[HELP] malware ou spyware

Résolu
kikiseb Messages postés 45 Statut Membre -  
 kikiseb -
Bonjour,
je ne sais pas ce que j'ai téléchargé de mauvais mais depuis hier, mon ordi débloque complétement
Des fenëtres du type:
[url=http://www.searc-h.com/normal/yyy65.html]http://www.searc-h.com/normal/yyy65.html[/url]
[url=http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={7EABD0DA-7EE3-C8F3-24D7-0F67CB5C80DE}&type=normal&mSkip=1&rnd=24377]http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={7EABD0DA-7EE3-C8F3-24D7-0F67CB5C80DE}&type=normal&mSkip=1&rnd=24377[/url]
[url=http://splash.blinko.com/SP17/?mk=bla_azlco&mk=bla_azlco]http://splash.blinko.com/SP17/?mk=bla_azlco&mk=bla_azlco[/url]
[url=http://www.spotresults.com/cgi-bin/search.cgi?keywords=hijackthis]http://www.spotresults.com/cgi-bin/search.cgi?keywords=hijackthis[/url] ...
Quand je tape google.fr, j'arrive à google.com...
J'ai passé au moins 15 anti-spyware mais rien n'y fait.
Mon compte-rendu avec Hijack donne:

Logfile of HijackThis v1.99.1
Scan saved at 23:03:53, on 27/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Internet\DAP\DAP.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\WinRoll\winroll.exe
C:\Medias\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\SCURIT~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
C:\Program Files\SuperCopier\SuperCopier.exe
C:\Internet\INCRED~1\bin\IMApp.exe
C:\Sécurité\Alwil Software\Avast4\aswUpdSv.exe
C:\Sécurité\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Fast.exe
C:\Sécurité\Alwil Software\Avast4\ashMaiSv.exe
C:\Sécurité\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\Rar$EX00.244\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 195.158.172.121 www.file-webber.de
O1 - Hosts: 195.158.172.121 file-webber.de
O1 - Hosts: 195.158.172.121 www-google.ae
O1 - Hosts: 195.158.172.121 www-google.as
O1 - Hosts: 195.158.172.121 www-google.at
O1 - Hosts: 195.158.172.121 www-google.au
O1 - Hosts: 195.158.172.121 www-google.bi
O1 - Hosts: 195.158.172.121 www-google.br
O1 - Hosts: 195.158.172.121 www-google.ca
O1 - Hosts: 195.158.172.121 www-google.cc
O1 - Hosts: 195.158.172.121 www-google.cd
O1 - Hosts: 195.158.172.121 www-google.cg
O1 - Hosts: 195.158.172.121 www-google.ch
O1 - Hosts: 195.158.172.121 www-google.cl
O1 - Hosts: 195.158.172.121 www-google.co.cr
O1 - Hosts: 195.158.172.121 www-google.co.gg
O1 - Hosts: 195.158.172.121 www-google.co.hu
O1 - Hosts: 195.158.172.121 www-google.co.il
O1 - Hosts: 195.158.172.121 www-google.co.in
O1 - Hosts: 195.158.172.121 www-google.co.je
O1 - Hosts: 195.158.172.121 www-google.co.jp
O1 - Hosts: 195.158.172.121 www-google.co.kr
O1 - Hosts: 195.158.172.121 www-google.co.ls
O1 - Hosts: 195.158.172.121 www-google.co.nz
O1 - Hosts: 195.158.172.121 www-google.com
O1 - Hosts: 195.158.172.121 www-google.com.ae
O1 - Hosts: 195.158.172.121 www-google.com.au
O1 - Hosts: 195.158.172.121 www-google.com.ca
O1 - Hosts: 195.158.172.121 www-google.com.do
O1 - Hosts: 195.158.172.121 www-google.com.fj
O1 - Hosts: 195.158.172.121 www-google.com.gr
O1 - Hosts: 195.158.172.121 www-google.com.ly
O1 - Hosts: 195.158.172.121 www-google.com.mt
O1 - Hosts: 195.158.172.121 www-google.com.my
O1 - Hosts: 195.158.172.121 www-google.com.nf
O1 - Hosts: 195.158.172.121 www-google.com.ni
O1 - Hosts: 195.158.172.121 www-google.com.pa
O1 - Hosts: 195.158.172.121 www-google.com.pe
O1 - Hosts: 195.158.172.121 www-google.com.pk
O1 - Hosts: 195.158.172.121 www-google.com.pr
O1 - Hosts: 195.158.172.121 www-google.com.py
O1 - Hosts: 195.158.172.121 www-google.com.ru
O1 - Hosts: 195.158.172.121 www-google.com.sg
O1 - Hosts: 195.158.172.121 www-google.com.sv
O1 - Hosts: 195.158.172.121 www-google.com.tr
O1 - Hosts: 195.158.172.121 www-google.com.tw
O1 - Hosts: 195.158.172.121 www-google.com.vc
O1 - Hosts: 195.158.172.121 www-google.com.vn
O1 - Hosts: 195.158.172.121 www-google.cr
O1 - Hosts: 195.158.172.121 www-google.de
O1 - Hosts: 195.158.172.121 www-google.dj
O1 - Hosts: 195.158.172.121 www-google.do
O1 - Hosts: 195.158.172.121 www-google.es
O1 - Hosts: 195.158.172.121 www-google.fj
O1 - Hosts: 195.158.172.121 www-google.fr
O1 - Hosts: 195.158.172.121 www-google.gg
O1 - Hosts: 195.158.172.121 www-google.gl
O1 - Hosts: 195.158.172.121 www-google.gm
O1 - Hosts: 195.158.172.121 www-google.gr
O1 - Hosts: 195.158.172.121 www-google.hn
O1 - Hosts: 195.158.172.121 www-google.hu
O1 - Hosts: 195.158.172.121 www-google.ie
O1 - Hosts: 195.158.172.121 www-google.il
O1 - Hosts: 195.158.172.121 www-google.in
O1 - Hosts: 195.158.172.121 www-google.it
O1 - Hosts: 195.158.172.121 www-google.je
O1 - Hosts: 195.158.172.121 www-google.jp
O1 - Hosts: 195.158.172.121 www-google.kr
O1 - Hosts: 195.158.172.121 www-google.kz
O1 - Hosts: 195.158.172.121 www-google.ls
O1 - Hosts: 195.158.172.121 www-google.lt
O1 - Hosts: 195.158.172.121 www-google.lu
O1 - Hosts: 195.158.172.121 www-google.lv
O1 - Hosts: 195.158.172.121 www-google.ly
O1 - Hosts: 195.158.172.121 www-google.mt
O1 - Hosts: 195.158.172.121 www-google.mu
O1 - Hosts: 195.158.172.121 www-google.mw
O1 - Hosts: 195.158.172.121 www-google.my
O1 - Hosts: 195.158.172.121 www-google.nf
O1 - Hosts: 195.158.172.121 www-google.ni
O1 - Hosts: 195.158.172.121 www-google.nl
O1 - Hosts: 195.158.172.121 www-google.nz
O1 - Hosts: 195.158.172.121 www-google.pa
O1 - Hosts: 195.158.172.121 www-google.pe
O1 - Hosts: 195.158.172.121 www-google.pk
O1 - Hosts: 195.158.172.121 www-google.pl
O1 - Hosts: 195.158.172.121 www-google.pn
O1 - Hosts: 195.158.172.121 www-google.pr
O1 - Hosts: 195.158.172.121 www-google.pt
O1 - Hosts: 195.158.172.121 www-google.py
O1 - Hosts: 195.158.172.121 www-google.ru
O1 - Hosts: 195.158.172.121 www-google.rw
O1 - Hosts: 195.158.172.121 www-google.se
O1 - Hosts: 195.158.172.121 www-google.sg
O1 - Hosts: 195.158.172.121 www-google.sh
O1 - Hosts: 195.158.172.121 www-google.sk
O1 - Hosts: 195.158.172.121 www-google.sm
O1 - Hosts: 195.158.172.121 www-google.sv
O1 - Hosts: 195.158.172.121 www-google.td
O1 - Hosts: 195.158.172.121 www-google.tr
O1 - Hosts: 195.158.172.121 www-google.tw
O3 - Toolbar: Avenir Massylvain Toolbar - {89DA4411-E4AD-4FCE-9552-9320EB700985} - C:\Program Files\Avenir Massylvain Toolbar\avenir_massylvain.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DownloadAccelerator] C:\Internet\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [IncrediMail] C:\Internet\IncrediMail\bin\IncMail.exe /c
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Winroll] C:\Program Files\WinRoll\winroll.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Medias\Winamp\winampa.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrojanScanner] C:\Sécurité\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [avast!] C:\SCURIT~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender8\bdnagent.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ObjectDock] C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
O4 - HKCU\..\Run: [HSIMargin] C:\Personnalisation\WinOSX\Sébastien\HSI\HSI.exe "C:\Personnalisation\WinOSX\Sébastien\HSI\Margin.hss"
O4 - HKCU\..\Run: [YzShadow] C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
O4 - Startup: RegFreeze.lnk = ?
O4 - Startup: Spy Shooter 4.5.lnk = ?
O4 - Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
O4 - Global Startup: RegFreeze.lnk = ?
O4 - Global Startup: Spy Shooter 4.5.lnk = ?
O4 - Global Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download with &DAP - C:\Internet\DAP\dapextie.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\BUREAU~1\Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\BUREAU~1\Office\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD242EF7-C1E1-44BC-9979-52859FBBE4F9}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: MSSYCLM - C:\WINDOWS\system32\enj6l11s1.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Sécurité\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Sécurité\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Sécurité\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Sécurité\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - CMD Technology, Inc. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Qui pourrait m'aider svp?

J'ai passé:
A2
Avast
Bitdefender
Fixblast
Regfreeze
Spyshooter
Regsupreme
Spy Sweeper
Ad Aware
Xoftspy...
Mais rien n'y fait

Please, help me

22 réponses

  • 1
  • 2
  1. Real Mona Messages postés 1432 Statut Membre 94
     
    Bonjour,

    Imprime ceci pour ne rien oublier de faire :

    Méthode à suivre dans l'ordre...

    ----------------------------------------------------------------------------
    ¤Télécharge Spybot mais que tu n‘utilises pas tout de suite:

    Spybot S&D 1.4 <<nouvelle version
    http://www.safer-networking.org/fr/index.html

    Démo d’utilisation (merci à Balltrap34 pour cette réalisation)
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    ----------------------------------------------------------------------------
    Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5)
    ----------------------------------------------------------------------------
    Désactive ta restauration système :
    Clic droit sur poste de travail puis,
    propriété, tu cliques sur onglet restauration système
    tu coches la case « désactiver la restauration » et applique
    ----------------------------------------------------------------------------
    Affiche tous les fichiers et dossiers :
    Clique sur démarrer/panneau de configuration/option des dossiers/affichage

    Coche « afficher les fichiers et dossiers cachés »

    Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

    Décoche « masquer les extensions dont le type est connu »
    Puis fais «Ok» pour valider les changements.

    Et appliquer !
    ----------------------------------------------------------------------------
    ¤Vide tes fichiers temps et tempory internet file:

    :: Supprimer les fichiers temporaires ::
    vider tout le contenu de ces dossiers.

    * C:\Documents and Settings\ton compte\Local Settings\Temp
    * C:\Documents and Settings\tous les autres comptes\Local Settings\Temp
    * C:\Windows\Temp

    :: Le contenu du dossier prefetch ::

    * C:\WINDOWS\Prefetch <= sauf le fichier layout.ini

    * Ne pas oublier de vider la corbeille !
    ----------------------------------------------------------------------------
    ¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

    O1 - Hosts: 195.158.172.121 www.file-webber.de
    O1 - Hosts: 195.158.172.121 file-webber.de
    O1 - Hosts: 195.158.172.121 www-google.ae
    O1 - Hosts: 195.158.172.121 www-google.as
    O1 - Hosts: 195.158.172.121 www-google.at
    O1 - Hosts: 195.158.172.121 www-google.au
    O1 - Hosts: 195.158.172.121 www-google.bi
    O1 - Hosts: 195.158.172.121 www-google.br
    O1 - Hosts: 195.158.172.121 www-google.ca
    O1 - Hosts: 195.158.172.121 www-google.cc
    O1 - Hosts: 195.158.172.121 www-google.cd
    O1 - Hosts: 195.158.172.121 www-google.cg
    O1 - Hosts: 195.158.172.121 www-google.ch
    O1 - Hosts: 195.158.172.121 www-google.cl
    O1 - Hosts: 195.158.172.121 www-google.co.cr
    O1 - Hosts: 195.158.172.121 www-google.co.gg
    O1 - Hosts: 195.158.172.121 www-google.co.hu
    O1 - Hosts: 195.158.172.121 www-google.co.il
    O1 - Hosts: 195.158.172.121 www-google.co.in
    O1 - Hosts: 195.158.172.121 www-google.co.je
    O1 - Hosts: 195.158.172.121 www-google.co.jp
    O1 - Hosts: 195.158.172.121 www-google.co.kr
    O1 - Hosts: 195.158.172.121 www-google.co.ls
    O1 - Hosts: 195.158.172.121 www-google.co.nz
    O1 - Hosts: 195.158.172.121 www-google.com
    O1 - Hosts: 195.158.172.121 www-google.com.ae
    O1 - Hosts: 195.158.172.121 www-google.com.au
    O1 - Hosts: 195.158.172.121 www-google.com.ca
    O1 - Hosts: 195.158.172.121 www-google.com.do
    O1 - Hosts: 195.158.172.121 www-google.com.fj
    O1 - Hosts: 195.158.172.121 www-google.com.gr
    O1 - Hosts: 195.158.172.121 www-google.com.ly
    O1 - Hosts: 195.158.172.121 www-google.com.mt
    O1 - Hosts: 195.158.172.121 www-google.com.my
    O1 - Hosts: 195.158.172.121 www-google.com.nf
    O1 - Hosts: 195.158.172.121 www-google.com.ni
    O1 - Hosts: 195.158.172.121 www-google.com.pa
    O1 - Hosts: 195.158.172.121 www-google.com.pe
    O1 - Hosts: 195.158.172.121 www-google.com.pk
    O1 - Hosts: 195.158.172.121 www-google.com.pr
    O1 - Hosts: 195.158.172.121 www-google.com.py
    O1 - Hosts: 195.158.172.121 www-google.com.ru
    O1 - Hosts: 195.158.172.121 www-google.com.sg
    O1 - Hosts: 195.158.172.121 www-google.com.sv
    O1 - Hosts: 195.158.172.121 www-google.com.tr
    O1 - Hosts: 195.158.172.121 www-google.com.tw
    O1 - Hosts: 195.158.172.121 www-google.com.vc
    O1 - Hosts: 195.158.172.121 www-google.com.vn
    O1 - Hosts: 195.158.172.121 www-google.cr
    O1 - Hosts: 195.158.172.121 www-google.de
    O1 - Hosts: 195.158.172.121 www-google.dj
    O1 - Hosts: 195.158.172.121 www-google.do
    O1 - Hosts: 195.158.172.121 www-google.es
    O1 - Hosts: 195.158.172.121 www-google.fj
    O1 - Hosts: 195.158.172.121 www-google.fr
    O1 - Hosts: 195.158.172.121 www-google.gg
    O1 - Hosts: 195.158.172.121 www-google.gl
    O1 - Hosts: 195.158.172.121 www-google.gm
    O1 - Hosts: 195.158.172.121 www-google.gr
    O1 - Hosts: 195.158.172.121 www-google.hn
    O1 - Hosts: 195.158.172.121 www-google.hu
    O1 - Hosts: 195.158.172.121 www-google.ie
    O1 - Hosts: 195.158.172.121 www-google.il
    O1 - Hosts: 195.158.172.121 www-google.in
    O1 - Hosts: 195.158.172.121 www-google.it
    O1 - Hosts: 195.158.172.121 www-google.je
    O1 - Hosts: 195.158.172.121 www-google.jp
    O1 - Hosts: 195.158.172.121 www-google.kr
    O1 - Hosts: 195.158.172.121 www-google.kz
    O1 - Hosts: 195.158.172.121 www-google.ls
    O1 - Hosts: 195.158.172.121 www-google.lt
    O1 - Hosts: 195.158.172.121 www-google.lu
    O1 - Hosts: 195.158.172.121 www-google.lv
    O1 - Hosts: 195.158.172.121 www-google.ly
    O1 - Hosts: 195.158.172.121 www-google.mt
    O1 - Hosts: 195.158.172.121 www-google.mu
    O1 - Hosts: 195.158.172.121 www-google.mw
    O1 - Hosts: 195.158.172.121 www-google.my
    O1 - Hosts: 195.158.172.121 www-google.nf
    O1 - Hosts: 195.158.172.121 www-google.ni
    O1 - Hosts: 195.158.172.121 www-google.nl
    O1 - Hosts: 195.158.172.121 www-google.nz
    O1 - Hosts: 195.158.172.121 www-google.pa
    O1 - Hosts: 195.158.172.121 www-google.pe
    O1 - Hosts: 195.158.172.121 www-google.pk
    O1 - Hosts: 195.158.172.121 www-google.pl
    O1 - Hosts: 195.158.172.121 www-google.pn
    O1 - Hosts: 195.158.172.121 www-google.pr
    O1 - Hosts: 195.158.172.121 www-google.pt
    O1 - Hosts: 195.158.172.121 www-google.py
    O1 - Hosts: 195.158.172.121 www-google.ru
    O1 - Hosts: 195.158.172.121 www-google.rw
    O1 - Hosts: 195.158.172.121 www-google.se
    O1 - Hosts: 195.158.172.121 www-google.sg
    O1 - Hosts: 195.158.172.121 www-google.sh
    O1 - Hosts: 195.158.172.121 www-google.sk
    O1 - Hosts: 195.158.172.121 www-google.sm
    O1 - Hosts: 195.158.172.121 www-google.sv
    O1 - Hosts: 195.158.172.121 www-google.td
    O1 - Hosts: 195.158.172.121 www-google.tr
    O1 - Hosts: 195.158.172.121 www-google.tw
    (toutes les lignes O1)
    O4 - Startup: RegFreeze.lnk = ?
    O4 - Startup: Spy Shooter 4.5.lnk = ?
    O4 - Global Startup: RegFreeze.lnk = ?
    O4 - Global Startup: Spy Shooter 4.5.lnk = ?
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O20 - Winlogon Notify: MSSYCLM - C:\WINDOWS\system32\enj6l11s1.dll

    ----------------------------------------------------------------------------
    ¤ Passe Ad-Aware et vire tout ce qu’il trouve + vide la quarantaine
    ----------------------------------------------------------------------------
    ¤ Passe Spybot et vire tout ce qu’il trouve + vide la quarantaine
    ----------------------------------------------------------------------------
    > Tu vides ta poubelle et tu redémarres en mode normal et refait un HijackThis

    Et enfin un petit conseil : installe un pare-feu (ou firewall) Si tu utilises celui de XP désactive le et installe http://download.zonelabs.com/bin/free/fr/download/comparison.html
    Pour désactiver ton firewall Windows XP tu fais la chose suivante :
    clique sur le bouton Démarrer, sur Paramètres, puis double clique sur Connexion Réseau. Sélectionne ta connexion puis clique dessus avec le bouton droit de la souris. Choisis la commande Propriétés. Dans l'onglet Avancé, décoche la case Protéger mon ordinateur et le réseau... Valide par OK

    A+
    M.
    0
  2. kikiseb Messages postés 45 Statut Membre 1
     
    Merci
    Google, c'est bon
    Par contre, ni adaware, ni spybot n'ont trouvé de spyware
    Pourtant, j'ai encore des fenêtres qui apparaissent
    0
  3. Real Mona Messages postés 1432 Statut Membre 94
     
    De rien, mais "Tu vides ta poubelle et tu redémarres en mode normal et refais un HijackThis" que tu postes ici ais-je oublié de préciser.

    A+
    M.
    0
  4. lmdup@free.fr
     
    probleme sur explorer et mozilla

    Logfile of HijackThis v1.99.1
    Scan saved at 16:41:35, on 01/11/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
    C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\WINDOWS\system32\rmctrl.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINDOWS\system32\rundll32.exe
    D:\foxmail\foxmail\Foxmail.exe
    C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
    C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROG~1.LOG\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1110918869086
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\enj6l11s1.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TGF1cmVudAAA\command.exe (file missing)
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Real Mona Messages postés 1432 Statut Membre 94
     
    Télécharge ceci
    http://www.downloads.subratam.org/l2mfix.exe
    decompresse le double clique sur l2mfix.bat appuie sur n'importe quelle touche et ensuite choisi l'option 1
    attend, il vas faire un rapport fait un copier coller de celui ci ici
    ne fait surtout rien d autre

    A+
    Mona
    0
    1. lmdup Messages postés 2 Statut Membre
       
      L2MFIX find log 1.04a
      These are the registry keys present
      **********************************************************************************
      Winlogon/notify:
      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
      "Asynchronous"=dword:00000000
      "Impersonate"=dword:00000000
      "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
      6c,00,00,00
      "Logoff"="ChainWlxLogoffEvent"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
      "Asynchronous"=dword:00000000
      "Impersonate"=dword:00000000
      "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
      6c,00,6c,00,00,00
      "Logoff"="CryptnetWlxLogoffEvent"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
      "DLLName"="cscdll.dll"
      "Logon"="WinlogonLogonEvent"
      "Logoff"="WinlogonLogoffEvent"
      "ScreenSaver"="WinlogonScreenSaverEvent"
      "Startup"="WinlogonStartupEvent"
      "Shutdown"="WinlogonShutdownEvent"
      "StartShell"="WinlogonStartShellEvent"
      "Impersonate"=dword:00000000
      "Asynchronous"=dword:00000001

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
      "DLLName"="wlnotify.dll"
      "Logon"="SCardStartCertProp"
      "Logoff"="SCardStopCertProp"
      "Lock"="SCardSuspendCertProp"
      "Unlock"="SCardResumeCertProp"
      "Enabled"=dword:00000001
      "Impersonate"=dword:00000001
      "Asynchronous"=dword:00000001

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
      "Asynchronous"=dword:00000000
      "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
      6c,00,6c,00,00,00
      "Impersonate"=dword:00000000
      "StartShell"="SchedStartShell"
      "Logoff"="SchedEventLogOff"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
      "Logoff"="WLEventLogoff"
      "Impersonate"=dword:00000000
      "Asynchronous"=dword:00000001
      "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
      6c,00,6c,00,00,00

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
      "DLLName"="WlNotify.dll"
      "Lock"="SensLockEvent"
      "Logon"="SensLogonEvent"
      "Logoff"="SensLogoffEvent"
      "Safe"=dword:00000001
      "MaxWait"=dword:00000258
      "StartScreenSaver"="SensStartScreenSaverEvent"
      "StopScreenSaver"="SensStopScreenSaverEvent"
      "Startup"="SensStartupEvent"
      "Shutdown"="SensShutdownEvent"
      "StartShell"="SensStartShellEvent"
      "PostShell"="SensPostShellEvent"
      "Disconnect"="SensDisconnectEvent"
      "Reconnect"="SensReconnectEvent"
      "Unlock"="SensUnlockEvent"
      "Impersonate"=dword:00000001
      "Asynchronous"=dword:00000001

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap]
      "Asynchronous"=dword:00000000
      "DllName"="C:\\WINDOWS\\system32\\enj6l11s1.dll"
      "Impersonate"=dword:00000000
      "Logon"="WinLogon"
      "Logoff"="WinLogoff"
      "Shutdown"="WinShutdown"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
      "Asynchronous"=dword:00000000
      "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
      6c,00,6c,00,00,00
      "Impersonate"=dword:00000000
      "Logoff"="TSEventLogoff"
      "Logon"="TSEventLogon"
      "PostShell"="TSEventPostShell"
      "Shutdown"="TSEventShutdown"
      "StartShell"="TSEventStartShell"
      "Startup"="TSEventStartup"
      "MaxWait"=dword:00000258
      "Reconnect"="TSEventReconnect"
      "Disconnect"="TSEventDisconnect"

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
      "DLLName"="wlnotify.dll"
      "Logon"="RegisterTicketExpiredNotificationEvent"
      "Logoff"="UnregisterTicketExpiredNotificationEvent"
      "Impersonate"=dword:00000001
      "Asynchronous"=dword:00000001


      RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
      Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
      This program is Freeware, use it on your own risk!

      Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
      (NI) ALLOW Full access AUTORITE NT\SYSTEM
      (IO) ALLOW Full access AUTORITE NT\SYSTEM
      (NI) ALLOW Full access AUTORITE NT\SYSTEM
      (IO) ALLOW Full access AUTORITE NT\SYSTEM
      (ID-NI) ALLOW Read BUILTIN\Utilisateurs
      (ID-IO) ALLOW Read BUILTIN\Utilisateurs
      (ID-NI) ALLOW Full access BUILTIN\Administrateurs
      (ID-IO) ALLOW Full access BUILTIN\Administrateurs
      (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
      (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
      (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE


      **********************************************************************************
      useragent:
      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
      "{B0B8FE2A-2B17-A71C-42C1-F85DB8F174B4}"=""

      **********************************************************************************
      Shell Extension key:
      Windows Registry Editor Version 5.00

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
      "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
      "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
      "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
      "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
      "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
      "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
      "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
      "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
      "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
      "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
      "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
      "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
      "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
      "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
      "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
      "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
      "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
      "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
      "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
      "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
      "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
      "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
      "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
      "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
      "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
      "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
      "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
      "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
      "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
      "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
      "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
      "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
      "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
      "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
      "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
      "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
      "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
      "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
      "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
      "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
      "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
      "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
      "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
      "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
      "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
      "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
      "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
      "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
      "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
      "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
      "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
      "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
      "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
      "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
      "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
      "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
      "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
      "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
      "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
      "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
      "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
      "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
      "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
      "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
      "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
      "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
      "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
      "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
      "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
      "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
      "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
      "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
      "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
      "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
      "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
      "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
      "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
      "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
      "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
      "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
      "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
      "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
      "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
      "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
      "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
      "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
      "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
      "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
      "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
      "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
      "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
      "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
      "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
      "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
      "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
      "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
      "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
      "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
      "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
      "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
      "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
      "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
      "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
      "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
      "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
      "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
      "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
      "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
      "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
      "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
      "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
      "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
      "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
      "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
      "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
      "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
      "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
      "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
      "{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
      "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
      "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
      "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
      "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
      "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
      "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
      "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
      "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
      "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
      "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
      "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
      "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
      "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
      "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
      "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
      "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
      "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
      "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
      "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
      "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
      "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
      "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
      "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
      "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
      "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
      "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
      "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
      "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
      "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
      "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
      "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
      "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
      "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
      "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
      "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
      "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
      "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
      "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
      "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
      "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
      "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
      "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
      "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
      "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
      "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
      "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
      "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
      "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
      "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
      "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
      "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
      "{C169E5F0-E2B3-41F3-B81A-7BA529CBE193}"="ZipGenius Shell Extension"
      "{2E5AC2E0-406D-11D4-86B3-FA5861508E25}"="ZipGenius Zip InfoTip"
      "{310A0C95-EA11-42AE-A8E4-53E69E650310}"="ZipGenius Zip Drop handler"
      "{FE8D01BF-610A-4261-9C6E-32D65A42C907}"="ZipGenius Drag and Drop handler"
      "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
      "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
      "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
      "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
      "{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}"="My Labtec Pictures"
      "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
      "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
      "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
      "{950FF917-7A57-46BC-8017-59D9BF474000}"="Shell Extension for CDRW"
      "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
      "{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="aý Context Menu Shell Extension"
      "{4D2D8817-2568-416D-B692-57D88D2FE2F9}"=""

      **********************************************************************************
      HKEY ROOT CLASSIDS:
      Windows Registry Editor Version 5.00

      [HKEY_CLASSES_ROOT\CLSID\{4D2D8817-2568-416D-B692-57D88D2FE2F9}]
      @=""

      [HKEY_CLASSES_ROOT\CLSID\{4D2D8817-2568-416D-B692-57D88D2FE2F9}\Implemented Categories]
      @=""

      [HKEY_CLASSES_ROOT\CLSID\{4D2D8817-2568-416D-B692-57D88D2FE2F9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
      @=""

      [HKEY_CLASSES_ROOT\CLSID\{4D2D8817-2568-416D-B692-57D88D2FE2F9}\InprocServer32]
      @="C:\\WINDOWS\\system32\\lycmp13n.dll"
      "ThreadingModel"="Apartment"

      **********************************************************************************
      Files Found are not all bad files:

      C:\WINDOWS\SYSTEM32\
      atmtd.dll Thu 27 Oct 2005 6:53:44 A.... 687 592 671,48 K
      bassmod.dll Mon 24 Oct 2005 13:41:58 A.... 34 308 33,50 K
      browseui.dll Sat 3 Sep 2005 1:06:12 A.... 1 020 416 996,50 K
      cdfview.dll Sat 3 Sep 2005 1:06:12 A.... 152 064 148,50 K
      cdosys.dll Sat 10 Sep 2005 2:55:14 A.... 2 067 968 1,97 M
      danim.dll Sat 3 Sep 2005 1:06:12 A.... 1 056 256 1,00 M
      dxtrans.dll Sat 3 Sep 2005 1:06:12 A.... 205 312 200,50 K
      enj6l1~1.dll Sun 30 Oct 2005 20:17:08 ..S.R 233 670 228,19 K
      extmgr.dll Sat 3 Sep 2005 1:06:12 ..... 55 808 54,50 K
      iepeers.dll Sat 3 Sep 2005 1:06:12 A.... 251 392 245,50 K
      inseng.dll Sat 3 Sep 2005 1:06:12 A.... 96 768 94,50 K
      irr0l5~1.dll Mon 31 Oct 2005 5:08:40 ..S.R 237 041 231,48 K
      linkinfo.dll Thu 1 Sep 2005 2:43:38 A.... 19 968 19,50 K
      lodorage.dll Thu 27 Oct 2005 6:51:38 A.... 45 056 44,00 K
      lycmp13n.dll Tue 1 Nov 2005 4:13:22 ..... 233 670 228,19 K
      mshtml.dll Tue 4 Oct 2005 16:26:06 A.... 3 013 120 2,87 M
      mshtmled.dll Sat 3 Sep 2005 1:06:12 A.... 448 512 438,00 K
      msrating.dll Sat 3 Sep 2005 1:06:12 A.... 146 432 143,00 K
      mstime.dll Sat 3 Sep 2005 1:06:12 A.... 530 432 518,00 K
      nchtml.dll Sun 30 Oct 2005 6:44:44 ..S.R 233 670 228,19 K
      netman.dll Mon 22 Aug 2005 19:35:10 A.... 197 632 193,00 K
      oaffilt.dll Sun 30 Oct 2005 19:28:00 ..S.R 237 041 231,48 K
      pngfilt.dll Sat 3 Sep 2005 1:06:12 A.... 39 424 38,50 K
      quartz.dll Tue 30 Aug 2005 4:55:44 A.... 1 293 312 1,23 M
      shdocvw.dll Sat 3 Sep 2005 1:06:12 A.... 1 484 288 1,41 M
      shell32.dll Fri 23 Sep 2005 4:07:00 A.... 8 506 880 8,11 M
      shlwapi.dll Sat 3 Sep 2005 1:06:12 A.... 474 112 463,00 K
      sirenacm.dll Thu 13 Oct 2005 8:11:06 A.... 118 784 116,00 K
      umpnpmgr.dll Tue 23 Aug 2005 4:39:36 A.... 124 928 122,00 K
      urlmon.dll Sat 3 Sep 2005 1:06:12 A.... 605 696 591,50 K
      wininet.dll Sat 3 Sep 2005 1:06:12 A.... 662 528 647,00 K
      winsrv.dll Thu 1 Sep 2005 2:43:38 A.... 292 352 285,50 K
      wodfamoh.dll Thu 27 Oct 2005 20:08:10 ...H. 699 392 683,00 K

      33 items found: 33 files (5 H/S), 0 directories.
      Total of file sizes: 25 505 824 bytes 24,32 M
      Locate .tmp files:

      C:\WINDOWS\SYSTEM32\
      guard.tmp Tue 1 Nov 2005 4:15:22 ..S.R 233 670 228,19 K

      1 item found: 1 file (1 H/S), 0 directories.
      Total of file sizes: 233 670 bytes 228,19 K
      **********************************************************************************
      Directory Listing of system files:
      Le volume dans le lecteur C n'a pas de nom.
      Le num‚ro de s‚rie du volume est 18AB-8393

      R‚pertoire de C:\WINDOWS\System32

      01/11/2005 04:15 233ÿ670 guard.tmp
      31/10/2005 05:08 237ÿ041 irr0l59m1.dll
      30/10/2005 20:17 233ÿ670 enj6l11s1.dll
      30/10/2005 19:27 237ÿ041 oaffilt.dll
      30/10/2005 06:44 233ÿ670 nchtml.dll
      28/10/2005 17:46 <REP> dllcache
      24/10/2005 13:39 3ÿ350 KGyGaAvL.sys
      24/10/2005 13:17 56 D030856310.sys
      26/06/2005 06:23 8ÿ192 Thumbs.db
      15/03/2005 20:02 <REP> Microsoft
      8 fichier(s) 1ÿ186ÿ690 octets
      2 R‚p(s) 13ÿ710ÿ290ÿ944 octets libres
      0
  7. kikiseb
     
    L2MFIX find log 1.04a
    These are the registry keys present
    **********************************************************************************
    Winlogon/notify:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IPConfTSP]
    "Asynchronous"=dword:00000000
    "DllName"="C:\\WINDOWS\\system32\\hr4605hse.dll"
    "Impersonate"=dword:00000000
    "Logon"="WinLogon"
    "Logoff"="WinLogoff"
    "Shutdown"="WinShutdown"

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    **********************************************************************************
    useragent:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    "{7EABD0DA-7EE3-C8F3-24D7-0F67CB5C80DE}"=""

    **********************************************************************************
    Shell Extension key:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
    "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
    "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
    "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
    "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
    "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
    "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
    "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
    "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
    "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
    "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
    "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
    "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
    "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
    "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
    "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
    "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
    "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
    "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
    "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
    "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
    "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
    "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
    "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
    "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
    "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
    "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
    "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
    "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
    "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
    "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
    "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
    "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host"
    "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
    "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
    "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
    "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
    "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
    "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
    "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
    "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
    "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
    "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
    "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
    "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
    "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
    "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
    "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
    "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
    "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
    "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
    "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
    "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
    "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
    "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
    "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
    "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
    "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
    "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
    "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
    "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
    "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
    "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
    "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
    "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
    "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
    "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
    "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
    "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
    "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
    "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
    "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
    "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
    "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
    "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
    "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
    "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
    "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
    "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
    "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
    "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
    "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
    "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
    "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
    "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
    "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
    "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
    "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
    "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
    "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
    "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
    "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
    "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
    "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
    "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
    "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
    "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
    "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
    "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
    "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
    "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
    "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
    "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
    "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
    "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
    "{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
    "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
    "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
    "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
    "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
    "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
    "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
    "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
    "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
    "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
    "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
    "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
    "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
    "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
    "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
    "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
    "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
    "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
    "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
    "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
    "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
    "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
    "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
    "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
    "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
    "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
    "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
    "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
    "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
    "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
    "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
    "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
    "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
    "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
    "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
    "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
    "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
    "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
    "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
    "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
    "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
    "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
    "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
    "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
    "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
    "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
    "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
    "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
    "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
    "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
    "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
    "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}"="SampleView"
    "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
    "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
    "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
    "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
    "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
    "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
    "{5E44E225-A408-11CF-B581-008029601108}"="Roxio DragToDisc Shell Extension"
    "{A44D5ACC-3411-40DE-9AD3-214FFB2ED7AC}"="My Media"
    "{00020000-0000-1011-8004-0000C06B5161}"="WIBU-SYSTEMS Shell Extension"
    "{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}"="Adobe.Acrobat.ContextMenu"
    "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
    "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
    "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
    "{8FF88D21-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Context Menu Shell Extension"
    "{8FF88D25-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 DragDrop Shell Extension"
    "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Context Menu Shell Extension"
    "{8FF88D23-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Property Sheet Shell Extension"
    "{AC1DB655-4F9A-4c39-8AD2-A65324A4C446}"="Autodesk Drawing Preview"
    "{36A21736-36C2-4C11-8ACB-D4136F2B57BD}"="Identificateur de superposition : ic“ne Signatures num‚riques de AutoCAD"
    @=""
    "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
    "{ABC70703-32AF-11d4-90C4-D483A70F4825}"="CMenuExtender"
    "{0f0a4d40-adf0-4e8f-98d8-7208b98be01e}"="ImageShack QuickLoad Image Uploader"
    "{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}"="PhotoToys"
    "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}"="Piky Basket"
    "{709C6E11-538F-4759-86AC-6ACB302AA0DE}"="Desktop Manager"
    "{76EDEF4C-1313-11d3-8705-00C04FB16A21}"="Audio Player backend"
    "{65F411C7-F4EE-11d2-9B7D-00C04FB16A21}"="Audio Player"
    "{efb97cb8-a4a4-4357-a261-002ffaed0267}"="CD Slideshow Powertoy"
    "{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}"=""
    "{52B87208-9CCF-42C9-B88E-069281105805}"="Trojan Remover Shell Extension"
    "{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v8"

    **********************************************************************************
    HKEY ROOT CLASSIDS:
    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\InprocServer32]
    @="C:\\WINDOWS\\system32\\dJdramp.dll"
    "ThreadingModel"="Apartment"

    **********************************************************************************
    Files Found are not all bad files:

    C:\WINDOWS\SYSTEM32\
    abi2dvag.dll Fri 28 Oct 2005 0:41:48 ..S.R 234 819 229,31 K
    aotapi.dll Thu 27 Oct 2005 10:52:44 ..S.R 234 819 229,31 K
    aqi3d1ag.dll Wed 26 Oct 2005 21:24:10 ..S.R 235 603 230,08 K
    atmtd.dll Wed 26 Oct 2005 12:37:10 A.... 687 592 671,48 K
    browseui.dll Sat 3 Sep 2005 1:06:12 A.... 1 020 416 996,50 K
    bwmedia.dll Sun 28 Aug 2005 22:45:08 A.... 150 016 146,50 K
    bwmedia1.dll Sun 28 Aug 2005 22:45:08 A.... 295 424 288,50 K
    cdfview.dll Sat 3 Sep 2005 1:06:12 ..... 152 064 148,50 K
    cdosys.dll Sat 10 Sep 2005 2:55:14 ..... 2 067 968 1,97 M
    cdyptext.dll Thu 27 Oct 2005 10:24:58 ..S.R 234 370 228,88 K
    danim.dll Sat 3 Sep 2005 1:06:12 ..... 1 056 256 1,00 M
    djdramp.dll Tue 1 Nov 2005 15:58:00 ..S.R 236 069 230,54 K
    dxtrans.dll Sat 3 Sep 2005 1:06:12 ..... 205 312 200,50 K
    extmgr.dll Sat 3 Sep 2005 1:06:12 ..... 55 808 54,50 K
    g4jo0e~1.dll Thu 27 Oct 2005 1:04:30 ..... 234 370 228,88 K
    hr4605~1.dll Fri 28 Oct 2005 10:20:16 ..S.R 236 069 230,54 K
    iepeers.dll Sat 3 Sep 2005 1:06:12 A.... 251 392 245,50 K
    inseng.dll Sat 3 Sep 2005 1:06:12 ..... 96 768 94,50 K
    l0n40a~1.dll Fri 28 Oct 2005 12:54:18 ..S.R 235 424 229,91 K
    linkinfo.dll Thu 1 Sep 2005 2:43:38 ..... 19 968 19,50 K
    mshtml.dll Tue 4 Oct 2005 16:26:06 A.... 3 013 120 2,87 M
    mshtmled.dll Sat 3 Sep 2005 1:06:12 A.... 448 512 438,00 K
    msrating.dll Sat 3 Sep 2005 1:06:12 A.... 146 432 143,00 K
    mstime.dll Sat 3 Sep 2005 1:06:12 ..... 530 432 518,00 K
    netman.dll Mon 22 Aug 2005 19:35:10 A.... 197 632 193,00 K
    pngfilt.dll Sat 3 Sep 2005 1:06:12 A.... 39 424 38,50 K
    shdocvw.dll Sat 3 Sep 2005 1:06:12 A.... 1 484 288 1,41 M
    shell32.dll Fri 23 Sep 2005 4:07:00 A.... 8 506 880 8,11 M
    shlwapi.dll Sat 3 Sep 2005 1:06:12 A.... 474 112 463,00 K
    sirenacm.dll Sat 13 Aug 2005 20:41:12 A.... 118 784 116,00 K
    soflhtml.dll Wed 26 Oct 2005 20:31:22 A.... 45 056 44,00 K
    umpnpmgr.dll Tue 23 Aug 2005 4:39:36 A.... 124 928 122,00 K
    urlmon.dll Sat 3 Sep 2005 1:06:12 A.... 605 696 591,50 K
    wep.dll Fri 21 Oct 2005 1:44:10 A.... 75 264 73,50 K
    wininet.dll Sat 3 Sep 2005 1:06:12 A.... 662 528 647,00 K
    winsrv.dll Thu 1 Sep 2005 2:43:38 A.... 292 352 285,50 K
    winsusrm.dll Wed 31 Aug 2005 14:19:46 A.... 264 0,26 K

    37 items found: 37 files (7 H/S), 0 directories.
    Total of file sizes: 24 706 231 bytes 23,56 M
    Locate .tmp files:

    C:\WINDOWS\SYSTEM32\
    trj_nt~1.tmp Thu 27 Oct 2005 16:55:20 A.... 1 896 1,85 K

    1 item found: 1 file, 0 directories.
    Total of file sizes: 1 896 bytes 1,85 K
    **********************************************************************************
    Directory Listing of system files:
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 2493-4810

    R‚pertoire de C:\WINDOWS\System32

    01/11/2005 15:57 236ÿ069 dJdramp.dll
    28/10/2005 12:54 235ÿ424 l0n40a5qed.dll
    28/10/2005 10:20 236ÿ069 hr4605hse.dll
    28/10/2005 00:41 234ÿ819 abi2dvag.dll
    27/10/2005 18:23 5 AuxDrv32ds_g.ods
    27/10/2005 18:23 5 AuxDrv32ds_k.ods
    27/10/2005 10:52 234ÿ819 aotapi.dll
    27/10/2005 10:24 234ÿ370 cdyptext.dll
    26/10/2005 21:24 235ÿ603 aqi3d1ag.dll
    18/10/2005 00:34 <REP> dllcache
    27/08/2005 18:03 536ÿ576 wudupdate.exe
    17/08/2005 14:54 6ÿ144 access.ctl
    18/10/2004 18:54 <REP> Microsoft
    11 fichier(s) 2ÿ189ÿ903 octets
    2 R‚p(s) 35ÿ457ÿ998ÿ848 octets libres
    0
  8. Real Mona Messages postés 1432 Statut Membre 94
     
    relance l2mfix et clique sur l2mfix.bat et cette foix clique sur l'option2 et laisse le faire et met moi le rapport et un
    nouveau rapport HijackThis.

    A+
    Mona
    0
  9. Real Mona Messages postés 1432 Statut Membre 94
     
    c'est le rapport de l'option 2 qui m interesse stp et quand tu réponds clique sur "continuer la discussion" ou tape ton texte directement dans la case en bas "répondre à ce message"

    A+
    Mona
    0
  10. kikiseb
     
    Voilà le rapport:

    L2Mfix 1.04a

    Running From:
    C:\Documents and Settings\S‚bastien\Bureau\l2mfix

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    Setting registry permissions:

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Denying C(CI) access for predefined group "Administrators"
    - adding new ACCESS DENY entry

    Registry Permissions set too:

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (CI) DENY --C------- BUILTIN\Administrateurs
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    Setting up for Reboot

    Starting Reboot!

    Désolé pour le fait de cliquer sur 'Répondre' mais chez moi, le site déconne !
    0
  11. lmdup Messages postés 2 Statut Membre
     
    il ne me fait pas un rapport il m'ouvre une fenetre ou il y a ecrit:

    Original registry permissions:
    setting registry permission.
    registry permissions set
    the system will reboot now.
    appuyez sur une touche pour continuer...
    0
  12. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    salut
    et bien il te le dit appuie sur une touche et apres tu choisi l option 2
    0
  13. kikiseb
     
    lmdup:
    -> va voir dans ton dossier où tu as décompressé lm2fix
    Il y a un rapport qui a été créé

    Et stp, ne coupe pas la conversation
    Je ne sais pas comment Real Mona s'y retrouve

    Mon rapport de fix est au-dessus
    0
  14. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    si c est a moi que tu dit ceci
    Et stp, ne coupe pas la conversation 
    Je ne sais pas comment Real Mona s'y retrouve 


    debrouller vous
    0
    1. bernie61
       
      salut balltrap
      non non on a toujours besoin de toi lol,
      regardes il s'adresse à Indup

      bonne soirée
      a+
      0
  15. kikiseb
     
    Mais non balltrap
    Je le disais à lmdup
    Merci pour ton aide

    Le truc c'est qu'il poste ses rapports en même temps que moi
    Je comprend qu'il soit pressé (car c'est vraiment penible) mais si Real mona me repond de faire quelque chose et que c'est lui qui le fait (ou inversement), on arrivera à rien

    Voilou
    0
  16. balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
     
    oki
    j avais pas compris lol
    desoler
    0
  17. Real Mona Messages postés 1432 Statut Membre 94
     
    Hello à tous,

    OK !!! ca y est je me suis complètement embrouillée à cause de l'intrusion de "imdup" car je croyais toujours parler à kikiseb... et comme je ne regarde pas les pseudos des personnes qui me répondent, j'ai cru que c'était kikiseb...

    Je vais de ce pas demander aux moderateurs d'effacer les messages de imdup car c'est vrai on ne s'y retrouve plus !!!

    Bon, kikiseb, reprenons, où en étions nous ?

    Mona
    0
  18. kikiseb
     
    Je le savais !

    Avant fix:
    [quote]L2MFIX find log 1.04a
    These are the registry keys present
    **********************************************************************************
    Winlogon/notify:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IPConfTSP]
    "Asynchronous"=dword:00000000
    "DllName"="C:\\WINDOWS\\system32\\hr4605hse.dll"
    "Impersonate"=dword:00000000
    "Logon"="WinLogon"
    "Logoff"="WinLogoff"
    "Shutdown"="WinShutdown"

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    **********************************************************************************
    useragent:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    "{7EABD0DA-7EE3-C8F3-24D7-0F67CB5C80DE}"=""

    **********************************************************************************
    Shell Extension key:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
    "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
    "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
    "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
    "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
    "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
    "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
    "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
    "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
    "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
    "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
    "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
    "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
    "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
    "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
    "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
    "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
    "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
    "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
    "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
    "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
    "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
    "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
    "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
    "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
    "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
    "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
    "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
    "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
    "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
    "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
    "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
    "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host"
    "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
    "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
    "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
    "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
    "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
    "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
    "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
    "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
    "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
    "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
    "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
    "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
    "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
    "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
    "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
    "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
    "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
    "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
    "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
    "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
    "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
    "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
    "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
    "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
    "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
    "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
    "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
    "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
    "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
    "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
    "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
    "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
    "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
    "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
    "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
    "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
    "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
    "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
    "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
    "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
    "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
    "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
    "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
    "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
    "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
    "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
    "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
    "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
    "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
    "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
    "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
    "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
    "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
    "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
    "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
    "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
    "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
    "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
    "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
    "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
    "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
    "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
    "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
    "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
    "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
    "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
    "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
    "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
    "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
    "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
    "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
    "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
    "{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
    "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
    "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
    "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
    "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
    "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
    "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
    "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
    "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
    "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
    "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
    "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
    "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
    "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
    "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
    "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
    "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
    "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
    "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
    "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
    "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
    "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
    "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
    "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
    "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
    "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
    "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
    "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
    "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
    "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
    "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
    "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
    "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
    "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
    "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
    "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
    "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
    "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
    "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
    "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
    "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
    "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
    "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
    "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
    "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
    "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
    "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
    "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
    "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
    "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
    "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
    "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}"="SampleView"
    "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
    "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
    "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
    "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
    "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
    "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
    "{5E44E225-A408-11CF-B581-008029601108}"="Roxio DragToDisc Shell Extension"
    "{A44D5ACC-3411-40DE-9AD3-214FFB2ED7AC}"="My Media"
    "{00020000-0000-1011-8004-0000C06B5161}"="WIBU-SYSTEMS Shell Extension"
    "{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}"="Adobe.Acrobat.ContextMenu"
    "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
    "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
    "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
    "{8FF88D21-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Context Menu Shell Extension"
    "{8FF88D25-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 DragDrop Shell Extension"
    "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Context Menu Shell Extension"
    "{8FF88D23-7BD0-11D1-BFB7-00AA00262A11}"="WinAce Archiver 2.5 Property Sheet Shell Extension"
    "{AC1DB655-4F9A-4c39-8AD2-A65324A4C446}"="Autodesk Drawing Preview"
    "{36A21736-36C2-4C11-8ACB-D4136F2B57BD}"="Identificateur de superposition : ic“ne Signatures num‚riques de AutoCAD"
    @=""
    "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
    "{ABC70703-32AF-11d4-90C4-D483A70F4825}"="CMenuExtender"
    "{0f0a4d40-adf0-4e8f-98d8-7208b98be01e}"="ImageShack QuickLoad Image Uploader"
    "{1530F7EE-5128-43BD-9977-84A4B0FAD7DF}"="PhotoToys"
    "{C38C9EFF-166C-11D4-98D6-204C4F4F5020}"="Piky Basket"
    "{709C6E11-538F-4759-86AC-6ACB302AA0DE}"="Desktop Manager"
    "{76EDEF4C-1313-11d3-8705-00C04FB16A21}"="Audio Player backend"
    "{65F411C7-F4EE-11d2-9B7D-00C04FB16A21}"="Audio Player"
    "{efb97cb8-a4a4-4357-a261-002ffaed0267}"="CD Slideshow Powertoy"
    "{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}"=""
    "{52B87208-9CCF-42C9-B88E-069281105805}"="Trojan Remover Shell Extension"
    "{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v8"

    **********************************************************************************
    HKEY ROOT CLASSIDS:
    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{14AFC2B5-9A5F-47DD-90E1-41DEF55FCFB5}\InprocServer32]
    @="C:\\WINDOWS\\system32\\dJdramp.dll"
    "ThreadingModel"="Apartment"

    **********************************************************************************
    Files Found are not all bad files:

    C:\WINDOWS\SYSTEM32\
    abi2dvag.dll Fri 28 Oct 2005 0:41:48 ..S.R 234 819 229,31 K
    aotapi.dll Thu 27 Oct 2005 10:52:44 ..S.R 234 819 229,31 K
    aqi3d1ag.dll Wed 26 Oct 2005 21:24:10 ..S.R 235 603 230,08 K
    atmtd.dll Wed 26 Oct 2005 12:37:10 A.... 687 592 671,48 K
    browseui.dll Sat 3 Sep 2005 1:06:12 A.... 1 020 416 996,50 K
    bwmedia.dll Sun 28 Aug 2005 22:45:08 A.... 150 016 146,50 K
    bwmedia1.dll Sun 28 Aug 2005 22:45:08 A.... 295 424 288,50 K
    cdfview.dll Sat 3 Sep 2005 1:06:12 ..... 152 064 148,50 K
    cdosys.dll Sat 10 Sep 2005 2:55:14 ..... 2 067 968 1,97 M
    cdyptext.dll Thu 27 Oct 2005 10:24:58 ..S.R 234 370 228,88 K
    danim.dll Sat 3 Sep 2005 1:06:12 ..... 1 056 256 1,00 M
    djdramp.dll Tue 1 Nov 2005 15:58:00 ..S.R 236 069 230,54 K
    dxtrans.dll Sat 3 Sep 2005 1:06:12 ..... 205 312 200,50 K
    extmgr.dll Sat 3 Sep 2005 1:06:12 ..... 55 808 54,50 K
    g4jo0e~1.dll Thu 27 Oct 2005 1:04:30 ..... 234 370 228,88 K
    hr4605~1.dll Fri 28 Oct 2005 10:20:16 ..S.R 236 069 230,54 K
    iepeers.dll Sat 3 Sep 2005 1:06:12 A.... 251 392 245,50 K
    inseng.dll Sat 3 Sep 2005 1:06:12 ..... 96 768 94,50 K
    l0n40a~1.dll Fri 28 Oct 2005 12:54:18 ..S.R 235 424 229,91 K
    linkinfo.dll Thu 1 Sep 2005 2:43:38 ..... 19 968 19,50 K
    mshtml.dll Tue 4 Oct 2005 16:26:06 A.... 3 013 120 2,87 M
    mshtmled.dll Sat 3 Sep 2005 1:06:12 A.... 448 512 438,00 K
    msrating.dll Sat 3 Sep 2005 1:06:12 A.... 146 432 143,00 K
    mstime.dll Sat 3 Sep 2005 1:06:12 ..... 530 432 518,00 K
    netman.dll Mon 22 Aug 2005 19:35:10 A.... 197 632 193,00 K
    pngfilt.dll Sat 3 Sep 2005 1:06:12 A.... 39 424 38,50 K
    shdocvw.dll Sat 3 Sep 2005 1:06:12 A.... 1 484 288 1,41 M
    shell32.dll Fri 23 Sep 2005 4:07:00 A.... 8 506 880 8,11 M
    shlwapi.dll Sat 3 Sep 2005 1:06:12 A.... 474 112 463,00 K
    sirenacm.dll Sat 13 Aug 2005 20:41:12 A.... 118 784 116,00 K
    soflhtml.dll Wed 26 Oct 2005 20:31:22 A.... 45 056 44,00 K
    umpnpmgr.dll Tue 23 Aug 2005 4:39:36 A.... 124 928 122,00 K
    urlmon.dll Sat 3 Sep 2005 1:06:12 A.... 605 696 591,50 K
    wep.dll Fri 21 Oct 2005 1:44:10 A.... 75 264 73,50 K
    wininet.dll Sat 3 Sep 2005 1:06:12 A.... 662 528 647,00 K
    winsrv.dll Thu 1 Sep 2005 2:43:38 A.... 292 352 285,50 K
    winsusrm.dll Wed 31 Aug 2005 14:19:46 A.... 264 0,26 K

    37 items found: 37 files (7 H/S), 0 directories.
    Total of file sizes: 24 706 231 bytes 23,56 M
    Locate .tmp files:

    C:\WINDOWS\SYSTEM32\
    trj_nt~1.tmp Thu 27 Oct 2005 16:55:20 A.... 1 896 1,85 K

    1 item found: 1 file, 0 directories.
    Total of file sizes: 1 896 bytes 1,85 K
    **********************************************************************************
    Directory Listing of system files:
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 2493-4810

    R‚pertoire de C:\WINDOWS\System32

    01/11/2005 15:57 236ÿ069 dJdramp.dll
    28/10/2005 12:54 235ÿ424 l0n40a5qed.dll
    28/10/2005 10:20 236ÿ069 hr4605hse.dll
    28/10/2005 00:41 234ÿ819 abi2dvag.dll
    27/10/2005 18:23 5 AuxDrv32ds_g.ods
    27/10/2005 18:23 5 AuxDrv32ds_k.ods
    27/10/2005 10:52 234ÿ819 aotapi.dll
    27/10/2005 10:24 234ÿ370 cdyptext.dll
    26/10/2005 21:24 235ÿ603 aqi3d1ag.dll
    18/10/2005 00:34 <REP> dllcache
    27/08/2005 18:03 536ÿ576 wudupdate.exe
    17/08/2005 14:54 6ÿ144 access.ctl
    18/10/2004 18:54 <REP> Microsoft
    11 fichier(s) 2ÿ189ÿ903 octets
    2 R‚p(s) 35ÿ457ÿ998ÿ848 octets libres[/quote]

    Après le fix:

    [quote]L2Mfix 1.04a

    Running From:
    C:\Documents and Settings\S‚bastien\Bureau\l2mfix

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    Setting registry permissions:

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Denying C(CI) access for predefined group "Administrators"
    - adding new ACCESS DENY entry

    Registry Permissions set too:

    RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
    Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
    This program is Freeware, use it on your own risk!

    Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
    (CI) DENY --C------- BUILTIN\Administrateurs
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (NI) ALLOW Full access AUTORITE NT\SYSTEM
    (IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-NI) ALLOW Read BUILTIN\Utilisateurs
    (ID-IO) ALLOW Read BUILTIN\Utilisateurs
    (ID-NI) ALLOW Full access BUILTIN\Administrateurs
    (ID-IO) ALLOW Full access BUILTIN\Administrateurs
    (ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
    (ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

    Setting up for Reboot

    Starting Reboot![/quote]

    Voilà !!!
    0
  19. Real Mona Messages postés 1432 Statut Membre 94
     
    ppfffff.... quel micmac !

    Bon, refais moi un log HijackThis et dis moi où en sont tes soucis ?

    Mona
    0
    1. kikiseb
       
      Logfile of HijackThis v1.99.1
      Scan saved at 17:30:52, on 01/11/2005
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
      C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
      C:\Program Files\WinRoll\winroll.exe
      C:\Medias\Winamp\winampa.exe
      C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
      C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
      C:\Program Files\SuperCopier\SuperCopier.exe
      C:\Internet\INCRED~1\bin\IMApp.exe
      C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\Fast.exe
      C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
      C:\Bureautique\Office\OFFICE11\OUTLOOK.EXE
      C:\Medias\Radio Fr Solo\Radio_Fr_Solo.exe
      C:\Internet\INCRED~1\bin\IncMail.exe
      C:\Documents and Settings\Sébastien\Bureau\hijackthis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
      O3 - Toolbar: Avenir Massylvain Toolbar - {89DA4411-E4AD-4FCE-9552-9320EB700985} - C:\Program Files\Avenir Massylvain Toolbar\avenir_massylvain.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
      O4 - HKLM\..\Run: [IncrediMail] C:\Internet\IncrediMail\bin\IncMail.exe /c
      O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
      O4 - HKLM\..\Run: [Winroll] C:\Program Files\WinRoll\winroll.exe
      O4 - HKLM\..\Run: [WinampAgent] C:\Medias\Winamp\winampa.exe
      O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
      O4 - HKLM\..\Run: [MNI.UWFX5V_0001_LP1710] "C:\Documents and Settings\Sébastien\Bureau\WinFixer2005ScannerInstallFRA.exe"
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ObjectDock] C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
      O4 - HKCU\..\Run: [HSIMargin] C:\Personnalisation\WinOSX\Sébastien\HSI\HSI.exe "C:\Personnalisation\WinOSX\Sébastien\HSI\Margin.hss"
      O4 - HKCU\..\Run: [YzShadow] C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
      O4 - Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
      O4 - Global Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
      O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
      O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
      O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\BUREAU~1\Office\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
      O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
      O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
      O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\BUREAU~1\Office\OFFICE11\REFIEBAR.DLL
      O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
      O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{BD242EF7-C1E1-44BC-9979-52859FBBE4F9}: NameServer = 212.27.32.176,212.27.32.177
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: Command Service (cmdService) - CMD Technology, Inc. - (no file)
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
      O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
      O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
      0
  20. Real Mona Messages postés 1432 Statut Membre 94
     
    Merci je le regarde mais :
    Bon, refais moi un log HijackThis et dis moi où en sont tes soucis ?

    Please !

    Mona
    0
  21. kikiseb
     
    Logfile of HijackThis v1.99.1
    Scan saved at 20:01:56, on 01/11/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\WinRoll\winroll.exe
    C:\Medias\Winamp\winampa.exe
    C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
    C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
    C:\Program Files\SuperCopier\SuperCopier.exe
    C:\Internet\INCRED~1\bin\IMApp.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\Fast.exe
    C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
    C:\Bureautique\Office\OFFICE11\OUTLOOK.EXE
    C:\Archi 3d\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\Illustrator.exe
    C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
    C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
    C:\Internet\INCRED~1\bin\IncMail.exe
    C:\Documents and Settings\Sébastien\Bureau\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://avenir.massylvain.free.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O3 - Toolbar: Avenir Massylvain Toolbar - {89DA4411-E4AD-4FCE-9552-9320EB700985} - C:\Program Files\Avenir Massylvain Toolbar\avenir_massylvain.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [IncrediMail] C:\Internet\IncrediMail\bin\IncMail.exe /c
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [Winroll] C:\Program Files\WinRoll\winroll.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Medias\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
    O4 - HKLM\..\Run: [MNI.UWFX5V_0001_LP1710] "C:\Documents and Settings\Sébastien\Bureau\WinFixer2005ScannerInstallFRA.exe"
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ObjectDock] C:\Personnalisation\WinOSX\Sébastien\ObjectDock\ObjectDock.exe
    O4 - HKCU\..\Run: [HSIMargin] C:\Personnalisation\WinOSX\Sébastien\HSI\HSI.exe "C:\Personnalisation\WinOSX\Sébastien\HSI\Margin.hss"
    O4 - HKCU\..\Run: [YzShadow] C:\Personnalisation\WinOSX\Sébastien\YzShadow\YzShadow.exe
    O4 - Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
    O4 - Global Startup: SuperCopier.lnk = C:\Program Files\SuperCopier\SuperCopier.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\BUREAU~1\Office\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Internet\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\BUREAU~1\Office\OFFICE11\REFIEBAR.DLL
    O12 - Plugin for .ivr: C:\\Program Files\\Internet Explorer\\PLUGINS\\NPRVRT32.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
    O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BD242EF7-C1E1-44BC-9979-52859FBBE4F9}: NameServer = 212.27.32.176,212.27.32.177
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Command Service (cmdService) - CMD Technology, Inc. - (no file)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe



    Le problème, c'est les pubs qui s'ouvrent en permanence
    0
  • 1
  • 2