Rapport hijackthis

SAM -  
aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur -
suis-je infecté ?

Logfile of HijackThis v1.99.1
Scan saved at 23:26:09, on 11/06/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\QQ\command.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe
C:\Documents and Settings\A\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\jkhhh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KAVPersonal50] d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Office 1\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = D:\Program Files\Office 1\Office\1036\OLFSNT40.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA7F4D3A-4BFA-4F7B-9C16-4076CF9B59BE}: NameServer = 193.194.64.11 193.251.169.165
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\shoolss.dll
O20 - Winlogon Notify: jkhhh - C:\WINDOWS\SYSTEM32\jkhhh.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QQ\command.exe
O23 - Service: kavsvc - Kaspersky Labs - d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: Windows Update Manager Tool (UpdateManagerTool) - Unknown owner - C:\WINDOWS\update\updmangr.exe (file missing)

13 réponses

  1. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    B O N J O U R

    serait le 1er mot agréable à lire pour les robots qui te répondent
    façon de régler ce blem suit :
    http://www.technicland.com/malpolitus.swf
    ===============
    ensuite du boulot :

    Merci de procéder dans l’ordre,
    Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
    Fais les mises à jour des progr 1/, 2/, 3/
    Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/

    1/ -Ad-Aware (gratuit) :
    Tutorial et téléchargement ici :
    https://forums.cnetfrance.fr

    2/ - Spybot (gratuit) :
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

    3/ - Ewido (download)- gratuit même après 14 jours d’essai
    http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
    Copie/COLLE le rapport généré sur ce forum
    Pour certaines versions de Windows antérieures à XP, Ewido peut ne pas être compatible
    Dans ce cas, il te faudra utiliser a-squared free et demander une clef pour son usage gratuit
    https://www.emsisoft.com/fr/

    4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
    Télécharge ici :
    https://www.ccleaner.com/ccleaner/download
    Tutorial ici:
    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
    https://assiste.com/404_La_page_demandee_n_existe_pas.php
    http://www.bitdefender.fr/scan8/ie.html
    Copie/COLLE le rapport entier
    0
  2. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    oui ! du Vundo ...

    Téléchargez VundoFix.exe (par Atribune) sur ton Bureau :

    http://www.atribune.org/ccount/click.php?id=4

    *Double-clique VundoFix.exe afin de le lancer.
    * Cochez Run VundoFix as a task.
    * l'outil va se fermer et s'ouvrir à nouveau : cliquez Ok
    * Cliquez sur le bouton Scan for Vundo.
    * Lorsque le scan est complété, cliquez sur le bouton Remove Vundo.
    * Une invite vous demandera supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
    * le PC va s'éteindre ("shutdown") : clique OK
    * Démarrez votre PC à nouveau

    ensuite recolle un nouveau hijackthis

    ++

    ***j'ai decidé d'être heureux parce que c'est bon pour la santé ! ( Voltaire )***
    0
  3. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re greenette

    en effet
    je n avais pas lu en détail 'Command Service'
    va falloir que je révise mon abécédaire
    ppfftt je décline avec l'âge

    sueno
    0
    1. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
       
      ppfftt je décline avec l'âge

      Aaahh la vieillerie quand elle nous tient.... lol !

      ;-)
      0
  4. Regis59
     
    Ben la c est sur, faut reviser !!!!

    L infection vundo se caracterise par ceci:

    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\jkhhh.dll

    O20 - Winlogon Notify: jkhhh - C:\WINDOWS\SYSTEM32\jkhhh.dll

    Allez, sans racunes !
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    hum
    oui
    en plus c est toi qui m'avait expliqué 02/020, Quent ainsi que jean l isérois

    sorry
    j'meflagelle
    0
  7. SAM
     
    dsl bonjour tout le monde et merci de votre aide:

    j'ai liquidé
    C:\WINDOWS\System32\jkhhh.dll

    mais mon pc est toujours a 100% lent et il m'ouvre des pages de pub tout le temps voici le nouveau rapport

    Logfile of HijackThis v1.99.1
    Scan saved at 00:38:50, on 12/06/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RunDll32.exe
    C:\WINDOWS\System\SmWizard.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe
    C:\WINDOWS\QQ\command.exe
    C:\Program Files\Network Monitor\netmon.exe
    C:\WINDOWS\System32\taskmgr.exe
    C:\Documents and Settings\A\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [KAVPersonal50] d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: DSLMON.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Office 1\Office\OSA9.EXE
    O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = D:\Program Files\Office 1\Office\1036\OLFSNT40.EXE
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\shoolss.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QQ\command.exe
    O23 - Service: kavsvc - Kaspersky Labs - d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    O23 - Service: Windows Update Manager Tool (UpdateManagerTool) - Unknown owner - C:\WINDOWS\update\updmangr.exe (file missing)
    0
  8. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
     
    slt,

    Télécharge l2mfix :
    http://www.downloads.subratam.org/l2mfix.exe

    Quitter le net, le navigateur, et toutes autres fenêtres d’applications.
    Double clic sur l2mfix.exe pour lancer l'extraction.
    Dans le dossier l2mfix, double clic sur l2mfix.bat, appuie sur n'importe quelle touche puis choisis l'option #1 (et pas autre chose) et valide avec la touche "Entrée".
    Le bloc note va s'ouvrir avec le résultat du scan.

    Copie/colle le rapport sur le forum stp.
    --

    2/ Ensuite ferme tous les programmes parce qu'il va y avoir reboot automatique.
    Ouvre le dossier l2mfix créé sur le bureau puis double-clic sur L2Mfix.bat
    Ensuite choisis l'option 2 puis Entrée
    Puis appuie sur n'importe quelle touche pour redémarrer l'ordinateur
    Après redémarrage, le bureau et les icônes vont apparaître puis disparaître, c'est normal ! Et un nouveau rapport va apparaître à l'écran.
    >> Si après redémarrage les icônes n'apparaissent/disparaissent pas ou si le rapport n'apparaît pas, alors ouvre le dossier l2mfix et lance second.bat

    Enfin poste ce 2ème rapport avec un nouveau rapport HijackThis

    A+
    0
  9. SAM
     
    Bonjour tout le monde et merci pour votre aide.....

    L2MFIX find log 051206
    These are the registry keys present
    **********************************************************************************
    Winlogon/notify:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    "DLLName"="Ati2evxx.dll"
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000001
    "Lock"="AtiLockEvent"
    "Logoff"="AtiLogoffEvent"
    "Logon"="AtiLogonEvent"
    "Disconnect"="AtiDisConnectEvent"
    "Reconnect"="AtiReConnectEvent"
    "Safe"=dword:00000000
    "Shutdown"="AtiShutdownEvent"
    "StartScreenSaver"="AtiStartScreenSaverEvent"
    "StartShell"="AtiStartShellEvent"
    "Startup"="AtiStartupEvent"
    "StopScreenSaver"="AtiStopScreenSaverEvent"
    "Unlock"="AtiUnLockEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
    6c,00,00,00
    "Logoff"="ChainWlxLogoffEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Logoff"="CryptnetWlxLogoffEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    "DLLName"="cscdll.dll"
    "Logon"="WinlogonLogonEvent"
    "Logoff"="WinlogonLogoffEvent"
    "ScreenSaver"="WinlogonScreenSaverEvent"
    "Startup"="WinlogonStartupEvent"
    "Shutdown"="WinlogonShutdownEvent"
    "StartShell"="WinlogonStartShellEvent"
    "Impersonate"=dword:00000000
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"="C:\\WINDOWS\\System32\\klogon.dll"
    "Logon"="WLEventStop"
    "Startup"="WLEventStart"
    "Lock"="WLEventStart"
    "Unlock"="WLEventStop"
    "Logoff"="WLEventStart"
    @=""

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    "DLLName"="wlnotify.dll"
    "Logon"="SCardStartCertProp"
    "Logoff"="SCardStopCertProp"
    "Lock"="SCardSuspendCertProp"
    "Unlock"="SCardResumeCertProp"
    "Enabled"=dword:00000001
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    "Asynchronous"=dword:00000000
    "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Impersonate"=dword:00000000
    "StartShell"="SchedStartShell"
    "Logoff"="SchedEventLogOff"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    "Logoff"="WLEventLogoff"
    "Impersonate"=dword:00000000
    "Asynchronous"=dword:00000001
    "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    "DLLName"="WlNotify.dll"
    "Lock"="SensLockEvent"
    "Logon"="SensLogonEvent"
    "Logoff"="SensLogoffEvent"
    "Safe"=dword:00000001
    "MaxWait"=dword:00000258
    "StartScreenSaver"="SensStartScreenSaverEvent"
    "StopScreenSaver"="SensStopScreenSaverEvent"
    "Startup"="SensStartupEvent"
    "Shutdown"="SensShutdownEvent"
    "StartShell"="SensStartShellEvent"
    "PostShell"="SensPostShellEvent"
    "Disconnect"="SensDisconnectEvent"
    "Reconnect"="SensReconnectEvent"
    "Unlock"="SensUnlockEvent"
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad]
    "Asynchronous"=dword:00000000
    "DllName"="C:\\WINDOWS\\system32\\k462lejo1hoc.dll"
    "Impersonate"=dword:00000000
    "Logon"="WinLogon"
    "Logoff"="WinLogoff"
    "Shutdown"="WinShutdown"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    "Asynchronous"=dword:00000000
    "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Impersonate"=dword:00000000
    "Logoff"="TSEventLogoff"
    "Logon"="TSEventLogon"
    "PostShell"="TSEventPostShell"
    "Shutdown"="TSEventShutdown"
    "StartShell"="TSEventStartShell"
    "Startup"="TSEventStartup"
    "MaxWait"=dword:00000258
    "Reconnect"="TSEventReconnect"
    "Disconnect"="TSEventDisconnect"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    "DLLName"="wlnotify.dll"
    "Logon"="RegisterTicketExpiredNotificationEvent"
    "Logoff"="UnregisterTicketExpiredNotificationEvent"
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    **********************************************************************************
    useragent:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    "{958A20F9-8A28-BA98-E7B3-AA46488A1045}"=""

    **********************************************************************************
    Shell Extension key:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    "{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
    "{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
    "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
    "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
    "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
    "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
    "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
    "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
    "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
    "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
    "{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
    "{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
    "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
    "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
    "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
    "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
    "{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
    "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
    "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
    "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
    "{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
    "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
    "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
    "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
    "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
    "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
    "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
    "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
    "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
    "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
    "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
    "{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
    "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
    "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
    "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
    "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Extension de la page de propri‚t‚s de mise … jour automatique"
    "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
    "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
    "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
    "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
    "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
    "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
    "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
    "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
    "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
    "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
    "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
    "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
    "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
    "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
    "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
    "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
    "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
    "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
    "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
    "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
    "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
    "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
    "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
    "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
    "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
    "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
    "{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
    "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
    "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
    "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
    "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
    "{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
    "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
    "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
    "{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
    "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
    "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
    "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
    "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
    "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
    "{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
    "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
    "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
    "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
    "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
    "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
    "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
    "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
    "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
    "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
    "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
    "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
    "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
    "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
    "{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
    "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
    "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
    "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
    "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
    "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
    "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
    "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
    "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
    "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
    "{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
    "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
    "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
    "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
    "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
    "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
    "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
    "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
    "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
    "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
    "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
    "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
    "{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
    "{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
    "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
    "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
    "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
    "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
    "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
    "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
    "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
    "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
    "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
    "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
    "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
    "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
    "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
    "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
    "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
    "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
    "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
    "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
    "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
    "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
    "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
    "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
    "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
    "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
    "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
    "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
    "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
    "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
    "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
    "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
    "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
    "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
    "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
    "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
    "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
    "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
    "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
    "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
    "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
    "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
    "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
    "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
    "{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
    "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
    "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
    "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
    "{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Unbind"
    "{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
    "{587DA1E5-F546-4D98-8168-6D505CED99D1}"=""
    "{C7E7FD6F-800C-4041-8B59-560426892C55}"=""
    "{0BBCFA0E-C7E6-4825-B84C-394FC4025954}"=""
    "{5953F810-5A87-4D5A-B374-B316FD757B48}"=""
    "{E5EF0E26-F172-4226-8D40-9AC0D7D93076}"=""
    "{09CA5619-5353-4738-BE0E-094F50ED30D4}"=""
    "{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}"="TuneUp Shredder Shell Context Menu Extension"
    "{85E0B171-04FA-11D1-B7DA-00A0C90348D6}"="Antivirus Internet"

    **********************************************************************************
    HKEY ROOT CLASSIDS:
    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\InprocServer32]
    @="C:\\WINDOWS\\system32\\sdsbkup.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\InprocServer32]
    @="C:\\WINDOWS\\system32\\slndmail.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\InprocServer32]
    @="C:\\WINDOWS\\system32\\fkntext.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\InprocServer32]
    @="C:\\WINDOWS\\system32\\mtsnap.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\InprocServer32]
    @="C:\\WINDOWS\\system32\\oce2disp.dll"
    "ThreadingModel"="Apartment"

    **********************************************************************************
    Files Found are not all bad files:

    C:\WINDOWS\SYSTEM32\
    sdsbkup.dll Mon 12 Jun 2006 0:36:54 ..S.R 234 272 228,78 K
    fkntext.dll Mon 12 Jun 2006 14:25:28 ..S.R 235 423 229,90 K
    slndmail.dll Mon 12 Jun 2006 13:40:26 ..S.R 234 616 229,12 K
    mtsnap.dll Mon 12 Jun 2006 14:38:14 ..S.R 234 758 229,25 K
    bassmod.dll Mon 12 Jun 2006 23:12:50 A.... 14 848 14,50 K
    klogon.dll Fri 24 Mar 2006 19:08:14 A.... 28 778 28,10 K
    k462le~1.dll Mon 12 Jun 2006 13:40:42 ..S.R 234 758 229,25 K
    oce2disp.dll Mon 12 Jun 2006 23:18:54 ..S.R 234 758 229,25 K
    d80m0i~1.dll Mon 12 Jun 2006 0:44:56 ..S.R 234 272 228,78 K
    fp4003~1.dll Mon 12 Jun 2006 14:36:30 ..S.R 235 423 229,90 K
    lv6809~1.dll Mon 12 Jun 2006 15:25:14 ..S.R 234 758 229,25 K
    h6n0lg~1.dll Mon 12 Jun 2006 21:43:12 ..S.R 236 343 230,80 K
    h4n00e~1.dll Mon 12 Jun 2006 23:16:50 ..S.R 234 758 229,25 K
    atmtd.dll Sun 11 Jun 2006 22:53:30 A.... 687 592 671,48 K
    hrr005~1.dll Sun 11 Jun 2006 23:13:32 ..S.R 234 367 228,87 K

    15 items found: 15 files (12 H/S), 0 directories.
    Total of file sizes: 3 549 724 bytes 3,38 M
    Locate .tmp files:

    C:\WINDOWS\SYSTEM32\
    guard.tmp Mon 12 Jun 2006 23:19:00 A.... 236 685 231,14 K

    1 item found: 1 file, 0 directories.
    Total of file sizes: 236 685 bytes 231,14 K
    **********************************************************************************
    Directory Listing of system files:
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 384B-0FF8

    R‚pertoire de C:\WINDOWS\System32

    12/06/2006 23:18 234ÿ758 oce2disp.dll
    12/06/2006 23:16 234ÿ758 h4n00e5meh.dll
    12/06/2006 23:11 <REP> Microsoft
    12/06/2006 21:43 236ÿ343 h6n0lg5m16.dll
    12/06/2006 15:25 234ÿ758 lv6809jue.dll
    12/06/2006 14:38 234ÿ758 mtsnap.dll
    12/06/2006 14:36 235ÿ423 fp4003hme.dll
    12/06/2006 14:25 235ÿ423 fkntext.dll
    12/06/2006 13:40 234ÿ758 k462lejo1hoc.dll
    12/06/2006 13:40 234ÿ616 slndmail.dll
    12/06/2006 00:44 234ÿ272 d80m0id1e80.dll
    12/06/2006 00:36 234ÿ272 sdsbkup.dll
    11/06/2006 23:13 234ÿ367 hrr0059me.dll
    11/06/2006 08:40 <REP> dllcache
    12 fichier(s) 2ÿ818ÿ506 octets
    2 R‚p(s) 7ÿ624ÿ359ÿ936 octets libres

    L2mfix 051206
    Creating Account.
    La commande s'est termin‚e correctement.

    Adding Administrative privleges.
    Checking for L2MFix account(0=no 1=yes):
    1
    Granting SeDebugPrivilege to L2MFIX ... successful

    Running From:
    C:\WINDOWS\system32

    Killing Processes!
    Killing 'smss.exe'
    \SystemRoot\System32\smss.exe (592)
    Killing 'winlogon.exe'
    winlogon.exe (688)
    Killing 'explorer.exe'
    C:\WINDOWS\Explorer.EXE (1008)
    Killing 'rundll32.exe'
    rundll32.exe "C:\WINDOWS\system32\oce2disp.dll",DllGetVersion (1380)
    "C:\WINDOWS\System32\RunDll32.exe" cmicnfg.cpl,CMICtrlWnd (1672)
    Restoring Sedebugprivilege:
    Granting SeDebugPrivilege to Administrateurs ... successful

    Scanning First Pass. Please Wait!

    First Pass Completed

    Second Pass Scanning

    Second pass Completed!
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    1 fichier(s) copi‚(s).
    Deleting: C:\WINDOWS\system32\d80m0id1e80.dll
    Successfully Deleted: C:\WINDOWS\system32\d80m0id1e80.dll
    Deleting: C:\WINDOWS\system32\fkntext.dll
    Successfully Deleted: C:\WINDOWS\system32\fkntext.dll
    Deleting: C:\WINDOWS\system32\fp4003hme.dll
    Successfully Deleted: C:\WINDOWS\system32\fp4003hme.dll
    Deleting: C:\WINDOWS\system32\h4n00e5meh.dll
    Successfully Deleted: C:\WINDOWS\system32\h4n00e5meh.dll
    Deleting: C:\WINDOWS\system32\h6n0lg5m16.dll
    Successfully Deleted: C:\WINDOWS\system32\h6n0lg5m16.dll
    Deleting: C:\WINDOWS\system32\hrr0059me.dll
    Successfully Deleted: C:\WINDOWS\system32\hrr0059me.dll
    Deleting: C:\WINDOWS\system32\k462lejo1hoc.dll
    Successfully Deleted: C:\WINDOWS\system32\k462lejo1hoc.dll
    Deleting: C:\WINDOWS\system32\lv6809jue.dll
    Successfully Deleted: C:\WINDOWS\system32\lv6809jue.dll
    Deleting: C:\WINDOWS\system32\mtsnap.dll
    Successfully Deleted: C:\WINDOWS\system32\mtsnap.dll
    Deleting: C:\WINDOWS\system32\oce2disp.dll
    Successfully Deleted: C:\WINDOWS\system32\oce2disp.dll
    Deleting: C:\WINDOWS\system32\sdsbkup.dll
    Successfully Deleted: C:\WINDOWS\system32\sdsbkup.dll
    Deleting: C:\WINDOWS\system32\slndmail.dll
    Successfully Deleted: C:\WINDOWS\system32\slndmail.dll
    Deleting: C:\WINDOWS\system32\guard.tmp
    Successfully Deleted: C:\WINDOWS\system32\guard.tmp

    msg11?.dll
    0 fichier(s) copi‚(s).
    Desktop.ini sucessfully removed

    Restoring Windows Update Certificates.:

    The following Is the Current Export of the Winlogon notify key:
    ****************************************************************************
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    "DLLName"="Ati2evxx.dll"
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000001
    "Lock"="AtiLockEvent"
    "Logoff"="AtiLogoffEvent"
    "Logon"="AtiLogonEvent"
    "Disconnect"="AtiDisConnectEvent"
    "Reconnect"="AtiReConnectEvent"
    "Safe"=dword:00000000
    "Shutdown"="AtiShutdownEvent"
    "StartScreenSaver"="AtiStartScreenSaverEvent"
    "StartShell"="AtiStartShellEvent"
    "Startup"="AtiStartupEvent"
    "StopScreenSaver"="AtiStopScreenSaverEvent"
    "Unlock"="AtiUnLockEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
    6c,00,00,00
    "Logoff"="ChainWlxLogoffEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Logoff"="CryptnetWlxLogoffEvent"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    "DLLName"="cscdll.dll"
    "Logon"="WinlogonLogonEvent"
    "Logoff"="WinlogonLogoffEvent"
    "ScreenSaver"="WinlogonScreenSaverEvent"
    "Startup"="WinlogonStartupEvent"
    "Shutdown"="WinlogonShutdownEvent"
    "StartShell"="WinlogonStartShellEvent"
    "Impersonate"=dword:00000000
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    "Asynchronous"=dword:00000000
    "Impersonate"=dword:00000000
    "DllName"="C:\\WINDOWS\\System32\\klogon.dll"
    "Logon"="WLEventStop"
    "Startup"="WLEventStart"
    "Lock"="WLEventStart"
    "Unlock"="WLEventStop"
    "Logoff"="WLEventStart"
    @=""

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    "DLLName"="wlnotify.dll"
    "Logon"="SCardStartCertProp"
    "Logoff"="SCardStopCertProp"
    "Lock"="SCardSuspendCertProp"
    "Unlock"="SCardResumeCertProp"
    "Enabled"=dword:00000001
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    "Asynchronous"=dword:00000000
    "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Impersonate"=dword:00000000
    "StartShell"="SchedStartShell"
    "Logoff"="SchedEventLogOff"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    "Logoff"="WLEventLogoff"
    "Impersonate"=dword:00000000
    "Asynchronous"=dword:00000001
    "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    "DLLName"="WlNotify.dll"
    "Lock"="SensLockEvent"
    "Logon"="SensLogonEvent"
    "Logoff"="SensLogoffEvent"
    "Safe"=dword:00000001
    "MaxWait"=dword:00000258
    "StartScreenSaver"="SensStartScreenSaverEvent"
    "StopScreenSaver"="SensStopScreenSaverEvent"
    "Startup"="SensStartupEvent"
    "Shutdown"="SensShutdownEvent"
    "StartShell"="SensStartShellEvent"
    "PostShell"="SensPostShellEvent"
    "Disconnect"="SensDisconnectEvent"
    "Reconnect"="SensReconnectEvent"
    "Unlock"="SensUnlockEvent"
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad]
    "Asynchronous"=dword:00000000
    "DllName"="C:\\WINDOWS\\system32\\k462lejo1hoc.dll"
    "Impersonate"=dword:00000000
    "Logon"="WinLogon"
    "Logoff"="WinLogoff"
    "Shutdown"="WinShutdown"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    "Asynchronous"=dword:00000000
    "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
    6c,00,6c,00,00,00
    "Impersonate"=dword:00000000
    "Logoff"="TSEventLogoff"
    "Logon"="TSEventLogon"
    "PostShell"="TSEventPostShell"
    "Shutdown"="TSEventShutdown"
    "StartShell"="TSEventStartShell"
    "Startup"="TSEventStartup"
    "MaxWait"=dword:00000258
    "Reconnect"="TSEventReconnect"
    "Disconnect"="TSEventDisconnect"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    "DLLName"="wlnotify.dll"
    "Logon"="RegisterTicketExpiredNotificationEvent"
    "Logoff"="UnregisterTicketExpiredNotificationEvent"
    "Impersonate"=dword:00000001
    "Asynchronous"=dword:00000001

    The following are the files found:
    ****************************************************************************
    C:\WINDOWS\system32\d80m0id1e80.dll
    C:\WINDOWS\system32\fkntext.dll
    C:\WINDOWS\system32\fp4003hme.dll
    C:\WINDOWS\system32\h4n00e5meh.dll
    C:\WINDOWS\system32\h6n0lg5m16.dll
    C:\WINDOWS\system32\hrr0059me.dll
    C:\WINDOWS\system32\k462lejo1hoc.dll
    C:\WINDOWS\system32\lv6809jue.dll
    C:\WINDOWS\system32\mtsnap.dll
    C:\WINDOWS\system32\oce2disp.dll
    C:\WINDOWS\system32\sdsbkup.dll
    C:\WINDOWS\system32\slndmail.dll
    C:\WINDOWS\system32\guard.tmp

    Registry Entries that were Deleted:
    Please verify that the listing looks ok.
    If there was something deleted wrongly there are backups in the backreg folder.
    ****************************************************************************
    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}\InprocServer32]
    @="C:\\WINDOWS\\system32\\sdsbkup.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}\InprocServer32]
    @="C:\\WINDOWS\\system32\\slndmail.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}\InprocServer32]
    @="C:\\WINDOWS\\system32\\fkntext.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}\InprocServer32]
    @="C:\\WINDOWS\\system32\\mtsnap.dll"
    "ThreadingModel"="Apartment"

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\Implemented Categories]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
    @=""

    [HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}\InprocServer32]
    @="C:\\WINDOWS\\system32\\oce2disp.dll"
    "ThreadingModel"="Apartment"

    REGEDIT4

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    "{587DA1E5-F546-4D98-8168-6D505CED99D1}"=-
    "{C7E7FD6F-800C-4041-8B59-560426892C55}"=-
    "{0BBCFA0E-C7E6-4825-B84C-394FC4025954}"=-
    "{5953F810-5A87-4D5A-B374-B316FD757B48}"=-
    "{E5EF0E26-F172-4226-8D40-9AC0D7D93076}"=-
    "{09CA5619-5353-4738-BE0E-094F50ED30D4}"=-
    [-HKEY_CLASSES_ROOT\CLSID\{587DA1E5-F546-4D98-8168-6D505CED99D1}]
    [-HKEY_CLASSES_ROOT\CLSID\{C7E7FD6F-800C-4041-8B59-560426892C55}]
    [-HKEY_CLASSES_ROOT\CLSID\{0BBCFA0E-C7E6-4825-B84C-394FC4025954}]
    [-HKEY_CLASSES_ROOT\CLSID\{5953F810-5A87-4D5A-B374-B316FD757B48}]
    [-HKEY_CLASSES_ROOT\CLSID\{E5EF0E26-F172-4226-8D40-9AC0D7D93076}]
    [-HKEY_CLASSES_ROOT\CLSID\{09CA5619-5353-4738-BE0E-094F50ED30D4}]
    REGEDIT4

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    ****************************************************************************
    Desktop.ini Contents:
    ****************************************************************************
    [.ShellClassInfo]
    CLSID={645FF040-5081-101B-9F08-00AA002F954E}
    ****************************************************************************
    Checking for L2MFix account(0=no 1=yes):
    0
    Zipping up files for submission:
    adding: dlls/d80m0id1e80.dll (deflated 4%)
    adding: dlls/fkntext.dll (deflated 5%)
    adding: dlls/fp4003hme.dll (deflated 5%)
    adding: dlls/h4n00e5meh.dll (deflated 5%)
    adding: dlls/h6n0lg5m16.dll (deflated 5%)
    adding: dlls/hrr0059me.dll (deflated 4%)
    adding: dlls/k462lejo1hoc.dll (deflated 5%)
    adding: dlls/lv6809jue.dll (deflated 5%)
    adding: dlls/mtsnap.dll (deflated 5%)
    adding: dlls/oce2disp.dll (deflated 5%)
    adding: dlls/sdsbkup.dll (deflated 4%)
    adding: dlls/slndmail.dll (deflated 4%)
    adding: dlls/guard.tmp (deflated 5%)
    adding: backregs/notibac.reg (deflated 88%)
    adding: backregs/shell.reg (deflated 73%)
    adding: backregs/C7E7FD6F-800C-4041-8B59-560426892C55.reg (deflated 70%)
    adding: backregs/0BBCFA0E-C7E6-4825-B84C-394FC4025954.reg (deflated 70%)
    adding: backregs/5953F810-5A87-4D5A-B374-B316FD757B48.reg (deflated 70%)
    adding: backregs/E5EF0E26-F172-4226-8D40-9AC0D7D93076.reg (deflated 70%)
    adding: backregs/09CA5619-5353-4738-BE0E-094F50ED30D4.reg (deflated 70%)

    et rapport Hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 00:33:06, on 13/06/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RunDll32.exe
    C:\WINDOWS\System\SmWizard.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\QQ\command.exe
    C:\Program Files\Network Monitor\netmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\cmd.exe
    C:\Documents and Settings\A\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: DSLMON.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Office 1\Office\OSA9.EXE
    O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = D:\Program Files\Office 1\Office\1036\OLFSNT40.EXE
    O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BA7F4D3A-4BFA-4F7B-9C16-4076CF9B59BE}: NameServer = 193.194.64.11 193.251.169.165
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
    O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\k462lejo1hoc.dll (file missing)
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QQ\command.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: Windows Update Manager Tool (UpdateManagerTool) - Unknown owner - C:\WINDOWS\update\updmangr.exe (file missing)
    0
  10. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    bsr
    concernant :
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QQ\command.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    et si pas déjà fait

    touche windows+r
    tape 'services.msc'+ok
    dans le déroulant cherche
    - 'Command Service (cmdService)'
    double clic dessus
    arrête et désactive

    même manip à faire successivement avec
    - Network Monitor

    vérifier dans
    C:\Program Files\Network Monitor\netmon.exe
    que ce log n'y est plus

    vérifier dans
    C:\WINDOWS\QQ\command.exe
    que l' .exe n'y soit plus

    0
  11. SAM
     
    re...j'ai tout fait comme vous avez dit et rien ne marche...le pc est toutjours aussi lent......que faire???
    0
  12. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re
    as-tu fait une défragmentation en sans échec ?
    0
  13. SAM
     
    re...ya des pages qui s'ouvre tout seul .....why??? ya pas de reméde?
    0
  14. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re
    le pc est toutjours aussi lent===>as-tu fait une défragmentation en sans échec ?

    CQFD !!
    car avec les 'pourquoi' on n'avance pas !!
    0