Se connecter avec
S'enregistrer | Connectez-vous

Fenetre intempestives , tres tres coriace

Dernière réponse : dans Sécurité

bonjours a tous ,

J'ai un tres gros probleme avec internet , que ce soit avce IE ou mozilla des fenetres apparaissent atout moment .
Meme quand je joue sa me fait un retour windows , ou encore juste le fait d'avoir lancer IE ou Mozilla.
En plus de sa le titre de la page internet qui google quand je lance IE est "Google - lol" .

Comme c'est le pc de mon frere je ne sait pas ce qu'il a fait mais c'est tres embetant.

Voila le log de hijack :

Logfile of HijackThis v1.99.1
Scan saved at 11:45:26, on 29/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Aware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Yvan\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [WinampAgent] D:\Musique\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe
O4 - HKCU\..\Run: [Skype] "D:\Jeux\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\WinHTTrack\WinHTTrackIEBar.dll (file missing)
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\WinHTTrack\WinHTTrackIEBar.dll (file missing)
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~2\COPERN~1.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: bw+0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {863B88C5-B4B6-4969-AF68-5335F7AF9E77} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\lvl4093qe.dll
O20 - Winlogon Notify: LBTServ - C:\Program Files\Fichiers communs\Logitech\Bluetooth\lbtserv.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

je passe regulierement Spybot et antivir , il ne trouve rien a propos de sa .
mais en passant adware il m'a trouver un fichier interessant : nlcspfrd.dll enifn je me souvient pu exactement mais c'est presque sa .
les antivirus en ligne ne marche pas avec moi les active X bug :( .

J'ai aussi un Cmdservices ou Commandservice qui est indecrotable , Altnet depuis des lustres et coolwebsearch .
voila


Autres pages sur : fenetre intempestives tres tres coriace

Lassé par la pub ? Créez un compte

ok je vai faire sa .

Mais voila le nom exaxte du fichier impossible a suprimer que adware ma trouver .
j'ai aussi trouve le fichier qu'il creer le probleme c'est qu'il en recrer avec a peu pres le meme nom snif.

nlscplfr.dll

merci bcp

probleme sa fait 4 fois que je lance le programme et i plante a 100% quand il verifie les registre .
il trouve bien le virus que tu ma dit me je usis obliger de faire ctrl+alt+suppr pour stoper le prog.
Et meme la derniere tentative c'est solder par un reboot (ecran bleu) preceder d'une lenteur incroyable du pc.

Essaie ceci :

1/ Télécharge l2mfix.exe
Mets-le sur ton bureau.
Double-clic sur l2mfix.exe
A la 1ère question clic sur Accept, ensuite clic sur Install

2/ Ouvre le dossier l2mfix créé sur le bureau puis double-clic sur L2Mfix.bat
Ensuite choisis l'option 1 puis Entrée
Poste ce 1er rapport.

3/ Ensuite ferme tous les programmes parce qu'il va y avoir reboot automatique
Ouvre le dossier l2mfix créé sur le bureau puis double-clic sur L2Mfix.bat
Ensuite choisis l'option 2 puis Entrée
Puis appuie sur n'importe quelle touche pour redémarrer l'ordinateur
Après redémarrage, le bureau et les icônes vont apparaître puis disparaître, c'est normal ! Et un nouveau rapport va apparaître à l'écran.
>> Si après redémarrage les icônes n'apparaissent/disparaissent pas ou si le rapport n'apparaît pas, alors ouvre le dossier l2mfix et lance second.bat
Enfin poste ce 2ème rapport avec un nouveau rapport HJT.

Il n'y a pas de fichier en .bat mais un en ms dos .

je l'ai lancer et voila :

L2MFIX find log 010406
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTServ]
"DLLName"="C:\\Program Files\\Fichiers communs\\Logitech\\Bluetooth\\lbtserv.dll"
"Startup"="OnWlxStartup"
"Logon"="OnWlxLogon"
"Logoff"="OnWlxLogoff"
"StartShel"="OnWlxStartShell"
"Asynchronous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\lvl4093qe.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{0160933E-A236-3AF5-8EDF-E8E1E4116823}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v7"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}"="P‚riph‚riques Plug and Play universels"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{ED65AC21-B24F-11d3-BA80-00C0CA16AA37}"="Siemens Device"
"{ED65AC22-B24F-11d3-BA80-00C0CA16AA37}"="Siemens Device ContextMenuHandler"
"{ED65AC23-B24F-11d3-BA80-00C0CA16AA37}"="Siemens SX1 PropertySheetHandler"
"{D62D7681-03C3-4908-A32B-18D3B1E00B59}"=""
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{BDF66539-4D78-4499-8F8F-A9C3335E9423}"=""
"{B1531BEF-742D-480E-9976-0F6A106CBC86}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\InprocServer32]
@="C:\\WINDOWS\\system32\\wjcdlg.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\InprocServer32]
@="C:\\WINDOWS\\system32\\cmtdll.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\InprocServer32]
@="C:\\WINDOWS\\system32\\aeifile.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
aeifile.dll Sun 29 Jan 2006 12:32:16 ..... 236 090 230,55 K
azam09~1.dll Wed 18 Jan 2006 18:54:58 ..S.R 236 014 230,48 K
bccoreif.dll Wed 30 Nov 2005 20:03:02 ..S.R 236 743 231,19 K
browseui.dll Thu 24 Nov 2005 1:08:34 A.... 1 022 976 999,00 K
c200lc~1.dll Mon 23 Jan 2006 17:36:48 ..S.R 236 504 230,96 K
cal3dv2.dll Wed 18 Jan 2006 20:28:46 ..S.R 235 559 230,04 K
cmtdll.dll Sun 22 Jan 2006 13:48:36 ..S.R 236 513 230,97 K
d6j00g~1.dll Fri 25 Nov 2005 17:45:12 ..S.R 237 009 231,45 K
d6j02g~1.dll Thu 10 Nov 2005 8:19:10 ..S.R 235 412 229,89 K
d80m0i~1.dll Wed 4 Jan 2006 11:18:04 ..S.R 234 123 228,63 K
d80mli~1.dll Sun 15 Jan 2006 20:03:12 ..S.R 235 231 229,71 K
danim.dll Sat 5 Nov 2005 4:17:22 A.... 1 056 768 1,01 M
dcj02g~1.dll Sat 3 Dec 2005 8:45:00 ..S.R 234 108 228,62 K
dn4m01~1.dll Fri 25 Nov 2005 17:09:04 ..S.R 237 134 231,57 K
dn6801~1.dll Tue 27 Dec 2005 8:32:52 ..S.R 236 749 231,20 K
en02l1~1.dll Fri 13 Jan 2006 18:17:04 ..S.R 234 123 228,63 K
en44l1~1.dll Sun 29 Jan 2006 10:41:04 ..S.R 233 968 228,48 K
en6ol1~1.dll Sat 12 Nov 2005 17:41:18 ..S.R 233 928 228,45 K
enlol1~1.dll Sun 29 Jan 2006 10:32:44 ..S.R 233 913 228,43 K
f0l02a~1.dll Sun 15 Jan 2006 9:55:42 ..S.R 236 153 230,62 K
f42m0e~1.dll Thu 10 Nov 2005 11:34:58 ..S.R 237 177 231,62 K
f8j20i~1.dll Sat 14 Jan 2006 8:28:42 ..S.R 234 123 228,63 K
fnl021~1.dll Fri 13 Jan 2006 19:40:48 ..S.R 234 123 228,63 K
fp0s03~1.dll Wed 7 Dec 2005 13:58:22 ..S.R 233 599 228,12 K
fp6003~1.dll Wed 30 Nov 2005 18:28:02 ..S.R 233 975 228,49 K
fp8s03~1.dll Sun 27 Nov 2005 8:20:56 ..S.R 233 975 228,49 K
fpnu03~1.dll Sun 11 Dec 2005 8:29:22 ..S.R 235 512 229,99 K
g0220a~1.dll Sun 25 Dec 2005 19:09:26 ..S.R 234 431 228,93 K
g2220c~1.dll Sun 29 Jan 2006 12:14:26 ..S.R 236 090 230,55 K
g2jo0c~1.dll Sun 1 Jan 2006 2:25:34 ..S.R 236 101 230,57 K
g804li~1.dll Sun 25 Dec 2005 16:34:50 ..S.R 235 619 230,09 K
gdi32.dll Thu 29 Dec 2005 3:56:04 A.... 280 064 273,50 K
gp2ml3~1.dll Wed 9 Nov 2005 17:49:32 ..S.R 236 535 230,99 K
gp82l3~1.dll Sat 3 Dec 2005 11:45:06 ..S.R 237 065 231,51 K
gplql3~1.dll Tue 24 Jan 2006 10:50:02 ..S.R 235 502 229,98 K
gpnul3~1.dll Sun 15 Jan 2006 8:50:38 ..S.R 236 076 230,54 K
h4l2le~1.dll Mon 9 Jan 2006 20:07:56 ..S.R 234 123 228,63 K
hr4q05~1.dll Sun 1 Jan 2006 2:43:10 ..S.R 234 123 228,63 K
hr6s05~1.dll Wed 2 Nov 2005 12:58:40 ..S.R 236 115 230,58 K
hrjq05~1.dll Sat 12 Nov 2005 10:53:00 ..S.R 233 505 228,03 K
hrnu05~1.dll Sat 24 Dec 2005 18:35:50 ..S.R 235 166 229,65 K
hrp605~1.dll Thu 22 Dec 2005 22:02:48 ..S.R 235 681 230,16 K
hrrs05~1.dll Sun 8 Jan 2006 20:50:44 ..S.R 234 123 228,63 K
i2600c~1.dll Sat 21 Jan 2006 11:46:50 ..S.R 234 996 229,49 K
i260lc~1.dll Sat 14 Jan 2006 22:12:58 ..S.R 234 123 228,63 K
ihcvid.dll Sat 21 Jan 2006 15:47:08 ..S.R 234 575 229,07 K
ir0sl5~1.dll Sun 27 Nov 2005 12:04:08 ..S.R 235 680 230,16 K
ir48l5~1.dll Mon 23 Jan 2006 20:14:26 ..S.R 235 502 229,98 K
irrql5~1.dll Wed 25 Jan 2006 8:35:00 ..S.R 237 097 231,54 K
j44o0e~1.dll Sat 26 Nov 2005 11:31:24 ..S.R 234 319 228,82 K
j6l40g~1.dll Thu 12 Jan 2006 21:41:18 ..S.R 234 123 228,63 K
j8l40i~1.dll Sun 27 Nov 2005 17:37:56 ..S.R 234 413 228,92 K
jtrs07~1.dll Wed 30 Nov 2005 13:38:42 ..S.R 234 772 229,27 K
k044la~1.dll Thu 24 Nov 2005 10:03:36 ..S.R 233 968 228,48 K
k662lg~1.dll Fri 11 Nov 2005 11:05:26 ..S.R 237 053 231,50 K
kidusx.dll Mon 26 Dec 2005 11:28:04 ..S.R 234 211 228,72 K
kj62lg~1.dll Sun 25 Dec 2005 16:34:50 ..S.R 234 211 228,72 K
kt02l7~1.dll Sun 29 Jan 2006 12:06:08 ..S.R 236 090 230,55 K
kt2ml7~1.dll Wed 30 Nov 2005 20:03:02 ..S.R 233 811 228,33 K
kt8ul7~1.dll Fri 27 Jan 2006 21:18:40 ..S.R 234 241 228,75 K
l02sla~1.dll Mon 2 Jan 2006 12:20:22 ..S.R 234 123 228,63 K
l4n40e~1.dll Sun 20 Nov 2005 1:36:42 ..S.R 233 475 228,00 K
l64q0g~1.dll Sun 6 Nov 2005 10:32:22 ..S.R 235 958 230,43 K
l6n40g~1.dll Sun 29 Jan 2006 11:24:04 ..S.R 236 090 230,55 K
lgwvc12n.dll Thu 19 Jan 2006 8:11:02 ..S.R 234 162 228,67 K
lv0u09~1.dll Sun 29 Jan 2006 12:28:32 ..S.R 236 090 230,55 K
lv4q09~1.dll Thu 26 Jan 2006 11:01:42 ..S.R 235 502 229,98 K
lv8m09~1.dll Wed 21 Dec 2005 7:45:04 ..S.R 235 836 230,31 K
lvl409~1.dll Sun 29 Jan 2006 0:09:24 ..S.R 236 090 230,55 K
lvlm09~1.dll Fri 13 Jan 2006 21:05:28 ..S.R 234 123 228,63 K
mcxml.dll Wed 30 Nov 2005 18:43:18 ..S.R 235 367 229,85 K
mfwebdvd.dll Thu 19 Jan 2006 11:50:18 ..S.R 235 808 230,28 K
mshtml.dll Thu 24 Nov 2005 1:08:36 A.... 3 013 632 2,87 M
mvpql9~1.dll Sun 22 Jan 2006 7:35:44 ..S.R 234 037 228,55 K
njwrspt.dll Sun 20 Nov 2005 9:44:44 ..S.R 237 053 231,50 K
o8lu0i~1.dll Sat 26 Nov 2005 13:00:08 ..S.R 234 913 229,41 K
ohethk32.dll Sun 27 Nov 2005 8:22:12 ..S.R 233 975 228,49 K
p26s0c~1.dll Mon 26 Dec 2005 11:28:04 ..S.R 234 973 229,46 K
p2p6lc~1.dll Sat 12 Nov 2005 17:10:30 ..S.R 234 084 228,60 K
pdmas.dll Mon 23 Jan 2006 9:16:10 ..S.R 236 513 230,97 K
qjvd.dll Tue 15 Nov 2005 11:11:04 ..S.R 237 053 231,50 K
r8r6li~1.dll Thu 15 Dec 2005 22:28:56 ..S.R 233 818 228,34 K
s6rslg~1.dll Mon 9 Jan 2006 18:59:22 ..S.R 234 123 228,63 K
shdocvw.dll Thu 1 Dec 2005 5:01:16 A.... 1 492 992 1,42 M
sotrmit.dll Sun 6 Nov 2005 10:32:22 ..S.R 235 412 229,89 K
svorprop.dll Sun 22 Jan 2006 18:11:06 ..S.R 236 232 230,70 K
t2r80c~1.dll Sun 25 Dec 2005 19:45:06 ..S.R 235 103 229,59 K
urlmon.dll Sat 5 Nov 2005 4:17:26 A.... 606 208 592,00 K
vo5db.dll Mon 23 Jan 2006 11:26:12 ..S.R 236 654 231,11 K
wjcdlg.dll Mon 9 Jan 2006 10:39:24 ..S.R 234 123 228,63 K

90 items found: 90 files (83 H/S), 0 directories.
Total of file sizes: 27 228 528 bytes 25,96 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
guard.tmp Sun 29 Jan 2006 12:33:16 ..S.R 236 090 230,55 K

1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 236 090 bytes 230,55 K
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est A434-9CAD

R‚pertoire de C:\WINDOWS\System32

29/01/2006 12:40 <REP> dllcache
29/01/2006 12:33 236ÿ090 guard.tmp
29/01/2006 12:28 236ÿ090 lv0u09d9e.dll
29/01/2006 12:14 236ÿ090 g2220cfoef2c0.dll
29/01/2006 12:06 236ÿ090 kt02l7do1.dll
29/01/2006 11:24 236ÿ090 l6n40g5qe6.dll
29/01/2006 10:41 233ÿ968 en44l1hq1.dll
29/01/2006 10:32 233ÿ913 enlol1331.dll
29/01/2006 00:09 236ÿ090 lvl4093qe.dll
27/01/2006 21:18 234ÿ241 kt8ul7l91.dll
26/01/2006 11:01 235ÿ502 lv4q09h5e.dll
25/01/2006 08:34 237ÿ097 irrql5951.dll
24/01/2006 10:50 235ÿ502 gplql3351.dll
23/01/2006 20:14 235ÿ502 ir48l5hu1.dll
23/01/2006 17:36 236ÿ504 c200lcdm1f0a.dll
23/01/2006 11:26 236ÿ654 VO5DB.DLL
23/01/2006 09:16 236ÿ513 pdmas.dll
22/01/2006 18:11 236ÿ232 svorprop.dll
22/01/2006 13:48 236ÿ513 cmtdll.dll
22/01/2006 07:35 234ÿ037 mvpql9751.dll
21/01/2006 15:47 234ÿ575 ihcvid.dll
21/01/2006 11:46 234ÿ996 i2600cjmefoa0.dll
19/01/2006 11:50 235ÿ808 mfwebdvd.dll
19/01/2006 08:11 234ÿ162 Lgwvc12n.dll
18/01/2006 20:28 235ÿ559 cal3dv2.dll
18/01/2006 18:54 236ÿ014 azam0931e.dll
15/01/2006 20:03 235ÿ231 d80mlid1180.dll
15/01/2006 09:55 236ÿ153 f0l02a3mgd.dll
15/01/2006 08:50 236ÿ076 gpnul3591.dll
14/01/2006 22:12 234ÿ123 i260lcjm1foa.dll
14/01/2006 08:28 234ÿ123 f8j20i1oe8.dll
13/01/2006 21:05 234ÿ123 lvlm0931e.dll
13/01/2006 19:40 234ÿ123 fnl0213mg.dll
13/01/2006 18:17 234ÿ123 en02l1do1.dll
12/01/2006 21:41 234ÿ123 j6l40g3qe6.dll
09/01/2006 20:07 234ÿ123 h4l2le3o1h.dll
09/01/2006 18:59 234ÿ123 s6rslg9716.dll
09/01/2006 10:39 234ÿ123 wjcdlg.dll
08/01/2006 20:50 234ÿ123 hrrs0597e.dll
04/01/2006 11:18 234ÿ123 d80m0id1e80.dll
02/01/2006 12:20 234ÿ123 l02slaf71d2.dll
01/01/2006 02:43 234ÿ123 hr4q05h5e.dll
01/01/2006 02:25 236ÿ101 g2jo0c13ef.dll
27/12/2005 08:32 236ÿ749 dn6801jue.dll
26/12/2005 11:28 234ÿ211 kidusx.dll
26/12/2005 11:28 234ÿ973 p26s0cj7efo.dll
25/12/2005 19:45 235ÿ103 t2r80c9uef.dll
25/12/2005 19:09 234ÿ431 g0220afoed2c0.dll
25/12/2005 16:34 234ÿ211 kJ62lgjo16oc.dll
25/12/2005 16:34 235ÿ619 g804lidq180e.dll
24/12/2005 18:35 235ÿ166 hrnu0559e.dll
22/12/2005 22:02 235ÿ681 hrp6057se.dll
21/12/2005 07:45 235ÿ836 lv8m09l1e.dll
15/12/2005 22:28 233ÿ818 r8r6li9s18.dll
11/12/2005 08:29 235ÿ512 fpnu0359e.dll
07/12/2005 13:58 233ÿ599 fp0s03d7e.dll
03/12/2005 11:45 237ÿ065 gp82l3lo1.dll
03/12/2005 08:44 234ÿ108 dCj02g1mg6.dll
30/11/2005 20:03 236ÿ743 BcCoreIf.dll
30/11/2005 20:03 233ÿ811 kt2ml7f11.dll
30/11/2005 18:43 235ÿ367 mcxml.dll
30/11/2005 18:28 233ÿ975 fp6003jme.dll
30/11/2005 13:38 234ÿ772 jtrs0797e.dll
27/11/2005 17:37 234ÿ413 j8l40i3qe8.dll
27/11/2005 12:04 235ÿ680 ir0sl5d71.dll
27/11/2005 08:22 233ÿ975 ohethk32.dll
27/11/2005 08:20 233ÿ975 fp8s03l7e.dll
26/11/2005 13:00 234ÿ913 o8lu0i39e8.dll
26/11/2005 11:31 234ÿ319 j44o0eh3eh4.dll
25/11/2005 17:45 237ÿ009 d6j00g1me6.dll
25/11/2005 17:09 237ÿ134 dn4m01h1e.dll
24/11/2005 10:03 233ÿ968 k044lahq1d4e.dll
20/11/2005 09:44 237ÿ053 njwrspt.dll
20/11/2005 01:36 233ÿ475 l4n40e5qeh.dll
15/11/2005 11:11 237ÿ053 qjvd.dll
12/11/2005 17:41 233ÿ928 en6ol1j31.dll
12/11/2005 17:10 234ÿ084 p2p6lc7s1f.dll
12/11/2005 10:52 233ÿ505 hrjq0515e.dll
11/11/2005 11:05 237ÿ053 k662lgjo16oc.dll
10/11/2005 11:34 237ÿ177 f42m0ef1eh2.dll
10/11/2005 08:19 235ÿ412 d6j02g1mg6.dll
09/11/2005 17:49 236ÿ535 gp2ml3f11.dll
06/11/2005 10:32 235ÿ412 SOtrmIT.dll
06/11/2005 10:32 235ÿ958 l64q0gh5e64.dll
02/11/2005 12:58 236ÿ115 hr6s05j7e.dll
17/06/2005 09:10 4ÿ608 Thumbs.db
28/05/2005 13:03 13ÿ560 KGyGaAvL.sys
26/03/2004 02:46 <REP> Microsoft
86 fichier(s) 19ÿ774ÿ056 octets
2 R‚p(s) 15ÿ230ÿ906ÿ368 octets libres




mais il n a pas reboot , je reboot ou pas avant de passer a la 3) ?

no c'est bon en faite voia le second mais avant je voulai te dire que j'ai mis un des virus p-etre pas celui qu'on est entrain d'essayer de supprimer .

Le nlscplfr.dll que je t'ai parler est su rmon bureau je peur que le bouger je ne me rappel plus le programme pour supprimer un fichier proteger .



LOG :


L2mfix 010406
Creating Account.
La commande s'est termin‚e correctement.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 828 'smss.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 896 'winlogon.exe'
Killing PID 896 'winlogon.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 392 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 556 'rundll32.exe'
Killing PID 3256 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
1 fichier(s) copi‚(s).
Deleting: C:\WINDOWS\system32\azam0931e.dll
Successfully Deleted: C:\WINDOWS\system32\azam0931e.dll
Deleting: C:\WINDOWS\system32\BcCoreIf.dll
Successfully Deleted: C:\WINDOWS\system32\BcCoreIf.dll
Deleting: C:\WINDOWS\system32\c200lcdm1f0a.dll
Successfully Deleted: C:\WINDOWS\system32\c200lcdm1f0a.dll
Deleting: C:\WINDOWS\system32\cal3dv2.dll
Successfully Deleted: C:\WINDOWS\system32\cal3dv2.dll
Deleting: C:\WINDOWS\system32\cmtdll.dll
Successfully Deleted: C:\WINDOWS\system32\cmtdll.dll
Deleting: C:\WINDOWS\system32\d6j00g1me6.dll
Successfully Deleted: C:\WINDOWS\system32\d6j00g1me6.dll
Deleting: C:\WINDOWS\system32\d6j02g1mg6.dll
Successfully Deleted: C:\WINDOWS\system32\d6j02g1mg6.dll
Deleting: C:\WINDOWS\system32\d80m0id1e80.dll
Successfully Deleted: C:\WINDOWS\system32\d80m0id1e80.dll
Deleting: C:\WINDOWS\system32\d80mlid1180.dll
Successfully Deleted: C:\WINDOWS\system32\d80mlid1180.dll
Deleting: C:\WINDOWS\system32\dCj02g1mg6.dll
Successfully Deleted: C:\WINDOWS\system32\dCj02g1mg6.dll
Deleting: C:\WINDOWS\system32\dn4m01h1e.dll
Successfully Deleted: C:\WINDOWS\system32\dn4m01h1e.dll
Deleting: C:\WINDOWS\system32\dn6801jue.dll
Successfully Deleted: C:\WINDOWS\system32\dn6801jue.dll
Deleting: C:\WINDOWS\system32\en02l1do1.dll
Successfully Deleted: C:\WINDOWS\system32\en02l1do1.dll
Deleting: C:\WINDOWS\system32\en44l1hq1.dll
Successfully Deleted: C:\WINDOWS\system32\en44l1hq1.dll
Deleting: C:\WINDOWS\system32\en6ol1j31.dll
Successfully Deleted: C:\WINDOWS\system32\en6ol1j31.dll
Deleting: C:\WINDOWS\system32\enlol1331.dll
Successfully Deleted: C:\WINDOWS\system32\enlol1331.dll
Deleting: C:\WINDOWS\system32\f0l02a3mgd.dll
Successfully Deleted: C:\WINDOWS\system32\f0l02a3mgd.dll
Deleting: C:\WINDOWS\system32\f42m0ef1eh2.dll
Successfully Deleted: C:\WINDOWS\system32\f42m0ef1eh2.dll
Deleting: C:\WINDOWS\system32\f8j20i1oe8.dll
Successfully Deleted: C:\WINDOWS\system32\f8j20i1oe8.dll
Deleting: C:\WINDOWS\system32\fnl0213mg.dll
Successfully Deleted: C:\WINDOWS\system32\fnl0213mg.dll
Deleting: C:\WINDOWS\system32\fp0s03d7e.dll
Successfully Deleted: C:\WINDOWS\system32\fp0s03d7e.dll
Deleting: C:\WINDOWS\system32\fp6003jme.dll
Successfully Deleted: C:\WINDOWS\system32\fp6003jme.dll
Deleting: C:\WINDOWS\system32\fp8s03l7e.dll
Successfully Deleted: C:\WINDOWS\system32\fp8s03l7e.dll
Deleting: C:\WINDOWS\system32\fpnu0359e.dll
Successfully Deleted: C:\WINDOWS\system32\fpnu0359e.dll
Deleting: C:\WINDOWS\system32\g0220afoed2c0.dll
Successfully Deleted: C:\WINDOWS\system32\g0220afoed2c0.dll
Deleting: C:\WINDOWS\system32\g2220cfoef2c0.dll
Successfully Deleted: C:\WINDOWS\system32\g2220cfoef2c0.dll
Deleting: C:\WINDOWS\system32\g2jo0c13ef.dll
Successfully Deleted: C:\WINDOWS\system32\g2jo0c13ef.dll
Deleting: C:\WINDOWS\system32\g804lidq180e.dll
Successfully Deleted: C:\WINDOWS\system32\g804lidq180e.dll
Deleting: C:\WINDOWS\system32\gp2ml3f11.dll
Successfully Deleted: C:\WINDOWS\system32\gp2ml3f11.dll
Deleting: C:\WINDOWS\system32\gp82l3lo1.dll
Successfully Deleted: C:\WINDOWS\system32\gp82l3lo1.dll
Deleting: C:\WINDOWS\system32\gplql3351.dll
Successfully Deleted: C:\WINDOWS\system32\gplql3351.dll
Deleting: C:\WINDOWS\system32\gpnul3591.dll
Successfully Deleted: C:\WINDOWS\system32\gpnul3591.dll
Deleting: C:\WINDOWS\system32\h4l2le3o1h.dll
Successfully Deleted: C:\WINDOWS\system32\h4l2le3o1h.dll
Deleting: C:\WINDOWS\system32\hr4q05h5e.dll
Successfully Deleted: C:\WINDOWS\system32\hr4q05h5e.dll
Deleting: C:\WINDOWS\system32\hr6s05j7e.dll
Successfully Deleted: C:\WINDOWS\system32\hr6s05j7e.dll
Deleting: C:\WINDOWS\system32\hrjq0515e.dll
Successfully Deleted: C:\WINDOWS\system32\hrjq0515e.dll
Deleting: C:\WINDOWS\system32\hrnu0559e.dll
Successfully Deleted: C:\WINDOWS\system32\hrnu0559e.dll
Deleting: C:\WINDOWS\system32\hrp6057se.dll
Successfully Deleted: C:\WINDOWS\system32\hrp6057se.dll
Deleting: C:\WINDOWS\system32\hrrs0597e.dll
Successfully Deleted: C:\WINDOWS\system32\hrrs0597e.dll
Deleting: C:\WINDOWS\system32\i2600cjmefoa0.dll
Successfully Deleted: C:\WINDOWS\system32\i2600cjmefoa0.dll
Deleting: C:\WINDOWS\system32\i260lcjm1foa.dll
Successfully Deleted: C:\WINDOWS\system32\i260lcjm1foa.dll
Deleting: C:\WINDOWS\system32\ihcvid.dll
Successfully Deleted: C:\WINDOWS\system32\ihcvid.dll
Deleting: C:\WINDOWS\system32\ir0sl5d71.dll
Successfully Deleted: C:\WINDOWS\system32\ir0sl5d71.dll
Deleting: C:\WINDOWS\system32\ir48l5hu1.dll
Successfully Deleted: C:\WINDOWS\system32\ir48l5hu1.dll
Deleting: C:\WINDOWS\system32\irrql5951.dll
Successfully Deleted: C:\WINDOWS\system32\irrql5951.dll
Deleting: C:\WINDOWS\system32\j44o0eh3eh4.dll
Successfully Deleted: C:\WINDOWS\system32\j44o0eh3eh4.dll
Deleting: C:\WINDOWS\system32\j6l40g3qe6.dll
Successfully Deleted: C:\WINDOWS\system32\j6l40g3qe6.dll
Deleting: C:\WINDOWS\system32\j8l40i3qe8.dll
Successfully Deleted: C:\WINDOWS\system32\j8l40i3qe8.dll
Deleting: C:\WINDOWS\system32\jtrs0797e.dll
Successfully Deleted: C:\WINDOWS\system32\jtrs0797e.dll
Deleting: C:\WINDOWS\system32\k044lahq1d4e.dll
Successfully Deleted: C:\WINDOWS\system32\k044lahq1d4e.dll
Deleting: C:\WINDOWS\system32\k662lgjo16oc.dll
Successfully Deleted: C:\WINDOWS\system32\k662lgjo16oc.dll
Deleting: C:\WINDOWS\system32\kidusx.dll
Successfully Deleted: C:\WINDOWS\system32\kidusx.dll
Deleting: C:\WINDOWS\system32\kJ62lgjo16oc.dll
Successfully Deleted: C:\WINDOWS\system32\kJ62lgjo16oc.dll
Deleting: C:\WINDOWS\system32\kt02l7do1.dll
Successfully Deleted: C:\WINDOWS\system32\kt02l7do1.dll
Deleting: C:\WINDOWS\system32\kt2ml7f11.dll
Successfully Deleted: C:\WINDOWS\system32\kt2ml7f11.dll
Deleting: C:\WINDOWS\system32\kt8ul7l91.dll
Successfully Deleted: C:\WINDOWS\system32\kt8ul7l91.dll
Deleting: C:\WINDOWS\system32\l02slaf71d2.dll
Successfully Deleted: C:\WINDOWS\system32\l02slaf71d2.dll
Deleting: C:\WINDOWS\system32\l4n40e5qeh.dll
Successfully Deleted: C:\WINDOWS\system32\l4n40e5qeh.dll
Deleting: C:\WINDOWS\system32\l64q0gh5e64.dll
Successfully Deleted: C:\WINDOWS\system32\l64q0gh5e64.dll
Deleting: C:\WINDOWS\system32\l6n40g5qe6.dll
Successfully Deleted: C:\WINDOWS\system32\l6n40g5qe6.dll
Deleting: C:\WINDOWS\system32\Lgwvc12n.dll
Successfully Deleted: C:\WINDOWS\system32\Lgwvc12n.dll
Deleting: C:\WINDOWS\system32\lv0u09d9e.dll
Successfully Deleted: C:\WINDOWS\system32\lv0u09d9e.dll
Deleting: C:\WINDOWS\system32\lv4q09h5e.dll
Successfully Deleted: C:\WINDOWS\system32\lv4q09h5e.dll
Deleting: C:\WINDOWS\system32\lv8m09l1e.dll
Successfully Deleted: C:\WINDOWS\system32\lv8m09l1e.dll
Deleting: C:\WINDOWS\system32\lvl4093qe.dll
Successfully Deleted: C:\WINDOWS\system32\lvl4093qe.dll
Deleting: C:\WINDOWS\system32\lvlm0931e.dll
Successfully Deleted: C:\WINDOWS\system32\lvlm0931e.dll
Deleting: C:\WINDOWS\system32\mcxml.dll
Successfully Deleted: C:\WINDOWS\system32\mcxml.dll
Deleting: C:\WINDOWS\system32\mfwebdvd.dll
Successfully Deleted: C:\WINDOWS\system32\mfwebdvd.dll
Deleting: C:\WINDOWS\system32\mvpql9751.dll
Successfully Deleted: C:\WINDOWS\system32\mvpql9751.dll
Deleting: C:\WINDOWS\system32\njwrspt.dll
Successfully Deleted: C:\WINDOWS\system32\njwrspt.dll
Deleting: C:\WINDOWS\system32\o8lu0i39e8.dll
Successfully Deleted: C:\WINDOWS\system32\o8lu0i39e8.dll
Deleting: C:\WINDOWS\system32\ohethk32.dll
Successfully Deleted: C:\WINDOWS\system32\ohethk32.dll
Deleting: C:\WINDOWS\system32\p26s0cj7efo.dll
Successfully Deleted: C:\WINDOWS\system32\p26s0cj7efo.dll
Deleting: C:\WINDOWS\system32\p2p6lc7s1f.dll
Successfully Deleted: C:\WINDOWS\system32\p2p6lc7s1f.dll
Deleting: C:\WINDOWS\system32\pdmas.dll
Successfully Deleted: C:\WINDOWS\system32\pdmas.dll
Deleting: C:\WINDOWS\system32\qjvd.dll
Successfully Deleted: C:\WINDOWS\system32\qjvd.dll
Deleting: C:\WINDOWS\system32\r8r6li9s18.dll
Successfully Deleted: C:\WINDOWS\system32\r8r6li9s18.dll
Deleting: C:\WINDOWS\system32\s6rslg9716.dll
Successfully Deleted: C:\WINDOWS\system32\s6rslg9716.dll
Deleting: C:\WINDOWS\system32\SOtrmIT.dll
Successfully Deleted: C:\WINDOWS\system32\SOtrmIT.dll
Deleting: C:\WINDOWS\system32\svorprop.dll
Successfully Deleted: C:\WINDOWS\system32\svorprop.dll
Deleting: C:\WINDOWS\system32\t2r80c9uef.dll
Successfully Deleted: C:\WINDOWS\system32\t2r80c9uef.dll
Deleting: C:\WINDOWS\system32\VO5DB.DLL
Successfully Deleted: C:\WINDOWS\system32\VO5DB.DLL
Deleting: C:\WINDOWS\system32\wjcdlg.dll
Successfully Deleted: C:\WINDOWS\system32\wjcdlg.dll
Deleting: C:\WINDOWS\system32\guard.tmp
Successfully Deleted: C:\WINDOWS\system32\guard.tmp

msg11?.dll
0 fichier(s) copi‚(s).



Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTServ]
"DLLName"="C:\\Program Files\\Fichiers communs\\Logitech\\Bluetooth\\lbtserv.dll"
"Startup"="OnWlxStartup"
"Logon"="OnWlxLogon"
"Logoff"="OnWlxLogoff"
"StartShel"="OnWlxStartShell"
"Asynchronous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\lvl4093qe.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001


The following are the files found:
****************************************************************************
C:\WINDOWS\system32\azam0931e.dll
C:\WINDOWS\system32\BcCoreIf.dll
C:\WINDOWS\system32\c200lcdm1f0a.dll
C:\WINDOWS\system32\cal3dv2.dll
C:\WINDOWS\system32\cmtdll.dll
C:\WINDOWS\system32\d6j00g1me6.dll
C:\WINDOWS\system32\d6j02g1mg6.dll
C:\WINDOWS\system32\d80m0id1e80.dll
C:\WINDOWS\system32\d80mlid1180.dll
C:\WINDOWS\system32\dCj02g1mg6.dll
C:\WINDOWS\system32\dn4m01h1e.dll
C:\WINDOWS\system32\dn6801jue.dll
C:\WINDOWS\system32\en02l1do1.dll
C:\WINDOWS\system32\en44l1hq1.dll
C:\WINDOWS\system32\en6ol1j31.dll
C:\WINDOWS\system32\enlol1331.dll
C:\WINDOWS\system32\f0l02a3mgd.dll
C:\WINDOWS\system32\f42m0ef1eh2.dll
C:\WINDOWS\system32\f8j20i1oe8.dll
C:\WINDOWS\system32\fnl0213mg.dll
C:\WINDOWS\system32\fp0s03d7e.dll
C:\WINDOWS\system32\fp6003jme.dll
C:\WINDOWS\system32\fp8s03l7e.dll
C:\WINDOWS\system32\fpnu0359e.dll
C:\WINDOWS\system32\g0220afoed2c0.dll
C:\WINDOWS\system32\g2220cfoef2c0.dll
C:\WINDOWS\system32\g2jo0c13ef.dll
C:\WINDOWS\system32\g804lidq180e.dll
C:\WINDOWS\system32\gp2ml3f11.dll
C:\WINDOWS\system32\gp82l3lo1.dll
C:\WINDOWS\system32\gplql3351.dll
C:\WINDOWS\system32\gpnul3591.dll
C:\WINDOWS\system32\h4l2le3o1h.dll
C:\WINDOWS\system32\hr4q05h5e.dll
C:\WINDOWS\system32\hr6s05j7e.dll
C:\WINDOWS\system32\hrjq0515e.dll
C:\WINDOWS\system32\hrnu0559e.dll
C:\WINDOWS\system32\hrp6057se.dll
C:\WINDOWS\system32\hrrs0597e.dll
C:\WINDOWS\system32\i2600cjmefoa0.dll
C:\WINDOWS\system32\i260lcjm1foa.dll
C:\WINDOWS\system32\ihcvid.dll
C:\WINDOWS\system32\ir0sl5d71.dll
C:\WINDOWS\system32\ir48l5hu1.dll
C:\WINDOWS\system32\irrql5951.dll
C:\WINDOWS\system32\j44o0eh3eh4.dll
C:\WINDOWS\system32\j6l40g3qe6.dll
C:\WINDOWS\system32\j8l40i3qe8.dll
C:\WINDOWS\system32\jtrs0797e.dll
C:\WINDOWS\system32\k044lahq1d4e.dll
C:\WINDOWS\system32\k662lgjo16oc.dll
C:\WINDOWS\system32\kidusx.dll
C:\WINDOWS\system32\kJ62lgjo16oc.dll
C:\WINDOWS\system32\kt02l7do1.dll
C:\WINDOWS\system32\kt2ml7f11.dll
C:\WINDOWS\system32\kt8ul7l91.dll
C:\WINDOWS\system32\l02slaf71d2.dll
C:\WINDOWS\system32\l4n40e5qeh.dll
C:\WINDOWS\system32\l64q0gh5e64.dll
C:\WINDOWS\system32\l6n40g5qe6.dll
C:\WINDOWS\system32\Lgwvc12n.dll
C:\WINDOWS\system32\lv0u09d9e.dll
C:\WINDOWS\system32\lv4q09h5e.dll
C:\WINDOWS\system32\lv8m09l1e.dll
C:\WINDOWS\system32\lvl4093qe.dll
C:\WINDOWS\system32\lvlm0931e.dll
C:\WINDOWS\system32\mcxml.dll
C:\WINDOWS\system32\mfwebdvd.dll
C:\WINDOWS\system32\mvpql9751.dll
C:\WINDOWS\system32\njwrspt.dll
C:\WINDOWS\system32\o8lu0i39e8.dll
C:\WINDOWS\system32\ohethk32.dll
C:\WINDOWS\system32\p26s0cj7efo.dll
C:\WINDOWS\system32\p2p6lc7s1f.dll
C:\WINDOWS\system32\pdmas.dll
C:\WINDOWS\system32\qjvd.dll
C:\WINDOWS\system32\r8r6li9s18.dll
C:\WINDOWS\system32\s6rslg9716.dll
C:\WINDOWS\system32\SOtrmIT.dll
C:\WINDOWS\system32\svorprop.dll
C:\WINDOWS\system32\t2r80c9uef.dll
C:\WINDOWS\system32\VO5DB.DLL
C:\WINDOWS\system32\wjcdlg.dll
C:\WINDOWS\system32\guard.tmp

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}\InprocServer32]
@="C:\\WINDOWS\\system32\\wjcdlg.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}\InprocServer32]
@="C:\\WINDOWS\\system32\\cmtdll.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}\InprocServer32]
@="C:\\WINDOWS\\system32\\aeifile.dll"
"ThreadingModel"="Apartment"

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{D62D7681-03C3-4908-A32B-18D3B1E00B59}"=-
"{BDF66539-4D78-4499-8F8F-A9C3335E9423}"=-
"{B1531BEF-742D-480E-9976-0F6A106CBC86}"=-
[-HKEY_CLASSES_ROOT\CLSID\{D62D7681-03C3-4908-A32B-18D3B1E00B59}]
[-HKEY_CLASSES_ROOT\CLSID\{BDF66539-4D78-4499-8F8F-A9C3335E9423}]
[-HKEY_CLASSES_ROOT\CLSID\{B1531BEF-742D-480E-9976-0F6A106CBC86}]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
adding: dlls/azam0931e.dll (164 bytes security) (deflated 5%)
adding: dlls/BcCoreIf.dll (164 bytes security) (deflated 5%)
adding: dlls/c200lcdm1f0a.dll (164 bytes security) (deflated 5%)
adding: dlls/cal3dv2.dll (164 bytes security) (deflated 5%)
adding: dlls/cmtdll.dll (164 bytes security) (deflated 5%)
adding: dlls/d6j00g1me6.dll (164 bytes security) (deflated 6%)
adding: dlls/d6j02g1mg6.dll (164 bytes security) (deflated 5%)
adding: dlls/d80m0id1e80.dll (164 bytes security) (deflated 4%)
adding: dlls/d80mlid1180.dll (164 bytes security) (deflated 5%)
adding: dlls/dCj02g1mg6.dll (164 bytes security) (deflated 4%)
adding: dlls/dn4m01h1e.dll (164 bytes security) (deflated 6%)
adding: dlls/dn6801jue.dll (164 bytes security) (deflated 5%)
adding: dlls/en02l1do1.dll (164 bytes security) (deflated 4%)
adding: dlls/en44l1hq1.dll (164 bytes security) (deflated 4%)
adding: dlls/en6ol1j31.dll (164 bytes security) (deflated 4%)
adding: dlls/enlol1331.dll (164 bytes security) (deflated 4%)
adding: dlls/f0l02a3mgd.dll (164 bytes security) (deflated 5%)
adding: dlls/f42m0ef1eh2.dll (164 bytes security) (deflated 5%)
adding: dlls/f8j20i1oe8.dll (164 bytes security) (deflated 4%)
adding: dlls/fnl0213mg.dll (164 bytes security) (deflated 4%)
adding: dlls/fp0s03d7e.dll (164 bytes security) (deflated 4%)
adding: dlls/fp6003jme.dll (164 bytes security) (deflated 4%)
adding: dlls/fp8s03l7e.dll (164 bytes security) (deflated 4%)
adding: dlls/fpnu0359e.dll (164 bytes security) (deflated 5%)
adding: dlls/g0220afoed2c0.dll (164 bytes security) (deflated 5%)
adding: dlls/g2220cfoef2c0.dll (164 bytes security) (deflated 5%)
adding: dlls/g2jo0c13ef.dll (164 bytes security) (deflated 5%)
adding: dlls/g804lidq180e.dll (164 bytes security) (deflated 5%)
adding: dlls/gp2ml3f11.dll (164 bytes security) (deflated 5%)
adding: dlls/gp82l3lo1.dll (164 bytes security) (deflated 6%)
adding: dlls/gplql3351.dll (164 bytes security) (deflated 5%)
adding: dlls/gpnul3591.dll (164 bytes security) (deflated 5%)
adding: dlls/guard.tmp (164 bytes security) (deflated 5%)
adding: dlls/h4l2le3o1h.dll (164 bytes security) (deflated 4%)
adding: dlls/hr4q05h5e.dll (164 bytes security) (deflated 4%)
adding: dlls/hr6s05j7e.dll (164 bytes security) (deflated 5%)
adding: dlls/hrjq0515e.dll (164 bytes security) (deflated 4%)
adding: dlls/hrnu0559e.dll (164 bytes security) (deflated 5%)
adding: dlls/hrp6057se.dll (164 bytes security) (deflated 5%)
adding: dlls/hrrs0597e.dll (164 bytes security) (deflated 4%)
adding: dlls/i2600cjmefoa0.dll (164 bytes security) (deflated 5%)
adding: dlls/i260lcjm1foa.dll (164 bytes security) (deflated 4%)
adding: dlls/ihcvid.dll (164 bytes security) (deflated 5%)
adding: dlls/ir0sl5d71.dll (164 bytes security) (deflated 5%)
adding: dlls/ir48l5hu1.dll (164 bytes security) (deflated 5%)
adding: dlls/irrql5951.dll (164 bytes security) (deflated 6%)
adding: dlls/j44o0eh3eh4.dll (164 bytes security) (deflated 4%)
adding: dlls/j6l40g3qe6.dll (164 bytes security) (deflated 4%)
adding: dlls/j8l40i3qe8.dll (164 bytes security) (deflated 4%)
adding: dlls/jtrs0797e.dll (164 bytes security) (deflated 5%)
adding: dlls/k044lahq1d4e.dll (164 bytes security) (deflated 4%)
adding: dlls/k662lgjo16oc.dll (164 bytes security) (deflated 5%)
adding: dlls/kidusx.dll (164 bytes security) (deflated 4%)
adding: dlls/kJ62lgjo16oc.dll (164 bytes security) (deflated 4%)
adding: dlls/kt02l7do1.dll (164 bytes security) (deflated 5%)
adding: dlls/kt2ml7f11.dll (164 bytes security) (deflated 4%)
adding: dlls/kt8ul7l91.dll (164 bytes security) (deflated 4%)
adding: dlls/l02slaf71d2.dll (164 bytes security) (deflated 4%)
adding: dlls/l4n40e5qeh.dll (164 bytes security) (deflated 4%)
adding: dlls/l64q0gh5e64.dll (164 bytes security) (deflated 5%)
adding: dlls/l6n40g5qe6.dll (164 bytes security) (deflated 5%)
adding: dlls/Lgwvc12n.dll (164 bytes security) (deflated 4%)
adding: dlls/lv0u09d9e.dll (164 bytes security) (deflated 5%)
adding: dlls/lv4q09h5e.dll (164 bytes security) (deflated 5%)
adding: dlls/lv8m09l1e.dll (164 bytes security) (deflated 5%)
adding: dlls/lvl4093qe.dll (164 bytes security) (deflated 5%)
adding: dlls/lvlm0931e.dll (164 bytes security) (deflated 4%)
adding: dlls/mcxml.dll (164 bytes security) (deflated 5%)
adding: dlls/mfwebdvd.dll (164 bytes security) (deflated 5%)
adding: dlls/mvpql9751.dll (164 bytes security) (deflated 4%)
adding: dlls/njwrspt.dll (164 bytes security) (deflated 5%)
adding: dlls/o8lu0i39e8.dll (164 bytes security) (deflated 5%)
adding: dlls/ohethk32.dll (164 bytes security) (deflated 4%)
adding: dlls/p26s0cj7efo.dll (164 bytes security) (deflated 5%)
adding: dlls/p2p6lc7s1f.dll (164 bytes security) (deflated 4%)
adding: dlls/pdmas.dll (164 bytes security) (deflated 5%)
adding: dlls/qjvd.dll (164 bytes security) (deflated 5%)
adding: dlls/r8r6li9s18.dll (164 bytes security) (deflated 4%)
adding: dlls/s6rslg9716.dll (164 bytes security) (deflated 4%)
adding: dlls/SOtrmIT.dll (164 bytes security) (deflated 5%)
adding: dlls/svorprop.dll (164 bytes security) (deflated 5%)
adding: dlls/t2r80c9uef.dll (164 bytes security) (deflated 5%)
adding: dlls/VO5DB.DLL (164 bytes security) (deflated 5%)
adding: dlls/wjcdlg.dll (164 bytes security) (deflated 4%)
adding: backregs/B1531BEF-742D-480E-9976-0F6A106CBC86.reg (188 bytes security) (deflated 70%)
adding: backregs/BDF66539-4D78-4499-8F8F-A9C3335E9423.reg (188 bytes security) (deflated 70%)
adding: backregs/D62D7681-03C3-4908-A32B-18D3B1E00B59.reg (188 bytes security) (deflated 70%)
adding: backregs/notibac.reg (164 bytes security) (deflated 87%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)
Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde