class"

[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}\InprocServer32]
@="c:\\program files\\mcafee.com\\vso\\edisk.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}\ProgID]
@="McAfee.PCC.Edisk.1"

[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}\TypeLib]
@="{340A0143-9DC7-11D3-9A01-005004677EF4}"

[HKEY_CLASSES_ROOT\CLSID\{340A0150-9DC7-11D3-9A01-005004677EF4}\VersionIndependentProgID]
@="McAfee.PCC.Edisk"


[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}]
@="ApplicationList Class"

[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}\InprocServer32]
"ThreadingModel"="both"
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISWrap.dll"

[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}\ProgID]
@="CcFWSettg.ApplicationList.1"

[HKEY_CLASSES_ROOT\CLSID\{387A3FA2-53F4-445F-99A8-18039DF74E39}\VersionIndependentProgID]
@="CcFWSettg.ApplicationList"


[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}]
@="CategoryList Class"

[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}\InprocServer32]
"ThreadingModel"="both"
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISWrap.dll"

[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}\ProgID]
@="CcFWSettg.CategoryList.1"

[HKEY_CLASSES_ROOT\CLSID\{38D30597-1F3A-431F-8679-846677A8B392}\VersionIndependentProgID]
@="CcFWSettg.CategoryList"


[HKEY_CLASSES_ROOT\CLSID\{3C78B8E2-6C4D-11D1-ADE2-0000F8754B99}]
@="WAV Dest"

[HKEY_CLASSES_ROOT\CLSID\{3C78B8E2-6C4D-11D1-ADE2-0000F8754B99}\InprocServer32]
@="C:\\Documents and Settings\\Seemi\\Mes documents\\Hassan Documents\\bin\\wavdest.ax"
"ThreadingModel"="Both"


[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}]
@="MyWebSearch HTML"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Control]

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32]
@="C:\\Program Files\\MyWebSearch\\bar\\1.bin\\M3HTML.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID]
@="MyWebSearch.HTMLPanel.1"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib]
@="{3E720450-B472-4954-B7AA-33069EB53906}"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID]
@="MyWebSearch.HTMLPanel"


[HKEY_CLASSES_ROOT\CLSID\{4134B481-6195-4790-8E4D-586405902274}]
@="Chat Class"

[HKEY_CLASSES_ROOT\CLSID\{4134B481-6195-4790-8E4D-586405902274}\InprocServer32]
@="C:\\PROGRA~1\\Skype\\toolbars\\SKYPEF~1\\SKYPEA~1.DLL"
"ThreadingModel"="both"

[HKEY_CLASSES_ROOT\CLSID\{4134B481-6195-4790-8E4D-586405902274}\ProgID]
@="SkypeAPIIE.Chat.1"

[HKEY_CLASSES_ROOT\CLSID\{4134B481-6195-4790-8E4D-586405902274}\VersionIndependentProgID]
@="SkypeAPIIE.Chat"


[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}]
@="Location Class"

[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}\InprocServer32]
"ThreadingModel"="both"
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISWrap.dll"

[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}\ProgID]
@="CcFWSettg.Location.1"

[HKEY_CLASSES_ROOT\CLSID\{41C4D969-6F04-405d-A186-7B8ACBAA1C1B}\VersionIndependentProgID]
@="CcFWSettg.Location"


[HKEY_CLASSES_ROOT\CLSID\{45AD9C63-B8EE-4487-970B-F7FA2F6EE9CD}]
@="ZoneList Class"

[HKEY_CLASSES_ROOT\CLSID\{45AD9C63-B8EE-4487-970B-F7FA2F6EE9CD}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{45AD9C63-B8EE-4487-970B-F7FA2F6EE9CD}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{45AD9C63-B8EE-4487-970B-F7FA2F6EE9CD}\InprocServer32]
@="C:\\Program Files\\Norton AntiVirus\\IWP\\ISWrap.dll"
"ThreadingModel"="both"
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour,

Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
Télécharger ces logiciels (sauf si tu les as)
A utiliser plus tard

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
http://www.ccleaner.com/ccdownload.asp
Tutorial ici:
http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

D - Ewido
http://www.malekal.com/tutorial_ewidoV4.html
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage

Coche « afficher les fichiers et dossiers cachés »

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.

Et appliquer !
=================================
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 - HKLM\..\Run: [ONE MEMO PURE PLAN] C:\Documents and Settings\All Users\Application Data\BlueKindOneMemo\bonebend.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [deleteslow] C:\DOCUME~1\Seemi\APPLIC~1\CAMPIN~1\Regs the.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/...
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)





Supprime dans ajout / supp

MSN SEARCH Toolbar
Allocam Multi Vision


Je dois vérifier
O8 - Extra context menu item: Crawler Search - tbr:iemenu
============ ============================
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
¤Vide tes fichiers temps et temporary internet file:

Maintenant tu lances
A/ Ad-Aware supprime quarantaine
B/ Spybot Supprime quarantaine
C/ Ccleaner Ewido Copier/coller le rapport
D/
----------------------------------------------------------------------------
¤ Vide ta Corbeille.
----------------------------------------------------------------------------
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

Tiens nous au courant

A+
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour Marie,

j'ai suivé toutes la procédure, ce qui a permis de dégager une fois pour toute les charmants visages de telle ou tel éxpèrt des astres, de la roulette ou du bien roulée lol.

Je tiens à te remercier pour le temps que tu m'as consacré, ton aide et ta patience. A travers toi, je remercie aussi le Ccm et tous ceux qui aident des nouvices du net comme moi.

Here you are, le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 12:45:53, on 20/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60107
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60107
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [deleteslow] C:\DOCUME~1\Seemi\APPLIC~1\CAMPIN~1\Regs the.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by124w.bay124.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Thanks so much Marie and Ccm.
Ajouter un commentaire
Réponse
+0
moins plus
Bonne route

A+
Ajouter un commentaire
Ce document intitulé «  mon ordi est assailli de pub  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.