diabolik52

bon voila je pense que s est fini vu que le scan n'a rien trouver je te remercie sincerement Tornado et Bruce Lee merci a tous les 2 diabolik52 bon voila je pense que s est fini vu que le scan n'a rien trouver je te remercie sincerement Tornado et Bruce Lee merci a tous les 2 diabolik52

re Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\joël\Cookies\joël@xiti[1].txt Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\loic\Cookies\loic@adtech[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\loic\Cookies\loic@advertising[1].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\loic\Cookies\loic@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\loic\Cookies\loic@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\loic\Cookies\loic@bluestreak[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\loic\Cookies\loic@doubleclick[1].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\loic\Cookies\loic@mediaplex[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\loic\Cookies\loic@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\loic\Cookies\loic@xiti[1].txt Spyware:spyware/surfsidekick No Désinfecté C:\Documents and Settings\loic\Local Settings\Temporary Internet Files\Ssk.log Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mélanie\Cookies\mélanie@xiti[1].txt

bonjour Tornado voici mon rapport Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\joël\Cookies\joël@xiti[1].txt Spyware:spyware/surfsidekick No Désinfecté C:\Documents and Settings\loic\Application Data\Sskknwrd.dll Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\loic\Cookies\loic@advertising[1].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\loic\Cookies\loic@atdmt[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\loic\Cookies\loic@doubleclick[1].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\loic\Cookies\loic@mediaplex[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\loic\Cookies\loic@xiti[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mélanie\Cookies\mélanie@xiti[1].txt Adware:adware/dollarrevenue No Désinfecté C:\mousepad.exe Adware:Adware/DollarRevenue No Désinfecté C:\WINDOWS\Downloaded Program Files\drsmartload185a.exe Adware:Adware/TrustIn No Désinfecté C:\WINDOWS\Downloaded Program Files\loader2.exe Adware:adware/navipromo No Désinfecté C:\WINDOWS\system32\hczwnurv_navps.dat dsl pour le retard

re, voila le resultat se l analyse Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\joël\Cookies\joël@xiti[1].txt Spyware:spyware/surfsidekick No Désinfecté C:\Documents and Settings\loic\Application Data\Sskknwrd.dll Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\loic\Bureau\outils\tous pour rapport\2eme virus\new virus soluce et rapport\l2mfix.exe[Process.exe] Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\loic\Cookies\loic@adtech[2].txt Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\loic\Cookies\loic@advertising[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\loic\Cookies\loic@atdmt[2].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\loic\Cookies\loic@bluestreak[1].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\loic\Cookies\loic@doubleclick[1].txt Spyware:Cookie/Comclick No Désinfecté C:\Documents and Settings\loic\Cookies\loic@fl01.ct2.comclick[1].txt Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\loic\Cookies\loic@mediaplex[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\loic\Cookies\loic@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\loic\Cookies\loic@xiti[1].txt Dialer:Dialer.B No Désinfecté C:\Documents and Settings\loic\Mes documents\bordel\DialpassUninstall.exe Adware:Adware/PurityScan No Désinfecté C:\Documents and Settings\loic\Mes documents\s?stem\chkntfs.exe Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\mélanie\Cookies\mélanie@xiti[1].txt Adware:adware/dollarrevenue No Désinfecté C:\gimmysmileys.exe Adware:Adware/TrustIn No Désinfecté C:\Program Files\TrustIn Bar\trustin.dll Adware:Adware/Deskwizz No Désinfecté C:\sk02.exe Adware:Adware/PurityScan No Désinfecté C:\Veracruz.exe Adware:Adware/CommAd No Désinfecté C:\WINDOWS\am9lbA\uA65vE.vbs Adware:Adware/DollarRevenue No Désinfecté C:\WINDOWS\Downloaded Program Files\drsmartload185a.exe Adware:Adware/TrustIn No Désinfecté C:\WINDOWS\Downloaded Program Files\loader2.exe Dialer:Dialer.B No Désinfecté C:\WINDOWS\eg_auth_1048.dll Adware:Adware/DollarRevenue No Désinfecté C:\WINDOWS\keyboard6.exe Virus:Trj/Downloader.HYH Désinfecté C:\WINDOWS\kl1.exe Adware:Adware/DollarRevenue No Désinfecté C:\WINDOWS\mousepad6.exe Adware:Adware/DollarRevenue No Désinfecté C:\WINDOWS\newname6.exe Adware:adware/navipromo No Désinfecté C:\WINDOWS\system32\hczwnurv_nav.dat Adware:adware/trustin No Désinfecté C:\WINDOWS\system32\tisa.cnf Adware:Adware/TrustIn No Désinfecté C:\WINDOWS\system32\tisa.dll Adware:Adware/TrustIn No Désinfecté C:\WINDOWS\system32\tu.exe Adware:adware/cws.searchmeup No Désinfecté C:\WINDOWS\uniq

dsl mais ton lien ne fonctionne pas

re bon voila tout met rapport le 1er (4/5/06 14:45:01) SPSeHjFix started v1.1.2 (4/5/06 14:45:01) OS: WinXP Service Pack 2 (5.1.2600) (4/5/06 14:45:01) Language: français (4/5/06 14:45:01) Win-Path: C:\WINDOWS (4/5/06 14:45:01) System-Path: C:\WINDOWS\system32 (4/5/06 14:45:01) Temp-Path: C:\DOCUME~1\loic\LOCALS~1\Temp\ (4/5/06 14:45:04) Disinfection started (4/5/06 14:45:04) Bad-Dll(IEP): (not found) (4/5/06 14:45:04) Bad-Dll(IEP) in BHO: (not found) (4/5/06 14:45:04) UBF: 8 - UBB: 0 - UBR: 24 (4/5/06 14:45:04) UBF: 8 - UBB: 0 - UBR: 24 (4/5/06 14:45:04) Bad IE-pages: (none) (4/5/06 14:45:04) Stealth-String not found (4/5/06 14:45:04) Not infected->END le 2eme --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 16:14:50, 05/04/2006 + Somme de contrôle: 351FB9E9 + Résultats du scan: HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Nettoyer et sauvegarder HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Nettoyer et sauvegarder HKU\S-1-5-21-2052111302-879983540-839522115-1003\Software\SurfSideKick3 -> Adware.SurfSide : Nettoyer et sauvegarder HKU\S-1-5-21-2052111302-879983540-839522115-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/d6j0lg1m16.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/fpn8035ue.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/fpnu0359e.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/itetres.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/kgdal.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/r2p80c7uef.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/s2rslc971f.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/wlvcore2.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\backup.zip/dlls/wsnsock.dll -> Adware.Look2Me : Erreur durant le nettoyage C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\d6j0lg1m16.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\fpn8035ue.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\fpnu0359e.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\itetres.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\kgdal.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\r2p80c7uef.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\s2rslc971f.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\wlvcore2.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\Documents and Settings\loic\Bureau\new virus soluce et rapport\l2mfix\dlls\wsnsock.dll -> Adware.Look2Me : Nettoyer et sauvegarder C:\WINDOWS\system32\drivers\etc\service.exe -> Backdoor.Iroffer.b : Nettoyer et sauvegarder C:\WINDOWS\system32\pre1.exe -> Dropper.Agent.hl : Nettoyer et sauvegarder ::Fin du rapport le 3eme Logfile of HijackThis v1.99.1 Scan saved at 16:18:50, on 05/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe voila pour l instant je n est plus de fenetre qui s ouvre

merci beaucoup je ferai sa se soir car je n ai pa trop le temps a+

ok pas de probleme merci beaucoup

toujour personne il va falloir que je fasse un autre topic

dsl mais cela m enerve tellement que je commence a perdre patience il faut pas m en vouloir encore desoler

personne n'a pas la solution car je suis vraiment en galere s'il vous plait

n auriez vous pas une solution pour supprimer le malware surfkick qui m affiche des pages internet tout le temps merci d avance pour la solution

dsl il n ont pas tout mit la suite Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1392 'explorer.exe' Killing PID 1392 'explorer.exe' Killing PID 1392 'explorer.exe' Killing PID 1392 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 340 'rundll32.exe' Killing PID 340 'rundll32.exe' Restoring Sedebugprivilege: Granting SeDebugPrivilege to Administrateurs ... successful Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). 1 fichier(s) copi‚(s). Deleting: C:\WINDOWS\system32\d6j0lg1m16.dll Successfully Deleted: C:\WINDOWS\system32\d6j0lg1m16.dll Deleting: C:\WINDOWS\system32\fpn8035ue.dll Successfully Deleted: C:\WINDOWS\system32\fpn8035ue.dll Deleting: C:\WINDOWS\system32\fpnu0359e.dll Successfully Deleted: C:\WINDOWS\system32\fpnu0359e.dll Deleting: C:\WINDOWS\system32\itetres.dll Successfully Deleted: C:\WINDOWS\system32\itetres.dll Deleting: C:\WINDOWS\system32\kgdal.dll Successfully Deleted: C:\WINDOWS\system32\kgdal.dll Deleting: C:\WINDOWS\system32\r2p80c7uef.dll Successfully Deleted: C:\WINDOWS\system32\r2p80c7uef.dll Deleting: C:\WINDOWS\system32\s2rslc971f.dll Successfully Deleted: C:\WINDOWS\system32\s2rslc971f.dll Deleting: C:\WINDOWS\system32\wlvcore2.dll Successfully Deleted: C:\WINDOWS\system32\wlvcore2.dll Deleting: C:\WINDOWS\system32\wsnsock.dll Successfully Deleted: C:\WINDOWS\system32\wsnsock.dll msg11?.dll 0 fichier(s) copi‚(s). Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DH] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\ElnClass.Dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MS-DOS Emulation] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\s2rslc971f.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] "DllName"="C:\\WINDOWS\\system32\\NavLogon.dll" "StartShell"="NavStartShellEvent" "Logoff"="NavLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] "Asynchronous"=dword:00000000 "DllName"="WRLogonNTF.dll" "Impersonate"=dword:00000001 "Lock"="WRLock" "StartScreenSaver"="WRStartScreenSaver" "StartShell"="WRStartShell" "Startup"="WRStartup" "StopScreenSaver"="WRStopScreenSaver" "Unlock"="WRUnlock" "Shutdown"="WRShutdown" "Logoff"="WRLogoff" "Logon"="WRLogon" The following are the files found: **************************************************************************** C:\WINDOWS\system32\d6j0lg1m16.dll C:\WINDOWS\system32\fpn8035ue.dll C:\WINDOWS\system32\fpnu0359e.dll C:\WINDOWS\system32\itetres.dll C:\WINDOWS\system32\kgdal.dll C:\WINDOWS\system32\r2p80c7uef.dll C:\WINDOWS\system32\s2rslc971f.dll C:\WINDOWS\system32\wlvcore2.dll C:\WINDOWS\system32\wsnsock.dll Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\InprocServer32] @="C:\\WINDOWS\\system32\\ElnClass.Dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\InprocServer32] @="C:\\WINDOWS\\system32\\skhcinst.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\InprocServer32] @="C:\\WINDOWS\\system32\\syell32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\InprocServer32] @="C:\\WINDOWS\\system32\\wsnsock.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\InprocServer32] @="C:\\WINDOWS\\system32\\ugrdtea.dll" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{162827AB-EADE-42FE-885E-E8E7E630F6F9}"=- "{32BC58D7-A8DB-48D7-B2A3-35615B099E71}"=- "{74512D89-38E5-4C1B-8356-6A710AF62CED}"=- "{33E8A6A7-8965-43D1-A199-C98C45D47194}"=- "{5D1A633C-436D-4BAE-B25F-75AB23734384}"=- "{7DB49355-D61C-4F6F-B52E-23C3E398B536}"=- [-HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}] [-HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}] [-HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}] [-HKEY_CLASSES_ROOT\CLSID\{33E8A6A7-8965-43D1-A199-C98C45D47194}] [-HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}] [-HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "SV1"="" **************************************************************************** Desktop.ini Contents: **************************************************************************** **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/d6j0lg1m16.dll (164 bytes security) (deflated 5%) adding: dlls/fpn8035ue.dll (164 bytes security) (deflated 5%) adding: dlls/fpnu0359e.dll (164 bytes security) (deflated 5%) adding: dlls/itetres.dll (164 bytes security) (deflated 5%) adding: dlls/kgdal.dll (164 bytes security) (deflated 5%) adding: dlls/r2p80c7uef.dll (164 bytes security) (deflated 5%) adding: dlls/s2rslc971f.dll (164 bytes security) (deflated 4%) adding: dlls/wlvcore2.dll (164 bytes security) (deflated 5%) adding: dlls/wsnsock.dll (164 bytes security) (deflated 4%) adding: backregs/162827AB-EADE-42FE-885E-E8E7E630F6F9.reg (212 bytes security) (deflated 70%) adding: backregs/32BC58D7-A8DB-48D7-B2A3-35615B099E71.reg (212 bytes security) (deflated 69%) adding: backregs/5D1A633C-436D-4BAE-B25F-75AB23734384.reg (212 bytes security) (deflated 70%) adding: backregs/74512D89-38E5-4C1B-8356-6A710AF62CED.reg (212 bytes security) (deflated 70%) adding: backregs/7DB49355-D61C-4F6F-B52E-23C3E398B536.reg (212 bytes security) (deflated 70%) adding: backregs/notibac.reg (164 bytes security) (deflated 88%) adding: backregs/shell.reg (164 bytes security) (deflated 73%) et le rapport hitjackthis Logfile of HijackThis v1.99.1 Scan saved at 17:13:04, on 04/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\notepad.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\windows\mousepad7.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad7.exe O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard7.exe O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe /STARTUP O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: repairs303169566.dll O20 - Winlogon Notify: DH - C:\WINDOWS\system32\ElnClass.Dll (file missing) O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\s2rslc971f.dll (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

bon voila mes 2 rapports L2mfix 032106 Creating Account. La commande s'est termin‚e correctement. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\SYSTEM32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 496 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing PID 932 'winlogon.exe' Killing

L2MFIX find log 032106 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] "DLLName"="Ati2evxx.dll" "Asynchronous"=dword:00000000 "Impersonate"=dword:00000001 "Lock"="AtiLockEvent" "Logoff"="AtiLogoffEvent" "Logon"="AtiLogonEvent" "Disconnect"="AtiDisConnectEvent" "Reconnect"="AtiReConnectEvent" "Safe"=dword:00000000 "Shutdown"="AtiShutdownEvent" "StartScreenSaver"="AtiStartScreenSaverEvent" "StartShell"="AtiStartShellEvent" "Startup"="AtiStartupEvent" "StopScreenSaver"="AtiStopScreenSaverEvent" "Unlock"="AtiUnLockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DH] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\ElnClass.Dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MS-DOS Emulation] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\s2rslc971f.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] "DllName"="C:\\WINDOWS\\system32\\NavLogon.dll" "StartShell"="NavStartShellEvent" "Logoff"="NavLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier] "Asynchronous"=dword:00000000 "DllName"="WRLogonNTF.dll" "Impersonate"=dword:00000001 "Lock"="WRLock" "StartScreenSaver"="WRStartScreenSaver" "StartShell"="WRStartShell" "Startup"="WRStartup" "StopScreenSaver"="WRStopScreenSaver" "Unlock"="WRUnlock" "Shutdown"="WRShutdown" "Logoff"="WRLogoff" "Logon"="WRLogon" ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{372A8EC8-BB61-5426-D08E-C3D1D8874963}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage ?cran du Panneau de configuration" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo" "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="?tat du t‚l‚chargement" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche" "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="?num‚rateur d'applications install‚es" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{5E2121EE-0300-11D4-8D3B-444553540000}"="Catalyst Context Menu extension" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{BDA77241-42F6-11d0-85E2-00AA001FE28C}"="LDVP Shell Extensions" "{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices" "{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu" "{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx" "{5380C14E-C0A1-4D66-87DB-5995E6FF4623}"="Rad Prop Extension" "{C6844A1E-2C59-415A-84B3-C6A458372779}"="Text file icon extension" "{D2FD83AE-994A-4D4B-9097-2C9E11ED85F0}"="Display CPL Extension" "{D00900BC-23F7-4FD6-BFA2-8232112C5C49}"="NRadExt extension" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web" "{2F5AC606-70CF-461C-BFE1-6063670C3484}"="Mouse CPL Extension" "{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"="TuneUp Shredder Shell Context Menu Extension" "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning" "{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"="Webroot Spy Sweeper Context Menu Integration" "{162827AB-EADE-42FE-885E-E8E7E630F6F9}"="" "{32BC58D7-A8DB-48D7-B2A3-35615B099E71}"="" "{74512D89-38E5-4C1B-8356-6A710AF62CED}"="" "{33E8A6A7-8965-43D1-A199-C98C45D47194}"="" "{5D1A633C-436D-4BAE-B25F-75AB23734384}"="" "{7DB49355-D61C-4F6F-B52E-23C3E398B536}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{162827AB-EADE-42FE-885E-E8E7E630F6F9}\InprocServer32] @="C:\\WINDOWS\\system32\\ElnClass.Dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}] @="" "IDEx"="ADDR" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{32BC58D7-A8DB-48D7-B2A3-35615B099E71}\InprocServer32] @="C:\\WINDOWS\\system32\\skhcinst.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{74512D89-38E5-4C1B-8356-6A710AF62CED}\InprocServer32] @="C:\\WINDOWS\\system32\\syell32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5D1A633C-436D-4BAE-B25F-75AB23734384}\InprocServer32] @="C:\\WINDOWS\\system32\\wsnsock.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{7DB49355-D61C-4F6F-B52E-23C3E398B536}\InprocServer32] @="C:\\WINDOWS\\system32\\ugrdtea.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ bassmod.dll Tue 21 Mar 2006 21:02:16 A.... 34 308 33,50 K cmdlin~1.dll Tue 10 Jan 2006 16:37:00 A.... 98 304 96,00 K cmdlin~2.dll Sat 25 Mar 2006 17:53:46 A.... 43 520 42,50 K d6j0lg~1.dll Mon 3 Apr 2006 21:01:36 ..S.R 237 180 231,62 K fpn803~1.dll Mon 3 Apr 2006 20:48:36 ..S.R 237 017 231,46 K fpnu03~1.dll Tue 4 Apr 2006 15:45:14 ..S.R 235 161 229,65 K itetres.dll Mon 3 Apr 2006 20:44:06 ..S.R 236 164 230,63 K kgdal.dll Mon 3 Apr 2006 17:57:10 ..S.R 236 164 230,63 K r2p80c~1.dll Mon 3 Apr 2006 20:44:06 ..S.R 237 036 231,48 K repair~1.dll Thu 30 Mar 2006 18:33:22 A.... 88 576 86,50 K s2rslc~1.dll Mon 3 Apr 2006 21:54:02 ..S.R 234 208 228,72 K ticont.dll Sun 2 Apr 2006 19:39:22 A.... 18 944 18,50 K tisa.dll Sun 2 Apr 2006 19:39:12 A.... 15 872 15,50 K wbhelp2.dll Sat 28 Jan 2006 10:11:42 A.... 50 688 49,50 K wlvcore2.dll Mon 3 Apr 2006 20:48:36 ..S.R 236 164 230,63 K wsnsock.dll Tue 4 Apr 2006 15:45:14 ..S.R 234 208 228,72 K 16 items found: 16 files (9 H/S), 0 directories. Total of file sizes: 2 473 514 bytes 2,36 M Locate .tmp files: No matches found. ********************************************************************************** bonjour voila le rapport que vous m avez demander Directory Listing of system files: Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est DCE1-E65D R‚pertoire de C:\WINDOWS\System32 04/04/2006 15:45 234ÿ208 wsnsock.dll 04/04/2006 15:45 235ÿ161 fpnu0359e.dll 03/04/2006 21:54 234ÿ208 s2rslc971f.dll 03/04/2006 21:01 237ÿ180 d6j0lg1m16.dll 03/04/2006 20:48 236ÿ164 wlvcore2.dll 03/04/2006 20:48 237ÿ017 fpn8035ue.dll 03/04/2006 20:44 236ÿ164 itetres.dll 03/04/2006 20:44 237ÿ036 r2p80c7uef.dll 03/04/2006 17:57 236ÿ164 kgdal.dll 20/03/2006 19:32 <REP> dllcache 26/12/2005 21:30 <REP> Microsoft 9 fichier(s) 2ÿ123ÿ302 octets 2 R‚p(s) 70ÿ010ÿ208ÿ256 octets libres

bonjour dsl regis 56 mais j ai suivie toute tes indications mais rien ni fait cela continuer donc j ai decider de refaire un topic a+

j ai malware que aucun logiciel n a reussi a suppromer s est surfside ou surfkick et apparament tous mes pages vienne de se truc comment puis je faire pour le supprimer meri d avance

re j ai fait tous se que vous m avez demander mon nouveau rapport ps: cela continue toujours apres toute les analyses Logfile of HijackThis v1.99.1 Scan saved at 21:10:46, on 03/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\rundll32.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\windows\mousepad7.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad7.exe O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard7.exe O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe /STARTUP O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{DC9CEC81-7989-4830-8880-9A518E480C7B}: NameServer = 205.188.146.145 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: repairs303169566.dll O20 - Winlogon Notify: DH - C:\WINDOWS\system32\ElnClass.Dll (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\k8440ihqe84e0.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

bonjour j ai un probleme depuis quelque temps losque je suis sur internet il y plein de page qui souvre elle me dise d acheter un telle ou un telle anti malware car j ai le virus un telle de detecter pourrier vous me re coment arreter sa merci d avance voici mon rapport Logfile of HijackThis v1.99.1 Scan saved at 17:44:34, on 03/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\rundll32.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\windows\mousepad7.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKLM\..\Run: [h3yb0y] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\service.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\conf.dll O4 - HKLM\..\Run: [h3yb0y1] C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\system.exe C:\WINDOWS\SYSTEM32\DRIVERS\etc\serv-u.ini O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [newname] C:\windows\newname7.exe O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad7.exe O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard7.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe /STARTUP O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{DC9CEC81-7989-4830-8880-9A518E480C7B}: NameServer = 205.188.146.145 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: repairs303169566.dll O20 - Winlogon Notify: DH - C:\WINDOWS\system32\ElnClass.Dll (file missing) O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\f40oled31h0.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

s il vous plait

bonjour se que vous m avez dit de faire me donne sa Symantec Backdoor.Agent.B Removal Tool 1.0.1.2 registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: AppInit_DLLs (value set to "") C:\Documents and Settings\loic\Application Data\?ymbols: (not scanned) C:\Documents and Settings\loic\Mes documents\s?stem: (not scanned) C:\System Volume Information: (not scanned) Backdoor.Agent.B has not been found on your computer.

s il vous plait aidez moi

re bon voila j ai fait se que vous m avez dit et sa me donne sa Logfile of HijackThis v1.99.1 Scan saved at 20:58:24, on 30/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AOL 9.0\aoltray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe /STARTUP O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: repairs303169566.dll O20 - Winlogon Notify: DH - C:\WINDOWS\system32\ElnClass.Dll (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\am9lbA\command.exe (file missing) O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

bonjour depuis peu j ai un certain probleme mes page internet sont devenus assez long a s ouvrir et j ai des pages qui s ouvre et elle me font de la pub pour des logiceil pourriez vous analyser mon rapport pour voir si il y quelle que chose a faire merci d avance Logfile of HijackThis v1.99.1 Scan saved at 18:56:07, on 30/03/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\am9lbA\command.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll O2 - BHO: (no name) - {80C95960-E0DE-9409-F818-BB5E646E64C1} - C:\WINDOWS\system32\urpev.dll O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" O4 - HKLM\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKLM\..\Run: [expload.exe] C:\WINDOWS\system32\expload.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Malware Sweeper] C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe /STARTUP O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [steam] C:\Program Files\Steam\Steam.exe -silent O4 - HKCU\..\Run: [surfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe O4 - HKCU\..\Run: [Eupubc] C:\Documents and Settings\loic\Application Data\?ymbols\n?tepad.exe O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O12 - Plugin for .tif: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: repairs303169566.dll O20 - Winlogon Notify: DH - C:\WINDOWS\system32\ElnClass.Dll (file missing) O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\am9lbA\command.exe O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing) O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

un derniere chose tu parle de produit GNU a quoi cela correspond il merci