Aidez moi svp je suis dans le kk à cause de winfixer!

Marsh Posté le 08-08-2005 à 11:05:21

Voilà depuis plusieurs jours j'ai une fenêtre web qui s'affiche avec Winfixer et il ne me laisse pas le choix que d'installer un programme et meme en l'installant par après une autre fenêtre s'affiche touours avec Winantivirus mais je vois bien que c'est toujours du au même "virus"...

comment dois-je faire pour arrêter tout ca ? J'ai Karspersky Anti-virus PRO + Windows XP + Un routeur + le firewall activé ..

svp aidez-moi j'en ai trop marre vient de plus en plus ...

Message édité par kimura kenji le 08-08-2005 à 12:52:38

Reply

Marsh Posté le 08-08-2005 à 11:05:21

Reply

Marsh Posté le 08-08-2005 à 11:07:52

J'ai utilisé le "hijack" si ca peut aider...

Logfile of HijackThis v1.99.1
Scan saved at 11:06:31, on 08/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WFXSVC.EXE
C:\Program Files\DelFax\WFXMOD32.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\DelFax\WFXSWTCH.exe
C:\WINDOWS\system32\wfxsnt40.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\DelFax\WFXCTL32.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Jean-Francois\Bureau\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [KAV50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: CSCSettings - C:\WINDOWS\system32\EXDCINST.DLL
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe" -run bl -n PersonalPro -v 5.0.0.0 -ttsr 10000000 (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE

Reply

Marsh Posté le 08-08-2005 à 11:11:41

J'ai lu le topic de PICSOU juste en bas qui a le même probleme mais est-ce que si j'effectue les même manip ca fonctionnera chez moi aussi ?

Reply

Marsh Posté le 08-08-2005 à 12:14:36

Bonjour, je regarde ton rapport, réponse dans un moment

Reply

Marsh Posté le 08-08-2005 à 12:19:31

merci ;-)

Reply

Marsh Posté le 08-08-2005 à 12:25:30

Re, télécharge CCleaner:
http://www.ccleaner.com/ccdownload.asp

Démarre en mode sans échec (F8 ou F5)

Assure toi d'avoir accès à tous les fichiers.

Citation :

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :
Activer la case : Afficher les fichiers et dossiers cachés
Désactiver la case : Masquer les extensions des fichiers dont le type est connu
Désactiver la case : Masquer les fichiers protégés du système d'exploitation
Puis Appliquer

Démarre Hijackthis Do a system scan only, assure toi que la case Make Backups before fixing items est activée et coche les lignes suivantes:

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe

Ferme toutes les fenêtres, tous les programmes et clique sur Fix checked

Supprime les fichiers/dossiers incriminés (s'ils existent encore):

C:\Program Files\WinFixer 2005

Renomme le fichier suivant:

EXDCINST.DLL> EXDCINST-DLL.anc (nom tiret extension point anc) Si tu ne constates pas de dysfonctionnement au bout de quelques temps tu le supprimeras

Recache les fichiers système afin de ne pas faire d'erreur à l'avenir en sélectionnant ne pas afficher les fichiers cachés ou les fichiers système.

Exécute CCleaner sur chaque session utilisateur

Redémarre normalement et poste un nouveau rapport Hijackthis pour vérification.

Reply

Marsh Posté le 08-08-2005 à 14:05:52

J'ai fait tout ce que tu m'avais demandé mais je n'ai pas pu renommer le fichier EXDINST.DLL parce que le systeme me dit qu'un programme l'utilise ...

En revenant sur le forum, j'ai encore eu WINFIXER qui s'est affiché donc le problème est toujours là malheureusement ...

Logfile of HijackThis v1.99.1
Scan saved at 14:02:45, on 08/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\DelFax\WFXSWTCH.exe
C:\WINDOWS\system32\wfxsnt40.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WFXSVC.EXE
C:\Program Files\DelFax\WFXMOD32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jean-Francois\Bureau\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAV50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\EXDCINST.DLL
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe" -run bl -n PersonalPro -v 5.0.0.0 -ttsr 10000000 (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE

Reply

Marsh Posté le 08-08-2005 à 14:43:38

Oui, mais il n'est plus dans ton log. Fais ceci:
Démarrer> Panneau de Configuration> Outils d'administration> Services
Dans la fenêtre qui s'ouvre, double-clique sur la ligne "Affichage des messages".
Dans le champ "Type de démarrage" de l'onglet "Général", sélectionne "Désactivé".
Clique sur "Arrêter".
Clique ensuite sur "OK" pour valider la configuration.

Fais analyser ce fichier C:\WINDOWS\system32\EXDCINST.DLL ici:
http://virusscan.jotti.org/

Colle le résultat dans ton prochain message

Reply

Marsh Posté le 08-08-2005 à 14:49:24

J'ai été sur le virusscan mais voilà ce qu'ils me mettent :

The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file

Reply

Marsh Posté le 08-08-2005 à 14:54:32

Désactive ton pare-feu le temps de l'analyse

Reply

Marsh Posté le 08-08-2005 à 14:54:32

Reply

Marsh Posté le 08-08-2005 à 14:59:49

stonangel a écrit :

Désactive ton pare-feu le temps de l'analyse

C'est fait mais ca ne change rien ...

Reply

Marsh Posté le 08-08-2005 à 15:01:30

Va ici, ça vient peut être du site:
http://www.virustotal.com/xhtml/index_en.html

Reply

Marsh Posté le 08-08-2005 à 15:02:29

stonangel a écrit :

Désactive ton pare-feu le temps de l'analyse

J'ai essayé avec un autre fichier dll et là ca marche donc ca viendrait du fichier en lui même ...

Reply

Marsh Posté le 08-08-2005 à 15:03:35

stonangel a écrit :

Va ici, ça vient peut être du site:
http://www.virustotal.com/xhtml/index_en.html

Voilà ce que eux me mettent :

File size can't be more than 2 Megabytes.
You can't try compressing it.
Thanks you.

Reply

Marsh Posté le 08-08-2005 à 15:04:11

Changement de stratégie, je reviens.

Reply

Marsh Posté le 08-08-2005 à 15:04:58

pourtant quand je regarde le fichier ne fait que 408 ko ...

Reply

Marsh Posté le 08-08-2005 à 15:05:16

stonangel a écrit :

Changement de stratégie, je reviens.

oki merci pour ta patience

Reply

Marsh Posté le 08-08-2005 à 15:07:21

Re, télécharge L2Mfix
http://www.atribune.org/downloads/l2mfix.exe
ou
http://www.downloads.subratam.org/l2mfix.exe

- télécharger sur le bureau et double-cliquer sur le fichier L2Mfix.exe
- cliquer sur le bouton "Install" pour dézipper
------------------------------------------------------------------
- ouvrir le dossier L2Mfix créé sur le bureau
- double-cliquer sur L2Mfix.bat et choisir l'option 1 Run Find Log (entrer 1)
- après 1 ou 2 minutes de recherche, il y a ouverture du Bloc-note ; poster le contenu sur le forum.
(ne pas utiliser l'option 2 ni aucun autre fichier du dossier L2Mfix)
-------------------------------------------------------------------------
- fermer tous les programmes parce qu'il va y avoir reboot automatique
- ouvrir le dossier L2Mfix créé sur le bureau
- double-cliquer sur L2Mfix.bat, choisir l'option 2 Run Fix (entrer 2) et appuyer sur n'importe quelle touche pour redémarrer l'ordinateur
Après redémarrage, le bureau et les icônes vont apparaître puis disparaître, c'est normal !
- L2Mfix va rescanner le disque ; après 1 ou 2 minutes de recherche, ouverture du Bloc-note ; poster le contenu sur le forum en même temps qu'un nouveau rapport HijackThis.
(n'utiliser aucun autre fichier du dossier L2Mfix)

Message édité par stonangel le 08-08-2005 à 15:08:02

Reply

Marsh Posté le 08-08-2005 à 15:11:33

voilà c long >>

L2MFIX find log 1.03
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnce]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\EXDCINST.DLL"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{19FB6089-3E38-FB12-7705-8CD6B30FFA3E}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de proprits du fichier multimdia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de scurit NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des proprits de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de scurit DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donnes endommages de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets rseau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension icne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de scurit des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions rseau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions rseau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interprteur de commandes pour l'environnement d'excution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donnes Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tches planifies"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tches et menu Dmarrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Excuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du tlchargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet intgr de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Bote d'entre de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalise MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Paramtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de dmarrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="numrateur d'applications installes"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de rsum (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chane"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chane"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{8f7261d0-d2b9-11d2-9909-00605205b24c}"="CuteFTP Shell Extension"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}"="Priphriques Plug and Play universels"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{46E22146-59C0-4136-9233-52E412E2B428}"="EzCddax extension"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{43717525-8308-403B-806F-0C443CD1AE92}"=""
"{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}"=""
"{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}"=""
"{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{43717525-8308-403B-806F-0C443CD1AE92}]
@=""
"IDEx"="ST015"

[HKEY_CLASSES_ROOT\CLSID\{43717525-8308-403B-806F-0C443CD1AE92}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{43717525-8308-403B-806F-0C443CD1AE92}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{43717525-8308-403B-806F-0C443CD1AE92}\InprocServer32]
@="C:\\WINDOWS\\system32\\cmmpstui.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}\InprocServer32]
@="C:\\WINDOWS\\system32\\myise.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}\InprocServer32]
@="C:\\WINDOWS\\system32\\efent.dll"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}\InprocServer32]
@="C:\\WINDOWS\\system32\\ijwdial.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
ajsnds.dll Tue 26 Jul 2005 0:13:42 A.S.R 417.792 408,00 K
axmeter.dll Fri 22 Jul 2005 21:58:14 ..S.R 417.792 408,00 K
bfowser.dll Fri 22 Jul 2005 21:58:20 A.S.R 417.792 408,00 K
cdm.dll Thu 26 May 2005 4:16:24 A.... 75.544 73,77 K
cgg18030.dll Fri 22 Jul 2005 23:02:20 A.S.R 417.792 408,00 K
cmmpstui.dll Fri 8 Jul 2005 15:35:04 ..S.R 417.792 408,00 K
cocdll.dll Fri 22 Jul 2005 23:02:16 ..S.R 417.792 408,00 K
cqtsrv.dll Mon 8 Aug 2005 13:38:42 ..S.R 417.792 408,00 K
dcgest.dll Tue 26 Jul 2005 3:31:04 A.S.R 417.792 408,00 K
dcvxde~1.dll Fri 22 Jul 2005 10:36:16 A.S.R 417.792 408,00 K
dgnzip32.dll Tue 26 Jul 2005 8:52:00 ..S.R 417.792 408,00 K
dguiext.dll Tue 26 Jul 2005 8:52:04 A.S.R 417.792 408,00 K
drcompos.dll Fri 22 Jul 2005 20:29:14 ..S.R 417.792 408,00 K
drdlgs.dll Fri 22 Jul 2005 20:29:18 A.S.R 417.792 408,00 K
drdmo.dll Fri 22 Jul 2005 15:48:14 ..S.R 417.792 408,00 K
dsband.dll Mon 25 Jul 2005 17:57:54 ..S.R 417.792 408,00 K
dsnput8.dll Tue 26 Jul 2005 3:30:58 ..S.R 417.792 408,00 K
dvconfig.dll Fri 22 Jul 2005 10:36:12 ..S.R 417.792 408,00 K
efent.dll Mon 8 Aug 2005 14:01:40 ..S.R 417.792 408,00 K
excapi.dll Fri 22 Jul 2005 6:53:10 ..S.R 417.792 408,00 K
exdcinst.dll Tue 26 Jul 2005 12:38:30 ..... 417.792 408,00 K
hhsetup.dll Fri 27 May 2005 4:08:06 A.... 41.472 40,50 K
icm32.dll Wed 29 Jun 2005 3:49:42 A.... 254.976 249,00 K
idspolcy.dll Fri 22 Jul 2005 5:30:10 ..S.R 417.792 408,00 K
ijssam.dll Fri 22 Jul 2005 9:13:12 ..S.R 417.792 408,00 K
ijwdial.dll Mon 8 Aug 2005 14:23:50 ..S.R 417.792 408,00 K
in41_qc.dll Mon 25 Jul 2005 13:19:52 ..S.R 417.792 408,00 K
iraapi.dll Fri 22 Jul 2005 9:13:16 A.S.R 417.792 408,00 K
itircl.dll Fri 27 May 2005 4:08:06 A.... 155.136 151,50 K
itss.dll Fri 27 May 2005 4:08:06 A.... 137.216 134,00 K
iuengine.dll Thu 26 May 2005 4:16:24 A.... 198.424 193,77 K
ixxwan.dll Mon 25 Jul 2005 13:19:56 A.S.R 417.792 408,00 K
jndw400.dll Mon 25 Jul 2005 17:58:00 A.S.R 417.792 408,00 K
kedinmal.dll Fri 22 Jul 2005 3:18:10 ..S.R 417.792 408,00 K
kfdpl1.dll Tue 26 Jul 2005 5:01:00 ..S.R 417.792 408,00 K
kidsmsfi.dll Tue 26 Jul 2005 2:27:58 ..S.R 417.792 408,00 K
kldlv.dll Tue 26 Jul 2005 1:16:06 A.S.R 417.792 408,00 K
kndsf.dll Tue 26 Jul 2005 5:01:04 A.S.R 417.792 408,00 K
kqdsmsfi.dll Mon 25 Jul 2005 21:35:54 ..S.R 417.792 408,00 K
kqdsw.dll Tue 26 Jul 2005 2:28:02 A.S.R 417.792 408,00 K
krdhept.dll Tue 26 Jul 2005 1:16:00 ..S.R 417.792 408,00 K
kwdlk41a.dll Fri 22 Jul 2005 3:18:14 ..S.R 417.792 408,00 K
kydsg.dll Mon 25 Jul 2005 21:35:58 A.S.R 417.792 408,00 K
luk.dll Mon 25 Jul 2005 19:09:54 ..S.R 417.792 408,00 K
lzdis13n.dll Mon 25 Jul 2005 19:10:00 A.S.R 417.792 408,00 K
maacm.dll Tue 26 Jul 2005 10:14:52 ..S.R 417.792 408,00 K
mbltus40.dll Fri 22 Jul 2005 17:02:18 A.S.R 417.792 408,00 K
mbmxsdk.dll Tue 26 Jul 2005 11:19:46 A.S.R 417.792 408,00 K
mfc71.dll Wed 6 Jul 2005 17:17:28 A.... 1.060.864 1,01 M
micms.dll Tue 26 Jul 2005 10:14:56 A.S.R 417.792 408,00 K
mjimon.dll Tue 26 Jul 2005 11:19:42 ..S.R 417.792 408,00 K
mkiole16.dll Tue 26 Jul 2005 6:28:04 A.S.R 417.792 408,00 K
mqiqtz32.dll Mon 25 Jul 2005 22:57:54 ..S.R 417.792 408,00 K
mscms.dll Wed 29 Jun 2005 3:49:42 A.... 74.240 72,50 K
msiwave.dll Tue 26 Jul 2005 6:28:00 ..S.R 417.792 408,00 K
mtrating.dll Mon 8 Aug 2005 13:35:02 ..S.R 417.792 408,00 K
mujeto~1.dll Fri 22 Jul 2005 17:02:14 ..S.R 417.792 408,00 K
mxssc.dll Mon 25 Jul 2005 22:57:58 A.S.R 417.792 408,00 K
mxwebdvd.dll Thu 21 Jul 2005 23:14:26 ..S.R 417.792 408,00 K
myise.dll Mon 8 Aug 2005 13:49:04 ..S.R 417.792 408,00 K
nemctray.dll Fri 22 Jul 2005 19:29:14 ..S.R 417.792 408,00 K
neprovau.dll Fri 22 Jul 2005 19:29:18 A.S.R 417.792 408,00 K
nttshell.dll Fri 22 Jul 2005 4:29:14 A.S.R 417.792 408,00 K
nuwdev.dll Fri 22 Jul 2005 4:29:10 ..S.R 417.792 408,00 K
oke2.dll Fri 22 Jul 2005 13:20:22 A.S.R 417.792 408,00 K
ouexl32.dll Fri 22 Jul 2005 13:20:14 ..S.R 417.792 408,00 K
pbdgen.dll Thu 21 Jul 2005 23:15:16 A.S.R 417.792 408,00 K
qtjava.dll Fri 3 Jun 2005 21:42:46 A.... 184.320 180,00 K
qtjava~1.dll Fri 3 Jun 2005 21:42:52 A.... 442.880 432,50 K
qtmlcl~1.dll Fri 3 Jun 2005 20:38:42 A.... 307.200 300,00 K
rfsctrs.dll Mon 25 Jul 2005 12:11:52 ..S.R 417.792 408,00 K
rpsser.dll Mon 25 Jul 2005 12:11:56 A.S.R 417.792 408,00 K
rvsadhlp.dll Fri 22 Jul 2005 14:30:14 ..S.R 417.792 408,00 K
ryssapi.dll Fri 22 Jul 2005 14:30:20 A.S.R 417.792 408,00 K
thddd.dll Mon 25 Jul 2005 20:34:54 ..S.R 417.792 408,00 K
tjnlib20.dll Fri 22 Jul 2005 15:48:18 A.S.R 417.792 408,00 K
tmnlib20.dll Fri 22 Jul 2005 1:50:14 ..S.R 417.792 408,00 K
topelib.dll Mon 25 Jul 2005 20:34:58 A.S.R 417.792 408,00 K
tupelib.dll Fri 22 Jul 2005 1:50:10 ..S.R 417.792 408,00 K
ujnp.dll Fri 22 Jul 2005 0:34:14 ..S.R 417.792 408,00 K
uvrvpa.dll Mon 25 Jul 2005 15:35:52 ..S.R 417.792 408,00 K
vn5db.dll Mon 25 Jul 2005 15:35:56 A.S.R 417.792 408,00 K
wivcore.dll Tue 26 Jul 2005 0:13:14 ..S.R 417.792 408,00 K
wqbc3usd.dll Fri 22 Jul 2005 18:22:14 ..S.R 417.792 408,00 K
wqmioctl.dll Fri 22 Jul 2005 18:22:18 A.S.R 417.792 408,00 K
wuapi.dll Thu 26 May 2005 4:16:30 A.... 467.224 456,27 K
wuaueng.dll Thu 26 May 2005 4:16:30 A.... 1.343.768 1,28 M
wuaueng1.dll Thu 26 May 2005 4:16:32 A.... 195.352 190,77 K
wucltui.dll Thu 26 May 2005 4:16:32 A.... 128.792 125,77 K
wups.dll Thu 26 May 2005 4:16:30 A.... 41.240 40,27 K
wups2.dll Thu 26 May 2005 4:16:30 A.... 18.200 17,77 K
wuweb.dll Thu 26 May 2005 4:16:30 A.... 173.536 169,47 K
wybcheck.dll Fri 22 Jul 2005 0:34:36 A.S.R 417.792 408,00 K
wynmm.dll Fri 22 Jul 2005 8:08:12 ..S.R 417.792 408,00 K
xpsp3res.dll Tue 17 May 2005 2:42:14 A.... 16.896 16,50 K

95 items found: 95 files (75 H/S), 0 directories.
Total of file sizes: 37.069.472 bytes 35,35 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
guard.tmp Thu 4 Aug 2005 13:17:40 ..S.R 417.792 408,00 K

1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 417.792 bytes 408,00 K
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le numro de srie du volume est E4F9-F3A8

Rpertoire de C:\WINDOWS\System32

08/08/2005 14:23 417.792 ijwdial.dll
08/08/2005 14:01 417.792 efent.dll
08/08/2005 13:49 417.792 myise.dll
08/08/2005 13:38 417.792 cQtsrv.dll
08/08/2005 13:35 417.792 mtrating.dll
05/08/2005 13:03 <REP> dllcache
04/08/2005 13:17 417.792 guard.tmp
04/08/2005 12:38 5 AuxDrv32ds_k.ods
26/07/2005 11:19 417.792 mbmxsdk.dll
26/07/2005 11:19 417.792 mjimon.dll
26/07/2005 10:14 417.792 micms.dll
26/07/2005 10:14 417.792 maacm.dll
26/07/2005 08:52 417.792 dguiext.dll
26/07/2005 08:51 417.792 Dgnzip32.dll
26/07/2005 06:28 417.792 mkiole16.dll
26/07/2005 06:27 417.792 msiwave.dll
26/07/2005 05:01 417.792 kndsf.dll
26/07/2005 05:00 417.792 kfdpl1.dll
26/07/2005 03:31 417.792 dcgest.dll
26/07/2005 03:30 417.792 dsnput8.dll
26/07/2005 02:28 417.792 kqdsw.dll
26/07/2005 02:27 417.792 kidsmsfi.dll
26/07/2005 01:16 417.792 kldlv.dll
26/07/2005 01:15 417.792 krdhept.dll
26/07/2005 00:13 417.792 ajsnds.dll
26/07/2005 00:13 417.792 wivcore.dll
25/07/2005 22:57 417.792 mxssc.dll
25/07/2005 22:57 417.792 mqiqtz32.dll
25/07/2005 21:35 417.792 kydsg.dll
25/07/2005 21:35 417.792 kqdsmsfi.dll
25/07/2005 20:34 417.792 topelib.dll
25/07/2005 20:34 417.792 thddd.dll
25/07/2005 19:09 417.792 lzdis13n.dll
25/07/2005 19:09 417.792 luk.dll
25/07/2005 17:57 417.792 jndw400.dll
25/07/2005 17:57 417.792 dsband.dll
25/07/2005 15:35 417.792 Vn5db.dll
25/07/2005 15:35 417.792 uvrvpa.dll
25/07/2005 13:19 417.792 ixxwan.dll
25/07/2005 13:19 417.792 in41_qc.dll
25/07/2005 12:11 417.792 rPsser.dll
25/07/2005 12:11 417.792 rFsctrs.dll
22/07/2005 23:02 417.792 cGg18030.dll
22/07/2005 23:02 417.792 cocdll.dll
22/07/2005 21:58 417.792 bfowser.dll
22/07/2005 21:58 417.792 axmeter.dll
22/07/2005 20:29 417.792 drdlgs.dll
22/07/2005 20:29 417.792 drcompos.dll
22/07/2005 19:29 417.792 neprovau.dll
22/07/2005 19:29 417.792 nemctray.dll
22/07/2005 18:22 417.792 wqmioctl.dll
22/07/2005 18:22 417.792 wqbc3usd.dll
22/07/2005 17:02 417.792 mbltus40.dll
22/07/2005 17:02 417.792 mujetoledb40.dll
22/07/2005 15:48 417.792 TjnLib20.dll
22/07/2005 15:48 417.792 drdmo.dll
22/07/2005 14:30 417.792 rYssapi.dll
22/07/2005 14:30 417.792 rVsadhlp.dll
22/07/2005 13:20 417.792 oke2.dll
22/07/2005 13:20 417.792 ouexl32.dll
22/07/2005 10:36 417.792 dcvxdec_0407.dll
22/07/2005 10:36 417.792 dvconfig.dll
22/07/2005 09:13 417.792 iraapi.dll
22/07/2005 09:13 417.792 iJssam.dll
22/07/2005 08:08 417.792 wynmm.dll
22/07/2005 06:53 417.792 excapi.dll
22/07/2005 05:30 417.792 iDspolcy.dll
22/07/2005 04:29 417.792 nttshell.dll
22/07/2005 04:29 417.792 nuwdev.dll
22/07/2005 03:18 417.792 kwdlk41a.dll
22/07/2005 03:18 417.792 kedinmal.dll
22/07/2005 01:50 417.792 TmnLib20.dll
22/07/2005 01:50 417.792 tupelib.dll
22/07/2005 00:34 417.792 wybcheck.dll
22/07/2005 00:34 417.792 ujnp.dll
21/07/2005 23:15 417.792 pbdgen.dll
21/07/2005 23:14 417.792 mxwebdvd.dll
08/07/2005 15:35 417.792 cmmpstui.dll
08/03/2005 17:08 <REP> Microsoft
77 fichier(s) 31.752.197 octets
2 Rp(s) 31.730.626.560 octets libres

Reply

Marsh Posté le 08-08-2005 à 15:20:24

Alors ca c'est le nouveau rapport L2MFIX

L2Mfix 1.03a

Running From:
C:\DOCUME~1\JEAN-F~1\Bureau\l2mfix

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access AUTORITE NT\SYSTEM
(IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

Setting registry permissions:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Denying C(CI) access for predefined group "Administrators"
- adding new ACCESS DENY entry

Registry Permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(CI) DENY --C------- BUILTIN\Administrateurs
(NI) ALLOW Full access AUTORITE NT\SYSTEM
(IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

Setting up for Reboot

Starting Reboot!

C:\Documents and Settings\Jean-Francois\Bureau\l2mfix
System Rebooted!

Running From:
C:\Documents and Settings\Jean-Francois\Bureau\l2mfix

killing explorer and rundll32.exe

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'
Killing PID 220 'explorer.exe'

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 400 'rundll32.exe'

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
Backing Up: C:\WINDOWS\system32\ajsnds.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ajsnds.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\axmeter.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\axmeter.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\bfowser.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\bfowser.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cGg18030.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cGg18030.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cmmpstui.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cmmpstui.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cocdll.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cocdll.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cQtsrv.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\cQtsrv.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dcgest.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dcgest.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dcvxdec_0407.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dcvxdec_0407.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\Dgnzip32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\Dgnzip32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dguiext.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dguiext.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drcompos.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drcompos.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drdlgs.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drdlgs.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drdmo.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\drdmo.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dsband.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dsband.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dsnput8.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dsnput8.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dvconfig.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\dvconfig.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\efent.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\efent.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\excapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\excapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\EXDCINST.DLL
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\EXDCINST.DLL
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iDspolcy.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iDspolcy.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iJssam.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iJssam.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ijwdial.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ijwdial.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\in41_qc.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\in41_qc.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iraapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\iraapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ixxwan.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ixxwan.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\jndw400.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\jndw400.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kedinmal.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kedinmal.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kfdpl1.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kfdpl1.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kidsmsfi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kidsmsfi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kldlv.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kldlv.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kndsf.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kndsf.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kqdsmsfi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kqdsmsfi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kqdsw.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kqdsw.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\krdhept.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\krdhept.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kwdlk41a.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kwdlk41a.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kydsg.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\kydsg.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\luk.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\luk.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\lzdis13n.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\lzdis13n.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\maacm.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\maacm.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mbltus40.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mbltus40.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mbmxsdk.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mbmxsdk.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\micms.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\micms.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mil_mtf.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mil_mtf.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mjimon.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mjimon.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mkiole16.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mkiole16.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mqiqtz32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mqiqtz32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\msiwave.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\msiwave.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mtrating.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mtrating.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mujetoledb40.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mujetoledb40.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mxssc.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mxssc.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mxwebdvd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\mxwebdvd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\myise.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\myise.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nemctray.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nemctray.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\neprovau.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\neprovau.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nttshell.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nttshell.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nuwdev.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\nuwdev.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\oke2.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\oke2.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ouexl32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ouexl32.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\pbdgen.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\pbdgen.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rFsctrs.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rFsctrs.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rPsser.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rPsser.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rVsadhlp.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rVsadhlp.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rYssapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\rYssapi.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\thddd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\thddd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\TjnLib20.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\TjnLib20.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\TmnLib20.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\TmnLib20.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\topelib.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\topelib.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\tupelib.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\tupelib.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ujnp.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\ujnp.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\uvrvpa.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\uvrvpa.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\Vn5db.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\Vn5db.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wivcore.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wivcore.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wqbc3usd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wqbc3usd.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wqmioctl.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wqmioctl.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wybcheck.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wybcheck.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wynmm.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\wynmm.dll
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\guard.tmp
1 fichier(s) copi(s).
Backing Up: C:\WINDOWS\system32\guard.tmp
1 fichier(s) copi(s).
deleting: C:\WINDOWS\system32\ajsnds.dll
Successfully Deleted: C:\WINDOWS\system32\ajsnds.dll
deleting: C:\WINDOWS\system32\ajsnds.dll
Successfully Deleted: C:\WINDOWS\system32\ajsnds.dll
deleting: C:\WINDOWS\system32\axmeter.dll
Successfully Deleted: C:\WINDOWS\system32\axmeter.dll
deleting: C:\WINDOWS\system32\axmeter.dll
Successfully Deleted: C:\WINDOWS\system32\axmeter.dll
deleting: C:\WINDOWS\system32\bfowser.dll
Successfully Deleted: C:\WINDOWS\system32\bfowser.dll
deleting: C:\WINDOWS\system32\bfowser.dll
Successfully Deleted: C:\WINDOWS\system32\bfowser.dll
deleting: C:\WINDOWS\system32\cGg18030.dll
Successfully Deleted: C:\WINDOWS\system32\cGg18030.dll
deleting: C:\WINDOWS\system32\cGg18030.dll
Successfully Deleted: C:\WINDOWS\system32\cGg18030.dll
deleting: C:\WINDOWS\system32\cmmpstui.dll
Successfully Deleted: C:\WINDOWS\system32\cmmpstui.dll
deleting: C:\WINDOWS\system32\cmmpstui.dll
Successfully Deleted: C:\WINDOWS\system32\cmmpstui.dll
deleting: C:\WINDOWS\system32\cocdll.dll
Successfully Deleted: C:\WINDOWS\system32\cocdll.dll
deleting: C:\WINDOWS\system32\cocdll.dll
Successfully Deleted: C:\WINDOWS\system32\cocdll.dll
deleting: C:\WINDOWS\system32\cQtsrv.dll
Successfully Deleted: C:\WINDOWS\system32\cQtsrv.dll
deleting: C:\WINDOWS\system32\cQtsrv.dll
Successfully Deleted: C:\WINDOWS\system32\cQtsrv.dll
deleting: C:\WINDOWS\system32\dcgest.dll
Successfully Deleted: C:\WINDOWS\system32\dcgest.dll
deleting: C:\WINDOWS\system32\dcgest.dll
Successfully Deleted: C:\WINDOWS\system32\dcgest.dll
deleting: C:\WINDOWS\system32\dcvxdec_0407.dll
Successfully Deleted: C:\WINDOWS\system32\dcvxdec_0407.dll
deleting: C:\WINDOWS\system32\dcvxdec_0407.dll
Successfully Deleted: C:\WINDOWS\system32\dcvxdec_0407.dll
deleting: C:\WINDOWS\system32\Dgnzip32.dll
Successfully Deleted: C:\WINDOWS\system32\Dgnzip32.dll
deleting: C:\WINDOWS\system32\Dgnzip32.dll
Successfully Deleted: C:\WINDOWS\system32\Dgnzip32.dll
deleting: C:\WINDOWS\system32\dguiext.dll
Successfully Deleted: C:\WINDOWS\system32\dguiext.dll
deleting: C:\WINDOWS\system32\dguiext.dll
Successfully Deleted: C:\WINDOWS\system32\dguiext.dll
deleting: C:\WINDOWS\system32\drcompos.dll
Successfully Deleted: C:\WINDOWS\system32\drcompos.dll
deleting: C:\WINDOWS\system32\drcompos.dll
Successfully Deleted: C:\WINDOWS\system32\drcompos.dll
deleting: C:\WINDOWS\system32\drdlgs.dll
Successfully Deleted: C:\WINDOWS\system32\drdlgs.dll
deleting: C:\WINDOWS\system32\drdlgs.dll
Successfully Deleted: C:\WINDOWS\system32\drdlgs.dll
deleting: C:\WINDOWS\system32\drdmo.dll
Successfully Deleted: C:\WINDOWS\system32\drdmo.dll
deleting: C:\WINDOWS\system32\drdmo.dll
Successfully Deleted: C:\WINDOWS\system32\drdmo.dll
deleting: C:\WINDOWS\system32\dsband.dll
Successfully Deleted: C:\WINDOWS\system32\dsband.dll
deleting: C:\WINDOWS\system32\dsband.dll
Successfully Deleted: C:\WINDOWS\system32\dsband.dll
deleting: C:\WINDOWS\system32\dsnput8.dll
Successfully Deleted: C:\WINDOWS\system32\dsnput8.dll
deleting: C:\WINDOWS\system32\dsnput8.dll
Successfully Deleted: C:\WINDOWS\system32\dsnput8.dll
deleting: C:\WINDOWS\system32\dvconfig.dll
Successfully Deleted: C:\WINDOWS\system32\dvconfig.dll
deleting: C:\WINDOWS\system32\dvconfig.dll
Successfully Deleted: C:\WINDOWS\system32\dvconfig.dll
deleting: C:\WINDOWS\system32\efent.dll
Successfully Deleted: C:\WINDOWS\system32\efent.dll
deleting: C:\WINDOWS\system32\efent.dll
Successfully Deleted: C:\WINDOWS\system32\efent.dll
deleting: C:\WINDOWS\system32\excapi.dll
Successfully Deleted: C:\WINDOWS\system32\excapi.dll
deleting: C:\WINDOWS\system32\excapi.dll
Successfully Deleted: C:\WINDOWS\system32\excapi.dll
deleting: C:\WINDOWS\system32\EXDCINST.DLL
Successfully Deleted: C:\WINDOWS\system32\EXDCINST.DLL
deleting: C:\WINDOWS\system32\EXDCINST.DLL
Successfully Deleted: C:\WINDOWS\system32\EXDCINST.DLL
deleting: C:\WINDOWS\system32\iDspolcy.dll
Successfully Deleted: C:\WINDOWS\system32\iDspolcy.dll
deleting: C:\WINDOWS\system32\iDspolcy.dll
Successfully Deleted: C:\WINDOWS\system32\iDspolcy.dll
deleting: C:\WINDOWS\system32\iJssam.dll
Successfully Deleted: C:\WINDOWS\system32\iJssam.dll
deleting: C:\WINDOWS\system32\iJssam.dll
Successfully Deleted: C:\WINDOWS\system32\iJssam.dll
deleting: C:\WINDOWS\system32\ijwdial.dll
Successfully Deleted: C:\WINDOWS\system32\ijwdial.dll
deleting: C:\WINDOWS\system32\ijwdial.dll
Successfully Deleted: C:\WINDOWS\system32\ijwdial.dll
deleting: C:\WINDOWS\system32\in41_qc.dll
Successfully Deleted: C:\WINDOWS\system32\in41_qc.dll
deleting: C:\WINDOWS\system32\in41_qc.dll
Successfully Deleted: C:\WINDOWS\system32\in41_qc.dll
deleting: C:\WINDOWS\system32\iraapi.dll
Successfully Deleted: C:\WINDOWS\system32\iraapi.dll
deleting: C:\WINDOWS\system32\iraapi.dll
Successfully Deleted: C:\WINDOWS\system32\iraapi.dll
deleting: C:\WINDOWS\system32\ixxwan.dll
Successfully Deleted: C:\WINDOWS\system32\ixxwan.dll
deleting: C:\WINDOWS\system32\ixxwan.dll
Successfully Deleted: C:\WINDOWS\system32\ixxwan.dll
deleting: C:\WINDOWS\system32\jndw400.dll
Successfully Deleted: C:\WINDOWS\system32\jndw400.dll
deleting: C:\WINDOWS\system32\jndw400.dll
Successfully Deleted: C:\WINDOWS\system32\jndw400.dll
deleting: C:\WINDOWS\system32\kedinmal.dll
Successfully Deleted: C:\WINDOWS\system32\kedinmal.dll
deleting: C:\WINDOWS\system32\kedinmal.dll
Successfully Deleted: C:\WINDOWS\system32\kedinmal.dll
deleting: C:\WINDOWS\system32\kfdpl1.dll
Successfully Deleted: C:\WINDOWS\system32\kfdpl1.dll
deleting: C:\WINDOWS\system32\kfdpl1.dll
Successfully Deleted: C:\WINDOWS\system32\kfdpl1.dll
deleting: C:\WINDOWS\system32\kidsmsfi.dll
Successfully Deleted: C:\WINDOWS\system32\kidsmsfi.dll
deleting: C:\WINDOWS\system32\kidsmsfi.dll
Successfully Deleted: C:\WINDOWS\system32\kidsmsfi.dll
deleting: C:\WINDOWS\system32\kldlv.dll
Successfully Deleted: C:\WINDOWS\system32\kldlv.dll
deleting: C:\WINDOWS\system32\kldlv.dll
Successfully Deleted: C:\WINDOWS\system32\kldlv.dll
deleting: C:\WINDOWS\system32\kndsf.dll
Successfully Deleted: C:\WINDOWS\system32\kndsf.dll
deleting: C:\WINDOWS\system32\kndsf.dll
Successfully Deleted: C:\WINDOWS\system32\kndsf.dll
deleting: C:\WINDOWS\system32\kqdsmsfi.dll
Successfully Deleted: C:\WINDOWS\system32\kqdsmsfi.dll
deleting: C:\WINDOWS\system32\kqdsmsfi.dll
Successfully Deleted: C:\WINDOWS\system32\kqdsmsfi.dll
deleting: C:\WINDOWS\system32\kqdsw.dll
Successfully Deleted: C:\WINDOWS\system32\kqdsw.dll
deleting: C:\WINDOWS\system32\kqdsw.dll
Successfully Deleted: C:\WINDOWS\system32\kqdsw.dll
deleting: C:\WINDOWS\system32\krdhept.dll
Successfully Deleted: C:\WINDOWS\system32\krdhept.dll
deleting: C:\WINDOWS\system32\krdhept.dll
Successfully Deleted: C:\WINDOWS\system32\krdhept.dll
deleting: C:\WINDOWS\system32\kwdlk41a.dll
Successfully Deleted: C:\WINDOWS\system32\kwdlk41a.dll
deleting: C:\WINDOWS\system32\kwdlk41a.dll
Successfully Deleted: C:\WINDOWS\system32\kwdlk41a.dll
deleting: C:\WINDOWS\system32\kydsg.dll
Successfully Deleted: C:\WINDOWS\system32\kydsg.dll
deleting: C:\WINDOWS\system32\kydsg.dll
Successfully Deleted: C:\WINDOWS\system32\kydsg.dll
deleting: C:\WINDOWS\system32\luk.dll
Successfully Deleted: C:\WINDOWS\system32\luk.dll
deleting: C:\WINDOWS\system32\luk.dll
Successfully Deleted: C:\WINDOWS\system32\luk.dll
deleting: C:\WINDOWS\system32\lzdis13n.dll
Successfully Deleted: C:\WINDOWS\system32\lzdis13n.dll
deleting: C:\WINDOWS\system32\lzdis13n.dll
Successfully Deleted: C:\WINDOWS\system32\lzdis13n.dll
deleting: C:\WINDOWS\system32\maacm.dll
Successfully Deleted: C:\WINDOWS\system32\maacm.dll
deleting: C:\WINDOWS\system32\maacm.dll
Successfully Deleted: C:\WINDOWS\system32\maacm.dll
deleting: C:\WINDOWS\system32\mbltus40.dll
Successfully Deleted: C:\WINDOWS\system32\mbltus40.dll
deleting: C:\WINDOWS\system32\mbltus40.dll
Successfully Deleted: C:\WINDOWS\system32\mbltus40.dll
deleting: C:\WINDOWS\system32\mbmxsdk.dll
Successfully Deleted: C:\WINDOWS\system32\mbmxsdk.dll
deleting: C:\WINDOWS\system32\mbmxsdk.dll
Successfully Deleted: C:\WINDOWS\system32\mbmxsdk.dll
deleting: C:\WINDOWS\system32\micms.dll
Successfully Deleted: C:\WINDOWS\system32\micms.dll
deleting: C:\WINDOWS\system32\micms.dll
Successfully Deleted: C:\WINDOWS\system32\micms.dll
deleting: C:\WINDOWS\system32\mil_mtf.dll
Successfully Deleted: C:\WINDOWS\system32\mil_mtf.dll
deleting: C:\WINDOWS\system32\mil_mtf.dll
Successfully Deleted: C:\WINDOWS\system32\mil_mtf.dll
deleting: C:\WINDOWS\system32\mjimon.dll
Successfully Deleted: C:\WINDOWS\system32\mjimon.dll
deleting: C:\WINDOWS\system32\mjimon.dll
Successfully Deleted: C:\WINDOWS\system32\mjimon.dll
deleting: C:\WINDOWS\system32\mkiole16.dll
Successfully Deleted: C:\WINDOWS\system32\mkiole16.dll
deleting: C:\WINDOWS\system32\mkiole16.dll
Successfully Deleted: C:\WINDOWS\system32\mkiole16.dll
deleting: C:\WINDOWS\system32\mqiqtz32.dll
Successfully Deleted: C:\WINDOWS\system32\mqiqtz32.dll
deleting: C:\WINDOWS\system32\mqiqtz32.dll
Successfully Deleted: C:\WINDOWS\system32\mqiqtz32.dll
deleting: C:\WINDOWS\system32\msiwave.dll
Successfully Deleted: C:\WINDOWS\system32\msiwave.dll
deleting: C:\WINDOWS\system32\msiwave.dll
Successfully Deleted: C:\WINDOWS\system32\msiwave.dll
deleting: C:\WINDOWS\system32\mtrating.dll
Successfully Deleted: C:\WINDOWS\system32\mtrating.dll
deleting: C:\WINDOWS\system32\mtrating.dll
Successfully Deleted: C:\WINDOWS\system32\mtrating.dll
deleting: C:\WINDOWS\system32\mujetoledb40.dll
Successfully Deleted: C:\WINDOWS\system32\mujetoledb40.dll
deleting: C:\WINDOWS\system32\mujetoledb40.dll
Successfully Deleted: C:\WINDOWS\system32\mujetoledb40.dll
deleting: C:\WINDOWS\system32\mxssc.dll
Successfully Deleted: C:\WINDOWS\system32\mxssc.dll
deleting: C:\WINDOWS\system32\mxssc.dll
Successfully Deleted: C:\WINDOWS\system32\mxssc.dll
deleting: C:\WINDOWS\system32\mxwebdvd.dll
Successfully Deleted: C:\WINDOWS\system32\mxwebdvd.dll
deleting: C:\WINDOWS\system32\mxwebdvd.dll
Successfully Deleted: C:\WINDOWS\system32\mxwebdvd.dll
deleting: C:\WINDOWS\system32\myise.dll
Successfully Deleted: C:\WINDOWS\system32\myise.dll
deleting: C:\WINDOWS\system32\myise.dll
Successfully Deleted: C:\WINDOWS\system32\myise.dll
deleting: C:\WINDOWS\system32\nemctray.dll
Successfully Deleted: C:\WINDOWS\system32\nemctray.dll
deleting: C:\WINDOWS\system32\nemctray.dll
Successfully Deleted: C:\WINDOWS\system32\nemctray.dll
deleting: C:\WINDOWS\system32\neprovau.dll
Successfully Deleted: C:\WINDOWS\system32\neprovau.dll
deleting: C:\WINDOWS\system32\neprovau.dll
Successfully Deleted: C:\WINDOWS\system32\neprovau.dll
deleting: C:\WINDOWS\system32\nttshell.dll
Successfully Deleted: C:\WINDOWS\system32\nttshell.dll
deleting: C:\WINDOWS\system32\nttshell.dll
Successfully Deleted: C:\WINDOWS\system32\nttshell.dll
deleting: C:\WINDOWS\system32\nuwdev.dll
Successfully Deleted: C:\WINDOWS\system32\nuwdev.dll
deleting: C:\WINDOWS\system32\nuwdev.dll
Successfully Deleted: C:\WINDOWS\system32\nuwdev.dll
deleting: C:\WINDOWS\system32\oke2.dll
Successfully Deleted: C:\WINDOWS\system32\oke2.dll
deleting: C:\WINDOWS\system32\oke2.dll
Successfully Deleted: C:\WINDOWS\system32\oke2.dll
deleting: C:\WINDOWS\system32\ouexl32.dll
Successfully Deleted: C:\WINDOWS\system32\ouexl32.dll
deleting: C:\WINDOWS\system32\ouexl32.dll
Successfully Deleted: C:\WINDOWS\system32\ouexl32.dll
deleting: C:\WINDOWS\system32\pbdgen.dll
Successfully Deleted: C:\WINDOWS\system32\pbdgen.dll
deleting: C:\WINDOWS\system32\pbdgen.dll
Successfully Deleted: C:\WINDOWS\system32\pbdgen.dll
deleting: C:\WINDOWS\system32\rFsctrs.dll
Successfully Deleted: C:\WINDOWS\system32\rFsctrs.dll
deleting: C:\WINDOWS\system32\rFsctrs.dll
Successfully Deleted: C:\WINDOWS\system32\rFsctrs.dll
deleting: C:\WINDOWS\system32\rPsser.dll
Successfully Deleted: C:\WINDOWS\system32\rPsser.dll
deleting: C:\WINDOWS\system32\rPsser.dll
Successfully Deleted: C:\WINDOWS\system32\rPsser.dll
deleting: C:\WINDOWS\system32\rVsadhlp.dll
Successfully Deleted: C:\WINDOWS\system32\rVsadhlp.dll
deleting: C:\WINDOWS\system32\rVsadhlp.dll
Successfully Deleted: C:\WINDOWS\system32\rVsadhlp.dll
deleting: C:\WINDOWS\system32\rYssapi.dll
Successfully Deleted: C:\WINDOWS\system32\rYssapi.dll
deleting: C:\WINDOWS\system32\rYssapi.dll
Successfully Deleted: C:\WINDOWS\system32\rYssapi.dll
deleting: C:\WINDOWS\system32\thddd.dll
Successfully Deleted: C:\WINDOWS\system32\thddd.dll
deleting: C:\WINDOWS\system32\thddd.dll
Successfully Deleted: C:\WINDOWS\system32\thddd.dll
deleting: C:\WINDOWS\system32\TjnLib20.dll
Successfully Deleted: C:\WINDOWS\system32\TjnLib20.dll
deleting: C:\WINDOWS\system32\TjnLib20.dll
Successfully Deleted: C:\WINDOWS\system32\TjnLib20.dll
deleting: C:\WINDOWS\system32\TmnLib20.dll
Successfully Deleted: C:\WINDOWS\system32\TmnLib20.dll
deleting: C:\WINDOWS\system32\TmnLib20.dll
Successfully Deleted: C:\WINDOWS\system32\TmnLib20.dll
deleting: C:\WINDOWS\system32\topelib.dll
Successfully Deleted: C:\WINDOWS\system32\topelib.dll
deleting: C:\WINDOWS\system32\topelib.dll
Successfully Deleted: C:\WINDOWS\system32\topelib.dll
deleting: C:\WINDOWS\system32\tupelib.dll
Successfully Deleted: C:\WINDOWS\system32\tupelib.dll
deleting: C:\WINDOWS\system32\tupelib.dll
Successfully Deleted: C:\WINDOWS\system32\tupelib.dll
deleting: C:\WINDOWS\system32\ujnp.dll
Successfully Deleted: C:\WINDOWS\system32\ujnp.dll
deleting: C:\WINDOWS\system32\ujnp.dll
Successfully Deleted: C:\WINDOWS\system32\ujnp.dll
deleting: C:\WINDOWS\system32\uvrvpa.dll
Successfully Deleted: C:\WINDOWS\system32\uvrvpa.dll
deleting: C:\WINDOWS\system32\uvrvpa.dll
Successfully Deleted: C:\WINDOWS\system32\uvrvpa.dll
deleting: C:\WINDOWS\system32\Vn5db.dll
Successfully Deleted: C:\WINDOWS\system32\Vn5db.dll
deleting: C:\WINDOWS\system32\Vn5db.dll
Successfully Deleted: C:\WINDOWS\system32\Vn5db.dll
deleting: C:\WINDOWS\system32\wivcore.dll
Successfully Deleted: C:\WINDOWS\system32\wivcore.dll
deleting: C:\WINDOWS\system32\wivcore.dll
Successfully Deleted: C:\WINDOWS\system32\wivcore.dll
deleting: C:\WINDOWS\system32\wqbc3usd.dll
Successfully Deleted: C:\WINDOWS\system32\wqbc3usd.dll
deleting: C:\WINDOWS\system32\wqbc3usd.dll
Successfully Deleted: C:\WINDOWS\system32\wqbc3usd.dll
deleting: C:\WINDOWS\system32\wqmioctl.dll
Successfully Deleted: C:\WINDOWS\system32\wqmioctl.dll
deleting: C:\WINDOWS\system32\wqmioctl.dll
Successfully Deleted: C:\WINDOWS\system32\wqmioctl.dll
deleting: C:\WINDOWS\system32\wybcheck.dll
Successfully Deleted: C:\WINDOWS\system32\wybcheck.dll
deleting: C:\WINDOWS\system32\wybcheck.dll
Successfully Deleted: C:\WINDOWS\system32\wybcheck.dll
deleting: C:\WINDOWS\system32\wynmm.dll
Successfully Deleted: C:\WINDOWS\system32\wynmm.dll
deleting: C:\WINDOWS\system32\wynmm.dll
Successfully Deleted: C:\WINDOWS\system32\wynmm.dll
deleting: C:\WINDOWS\system32\guard.tmp
Successfully Deleted: C:\WINDOWS\system32\guard.tmp
deleting: C:\WINDOWS\system32\guard.tmp
Successfully Deleted: C:\WINDOWS\system32\guard.tmp

Zipping up files for submission:
adding: ajsnds.dll (164 bytes security) (deflated 48%)
adding: axmeter.dll (164 bytes security) (deflated 48%)
adding: bfowser.dll (164 bytes security) (deflated 48%)
adding: cGg18030.dll (164 bytes security) (deflated 48%)
adding: cmmpstui.dll (164 bytes security) (deflated 48%)
adding: cocdll.dll (164 bytes security) (deflated 48%)
adding: cQtsrv.dll (164 bytes security) (deflated 48%)
adding: dcgest.dll (164 bytes security) (deflated 48%)
adding: dcvxdec_0407.dll (164 bytes security) (deflated 48%)
adding: Dgnzip32.dll (164 bytes security) (deflated 48%)
adding: dguiext.dll (164 bytes security) (deflated 48%)
adding: drcompos.dll (164 bytes security) (deflated 48%)
adding: drdlgs.dll (164 bytes security) (deflated 48%)
adding: drdmo.dll (164 bytes security) (deflated 48%)
adding: dsband.dll (164 bytes security) (deflated 48%)
adding: dsnput8.dll (164 bytes security) (deflated 48%)
adding: dvconfig.dll (164 bytes security) (deflated 48%)
adding: efent.dll (164 bytes security) (deflated 48%)
adding: excapi.dll (164 bytes security) (deflated 48%)
adding: EXDCINST.DLL (164 bytes security) (deflated 48%)
adding: iDspolcy.dll (164 bytes security) (deflated 48%)
adding: iJssam.dll (164 bytes security) (deflated 48%)
adding: ijwdial.dll (164 bytes security) (deflated 48%)
adding: in41_qc.dll (164 bytes security) (deflated 48%)
adding: iraapi.dll (164 bytes security) (deflated 48%)
adding: ixxwan.dll (164 bytes security) (deflated 48%)
adding: jndw400.dll (164 bytes security) (deflated 48%)
adding: kedinmal.dll (164 bytes security) (deflated 48%)
adding: kfdpl1.dll (164 bytes security) (deflated 48%)
adding: kidsmsfi.dll (164 bytes security) (deflated 48%)
adding: kldlv.dll (164 bytes security) (deflated 48%)
adding: kndsf.dll (164 bytes security) (deflated 48%)
adding: kqdsmsfi.dll (164 bytes security) (deflated 48%)
adding: kqdsw.dll (164 bytes security) (deflated 48%)
adding: krdhept.dll (164 bytes security) (deflated 48%)
adding: kwdlk41a.dll (164 bytes security) (deflated 48%)
adding: kydsg.dll (164 bytes security) (deflated 48%)
adding: luk.dll (164 bytes security) (deflated 48%)
adding: lzdis13n.dll (164 bytes security) (deflated 48%)
adding: maacm.dll (164 bytes security) (deflated 48%)
adding: mbltus40.dll (164 bytes security) (deflated 48%)
adding: mbmxsdk.dll (164 bytes security) (deflated 48%)
adding: micms.dll (164 bytes security) (deflated 48%)
adding: mil_mtf.dll (164 bytes security) (deflated 48%)
adding: mjimon.dll (164 bytes security) (deflated 48%)
adding: mkiole16.dll (164 bytes security) (deflated 48%)
adding: mqiqtz32.dll (164 bytes security) (deflated 48%)
adding: msiwave.dll (164 bytes security) (deflated 48%)
adding: mtrating.dll (164 bytes security) (deflated 48%)
adding: mujetoledb40.dll (164 bytes security) (deflated 48%)
adding: mxssc.dll (164 bytes security) (deflated 48%)
adding: mxwebdvd.dll (164 bytes security) (deflated 48%)
adding: myise.dll (164 bytes security) (deflated 48%)
adding: nemctray.dll (164 bytes security) (deflated 48%)
adding: neprovau.dll (164 bytes security) (deflated 48%)
adding: nttshell.dll (164 bytes security) (deflated 48%)
adding: nuwdev.dll (164 bytes security) (deflated 48%)
adding: oke2.dll (164 bytes security) (deflated 48%)
adding: ouexl32.dll (164 bytes security) (deflated 48%)
adding: pbdgen.dll (164 bytes security) (deflated 48%)
adding: rFsctrs.dll (164 bytes security) (deflated 48%)
adding: rPsser.dll (164 bytes security) (deflated 48%)
adding: rVsadhlp.dll (164 bytes security) (deflated 48%)
adding: rYssapi.dll (164 bytes security) (deflated 48%)
adding: thddd.dll (164 bytes security) (deflated 48%)
adding: TjnLib20.dll (164 bytes security) (deflated 48%)
adding: TmnLib20.dll (164 bytes security) (deflated 48%)
adding: topelib.dll (164 bytes security) (deflated 48%)
adding: tupelib.dll (164 bytes security) (deflated 48%)
adding: ujnp.dll (164 bytes security) (deflated 48%)
adding: uvrvpa.dll (164 bytes security) (deflated 48%)
adding: Vn5db.dll (164 bytes security) (deflated 48%)
adding: wivcore.dll (164 bytes security) (deflated 48%)
adding: wqbc3usd.dll (164 bytes security) (deflated 48%)
adding: wqmioctl.dll (164 bytes security) (deflated 48%)
adding: wybcheck.dll (164 bytes security) (deflated 48%)
adding: wynmm.dll (164 bytes security) (deflated 48%)
adding: guard.tmp (164 bytes security) (deflated 48%)
adding: clear.reg (164 bytes security) (deflated 51%)
adding: echo.reg (164 bytes security) (deflated 10%)
adding: direct.txt (164 bytes security) (stored 0%)
adding: lo2.txt (164 bytes security) (deflated 92%)
adding: readme.txt (164 bytes security) (deflated 49%)
adding: report.txt (164 bytes security) (deflated 69%)
adding: test.txt (164 bytes security) (deflated 92%)
adding: test2.txt (164 bytes security) (deflated 33%)
adding: test3.txt (164 bytes security) (deflated 33%)
adding: test5.txt (164 bytes security) (deflated 33%)
adding: xfind.txt (164 bytes security) (deflated 89%)
adding: backregs/40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B.reg (164 bytes security) (deflated 70%)
adding: backregs/43717525-8308-403B-806F-0C443CD1AE92.reg (164 bytes security) (deflated 69%)
adding: backregs/6795D0F9-B5F7-49DD-B58A-7B535416E8A4.reg (164 bytes security) (deflated 70%)
adding: backregs/D23E7B4C-CFA3-4D90-937B-7A766A26BDA2.reg (164 bytes security) (deflated 70%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)

Restoring Registry Permissions:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Revoking access for predefined group "Administrators"
Inherited ACE can not be revoked here!
Inherited ACE can not be revoked here!

Registry permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access AUTORITE NT\SYSTEM
(IO) ALLOW Full access AUTORITE NT\SYSTEM
(NI) ALLOW Full access AUTORITE NT\SYSTEM
(IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-IO) ALLOW Read BUILTIN\Utilisateurs avec pouvoir
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE

Restoring Sedebugprivilege:

Granting SeDebugPrivilege to Administrators ... failed (GetAccountSid(Administrators)=1332

deleting local copy: ajsnds.dll
deleting local copy: ajsnds.dll
deleting local copy: axmeter.dll
deleting local copy: axmeter.dll
deleting local copy: bfowser.dll
deleting local copy: bfowser.dll
deleting local copy: cGg18030.dll
deleting local copy: cGg18030.dll
deleting local copy: cmmpstui.dll
deleting local copy: cmmpstui.dll
deleting local copy: cocdll.dll
deleting local copy: cocdll.dll
deleting local copy: cQtsrv.dll
deleting local copy: cQtsrv.dll
deleting local copy: dcgest.dll
deleting local copy: dcgest.dll
deleting local copy: dcvxdec_0407.dll
deleting local copy: dcvxdec_0407.dll
deleting local copy: Dgnzip32.dll
deleting local copy: Dgnzip32.dll
deleting local copy: dguiext.dll
deleting local copy: dguiext.dll
deleting local copy: drcompos.dll
deleting local copy: drcompos.dll
deleting local copy: drdlgs.dll
deleting local copy: drdlgs.dll
deleting local copy: drdmo.dll
deleting local copy: drdmo.dll
deleting local copy: dsband.dll
deleting local copy: dsband.dll
deleting local copy: dsnput8.dll
deleting local copy: dsnput8.dll
deleting local copy: dvconfig.dll
deleting local copy: dvconfig.dll
deleting local copy: efent.dll
deleting local copy: efent.dll
deleting local copy: excapi.dll
deleting local copy: excapi.dll
deleting local copy: EXDCINST.DLL
deleting local copy: EXDCINST.DLL
deleting local copy: iDspolcy.dll
deleting local copy: iDspolcy.dll
deleting local copy: iJssam.dll
deleting local copy: iJssam.dll
deleting local copy: ijwdial.dll
deleting local copy: ijwdial.dll
deleting local copy: in41_qc.dll
deleting local copy: in41_qc.dll
deleting local copy: iraapi.dll
deleting local copy: iraapi.dll
deleting local copy: ixxwan.dll
deleting local copy: ixxwan.dll
deleting local copy: jndw400.dll
deleting local copy: jndw400.dll
deleting local copy: kedinmal.dll
deleting local copy: kedinmal.dll
deleting local copy: kfdpl1.dll
deleting local copy: kfdpl1.dll
deleting local copy: kidsmsfi.dll
deleting local copy: kidsmsfi.dll
deleting local copy: kldlv.dll
deleting local copy: kldlv.dll
deleting local copy: kndsf.dll
deleting local copy: kndsf.dll
deleting local copy: kqdsmsfi.dll
deleting local copy: kqdsmsfi.dll
deleting local copy: kqdsw.dll
deleting local copy: kqdsw.dll
deleting local copy: krdhept.dll
deleting local copy: krdhept.dll
deleting local copy: kwdlk41a.dll
deleting local copy: kwdlk41a.dll
deleting local copy: kydsg.dll
deleting local copy: kydsg.dll
deleting local copy: luk.dll
deleting local copy: luk.dll
deleting local copy: lzdis13n.dll
deleting local copy: lzdis13n.dll
deleting local copy: maacm.dll
deleting local copy: maacm.dll
deleting local copy: mbltus40.dll
deleting local copy: mbltus40.dll
deleting local copy: mbmxsdk.dll
deleting local copy: mbmxsdk.dll
deleting local copy: micms.dll
deleting local copy: micms.dll
deleting local copy: mil_mtf.dll
deleting local copy: mil_mtf.dll
deleting local copy: mjimon.dll
deleting local copy: mjimon.dll
deleting local copy: mkiole16.dll
deleting local copy: mkiole16.dll
deleting local copy: mqiqtz32.dll
deleting local copy: mqiqtz32.dll
deleting local copy: msiwave.dll
deleting local copy: msiwave.dll
deleting local copy: mtrating.dll
deleting local copy: mtrating.dll
deleting local copy: mujetoledb40.dll
deleting local copy: mujetoledb40.dll
deleting local copy: mxssc.dll
deleting local copy: mxssc.dll
deleting local copy: mxwebdvd.dll
deleting local copy: mxwebdvd.dll
deleting local copy: myise.dll
deleting local copy: myise.dll
deleting local copy: nemctray.dll
deleting local copy: nemctray.dll
deleting local copy: neprovau.dll
deleting local copy: neprovau.dll
deleting local copy: nttshell.dll
deleting local copy: nttshell.dll
deleting local copy: nuwdev.dll
deleting local copy: nuwdev.dll
deleting local copy: oke2.dll
deleting local copy: oke2.dll
deleting local copy: ouexl32.dll
deleting local copy: ouexl32.dll
deleting local copy: pbdgen.dll
deleting local copy: pbdgen.dll
deleting local copy: rFsctrs.dll
deleting local copy: rFsctrs.dll
deleting local copy: rPsser.dll
deleting local copy: rPsser.dll
deleting local copy: rVsadhlp.dll
deleting local copy: rVsadhlp.dll
deleting local copy: rYssapi.dll
deleting local copy: rYssapi.dll
deleting local copy: thddd.dll
deleting local copy: thddd.dll
deleting local copy: TjnLib20.dll
deleting local copy: TjnLib20.dll
deleting local copy: TmnLib20.dll
deleting local copy: TmnLib20.dll
deleting local copy: topelib.dll
deleting local copy: topelib.dll
deleting local copy: tupelib.dll
deleting local copy: tupelib.dll
deleting local copy: ujnp.dll
deleting local copy: ujnp.dll
deleting local copy: uvrvpa.dll
deleting local copy: uvrvpa.dll
deleting local copy: Vn5db.dll
deleting local copy: Vn5db.dll
deleting local copy: wivcore.dll
deleting local copy: wivcore.dll
deleting local copy: wqbc3usd.dll
deleting local copy: wqbc3usd.dll
deleting local copy: wqmioctl.dll
deleting local copy: wqmioctl.dll
deleting local copy: wybcheck.dll
deleting local copy: wybcheck.dll
deleting local copy: wynmm.dll
deleting local copy: wynmm.dll
deleting local copy: guard.tmp
deleting local copy: guard.tmp

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

The following are the files found:
****************************************************************************
C:\WINDOWS\system32\ajsnds.dll
C:\WINDOWS\system32\ajsnds.dll
C:\WINDOWS\system32\axmeter.dll
C:\WINDOWS\system32\axmeter.dll
C:\WINDOWS\system32\bfowser.dll
C:\WINDOWS\system32\bfowser.dll
C:\WINDOWS\system32\cGg18030.dll
C:\WINDOWS\system32\cGg18030.dll
C:\WINDOWS\system32\cmmpstui.dll
C:\WINDOWS\system32\cmmpstui.dll
C:\WINDOWS\system32\cocdll.dll
C:\WINDOWS\system32\cocdll.dll
C:\WINDOWS\system32\cQtsrv.dll
C:\WINDOWS\system32\cQtsrv.dll
C:\WINDOWS\system32\dcgest.dll
C:\WINDOWS\system32\dcgest.dll
C:\WINDOWS\system32\dcvxdec_0407.dll
C:\WINDOWS\system32\dcvxdec_0407.dll
C:\WINDOWS\system32\Dgnzip32.dll
C:\WINDOWS\system32\Dgnzip32.dll
C:\WINDOWS\system32\dguiext.dll
C:\WINDOWS\system32\dguiext.dll
C:\WINDOWS\system32\drcompos.dll
C:\WINDOWS\system32\drcompos.dll
C:\WINDOWS\system32\drdlgs.dll
C:\WINDOWS\system32\drdlgs.dll
C:\WINDOWS\system32\drdmo.dll
C:\WINDOWS\system32\drdmo.dll
C:\WINDOWS\system32\dsband.dll
C:\WINDOWS\system32\dsband.dll
C:\WINDOWS\system32\dsnput8.dll
C:\WINDOWS\system32\dsnput8.dll
C:\WINDOWS\system32\dvconfig.dll
C:\WINDOWS\system32\dvconfig.dll
C:\WINDOWS\system32\efent.dll
C:\WINDOWS\system32\efent.dll
C:\WINDOWS\system32\excapi.dll
C:\WINDOWS\system32\excapi.dll
C:\WINDOWS\system32\EXDCINST.DLL
C:\WINDOWS\system32\EXDCINST.DLL
C:\WINDOWS\system32\iDspolcy.dll
C:\WINDOWS\system32\iDspolcy.dll
C:\WINDOWS\system32\iJssam.dll
C:\WINDOWS\system32\iJssam.dll
C:\WINDOWS\system32\ijwdial.dll
C:\WINDOWS\system32\ijwdial.dll
C:\WINDOWS\system32\in41_qc.dll
C:\WINDOWS\system32\in41_qc.dll
C:\WINDOWS\system32\iraapi.dll
C:\WINDOWS\system32\iraapi.dll
C:\WINDOWS\system32\ixxwan.dll
C:\WINDOWS\system32\ixxwan.dll
C:\WINDOWS\system32\jndw400.dll
C:\WINDOWS\system32\jndw400.dll
C:\WINDOWS\system32\kedinmal.dll
C:\WINDOWS\system32\kedinmal.dll
C:\WINDOWS\system32\kfdpl1.dll
C:\WINDOWS\system32\kfdpl1.dll
C:\WINDOWS\system32\kidsmsfi.dll
C:\WINDOWS\system32\kidsmsfi.dll
C:\WINDOWS\system32\kldlv.dll
C:\WINDOWS\system32\kldlv.dll
C:\WINDOWS\system32\kndsf.dll
C:\WINDOWS\system32\kndsf.dll
C:\WINDOWS\system32\kqdsmsfi.dll
C:\WINDOWS\system32\kqdsmsfi.dll
C:\WINDOWS\system32\kqdsw.dll
C:\WINDOWS\system32\kqdsw.dll
C:\WINDOWS\system32\krdhept.dll
C:\WINDOWS\system32\krdhept.dll
C:\WINDOWS\system32\kwdlk41a.dll
C:\WINDOWS\system32\kwdlk41a.dll
C:\WINDOWS\system32\kydsg.dll
C:\WINDOWS\system32\kydsg.dll
C:\WINDOWS\system32\luk.dll
C:\WINDOWS\system32\luk.dll
C:\WINDOWS\system32\lzdis13n.dll
C:\WINDOWS\system32\lzdis13n.dll
C:\WINDOWS\system32\maacm.dll
C:\WINDOWS\system32\maacm.dll
C:\WINDOWS\system32\mbltus40.dll
C:\WINDOWS\system32\mbltus40.dll
C:\WINDOWS\system32\mbmxsdk.dll
C:\WINDOWS\system32\mbmxsdk.dll
C:\WINDOWS\system32\micms.dll
C:\WINDOWS\system32\micms.dll
C:\WINDOWS\system32\mil_mtf.dll
C:\WINDOWS\system32\mil_mtf.dll
C:\WINDOWS\system32\mjimon.dll
C:\WINDOWS\system32\mjimon.dll
C:\WINDOWS\system32\mkiole16.dll
C:\WINDOWS\system32\mkiole16.dll
C:\WINDOWS\system32\mqiqtz32.dll
C:\WINDOWS\system32\mqiqtz32.dll
C:\WINDOWS\system32\msiwave.dll
C:\WINDOWS\system32\msiwave.dll
C:\WINDOWS\system32\mtrating.dll
C:\WINDOWS\system32\mtrating.dll
C:\WINDOWS\system32\mujetoledb40.dll
C:\WINDOWS\system32\mujetoledb40.dll
C:\WINDOWS\system32\mxssc.dll
C:\WINDOWS\system32\mxssc.dll
C:\WINDOWS\system32\mxwebdvd.dll
C:\WINDOWS\system32\mxwebdvd.dll
C:\WINDOWS\system32\myise.dll
C:\WINDOWS\system32\myise.dll
C:\WINDOWS\system32\nemctray.dll
C:\WINDOWS\system32\nemctray.dll
C:\WINDOWS\system32\neprovau.dll
C:\WINDOWS\system32\neprovau.dll
C:\WINDOWS\system32\nttshell.dll
C:\WINDOWS\system32\nttshell.dll
C:\WINDOWS\system32\nuwdev.dll
C:\WINDOWS\system32\nuwdev.dll
C:\WINDOWS\system32\oke2.dll
C:\WINDOWS\system32\oke2.dll
C:\WINDOWS\system32\ouexl32.dll
C:\WINDOWS\system32\ouexl32.dll
C:\WINDOWS\system32\pbdgen.dll
C:\WINDOWS\system32\pbdgen.dll
C:\WINDOWS\system32\rFsctrs.dll
C:\WINDOWS\system32\rFsctrs.dll
C:\WINDOWS\system32\rPsser.dll
C:\WINDOWS\system32\rPsser.dll
C:\WINDOWS\system32\rVsadhlp.dll
C:\WINDOWS\system32\rVsadhlp.dll
C:\WINDOWS\system32\rYssapi.dll
C:\WINDOWS\system32\rYssapi.dll
C:\WINDOWS\system32\thddd.dll
C:\WINDOWS\system32\thddd.dll
C:\WINDOWS\system32\TjnLib20.dll
C:\WINDOWS\system32\TjnLib20.dll
C:\WINDOWS\system32\TmnLib20.dll
C:\WINDOWS\system32\TmnLib20.dll
C:\WINDOWS\system32\topelib.dll
C:\WINDOWS\system32\topelib.dll
C:\WINDOWS\system32\tupelib.dll
C:\WINDOWS\system32\tupelib.dll
C:\WINDOWS\system32\ujnp.dll
C:\WINDOWS\system32\ujnp.dll
C:\WINDOWS\system32\uvrvpa.dll
C:\WINDOWS\system32\uvrvpa.dll
C:\WINDOWS\system32\Vn5db.dll
C:\WINDOWS\system32\Vn5db.dll
C:\WINDOWS\system32\wivcore.dll
C:\WINDOWS\system32\wivcore.dll
C:\WINDOWS\system32\wqbc3usd.dll
C:\WINDOWS\system32\wqbc3usd.dll
C:\WINDOWS\system32\wqmioctl.dll
C:\WINDOWS\system32\wqmioctl.dll
C:\WINDOWS\system32\wybcheck.dll
C:\WINDOWS\system32\wybcheck.dll
C:\WINDOWS\system32\wynmm.dll
C:\WINDOWS\system32\wynmm.dll
C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\system32\guard.tmp

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{43717525-8308-403B-806F-0C443CD1AE92}"=-
"{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}"=-
"{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}"=-
"{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}"=-
[-HKEY_CLASSES_ROOT\CLSID\{43717525-8308-403B-806F-0C443CD1AE92}]
[-HKEY_CLASSES_ROOT\CLSID\{6795D0F9-B5F7-49DD-B58A-7B535416E8A4}]
[-HKEY_CLASSES_ROOT\CLSID\{40DAD69F-7A46-4A91-B1B4-EA5FDE81AD8B}]
[-HKEY_CLASSES_ROOT\CLSID\{D23E7B4C-CFA3-4D90-937B-7A766A26BDA2}]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************

Reply

Marsh Posté le 08-08-2005 à 15:21:39

Et voici le rapport de Hijackthis >>>

Logfile of HijackThis v1.99.1
Scan saved at 15:20:51, on 08/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\DelFax\WFXSWTCH.exe
C:\WINDOWS\system32\wfxsnt40.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WFXSVC.EXE
C:\Program Files\DelFax\WFXMOD32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jean-Francois\Bureau\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAV50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe" -run -n PersonalPro -v 5.0.0.0
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe" -run bl -n PersonalPro -v 5.0.0.0 -ttsr 10000000 (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE

Reply

Marsh Posté le 08-08-2005 à 15:24:23

Qu'en pensez-vous Docteur ?

Reply

Marsh Posté le 08-08-2005 à 15:35:38

En tout cas je suis en train de surfer pour voir un peu et pour le moment pas de trace de winfixer ca s'annonce plutôt bien !

Reply

Marsh Posté le 08-08-2005 à 15:36:14

Le rapport est propre, comment fonctionne ton ordinateur, as-tu toujours les mêmes problèmes?

Reply

Marsh Posté le 08-08-2005 à 15:37:34

stonangel a écrit :

Le rapport est propre, comment fonctionne ton ordinateur, as-tu toujours les mêmes problèmes?

Je crois que c'est bon tout a l'air d'être revenu à la normale ;-) J'suis trop content merci beaucoup beaucoup beaucoup !!!!!!

:jap:

Reply

Marsh Posté le 08-08-2005 à 15:39:41

De rien, bon surf :hello:

Reply

Marsh Posté le

Reply

Aidez moi svp je suis dans le kk à cause de winfixer!

Sujets relatifs:

Leave a Replay