bonjour a toute le monde voila je suis vectime du win32 detecter par nod32 mais a chak fois il revient je demande votre aide, j ai deja fais d analyse avec HijackThis nettoyer avec spybot adwar etc changer d antivrus a ++ reprise rien a faire je compte sur votre aide et je laisse un rapport afin d voir mes probleme

Aider moi win 32 l horreur

Réponse 21 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
22 déc. 2006 à 12:27

bonjour :)

ouvre hijack coche ces lignes puis clic sur fix checked

O2 - BHO: (no name) - {4DD62C0E-8164-4DCB-B18C-404FBDD9655E} - C:\WINDOWS\system32\pmnlm.dll
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\lafxdkwb.dll",

Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle:

C:\WINDOWS\system32\pmnlm.dll

- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES

Si ce message s’affiche ignore le :
http://tinypic.com/images/goodbye.jpg
Laisse le pc redémarrer ou redemarre manuellement s il le fait pas.
Et après reposte un log HijackThis.

tu fait pareille avec ce fichier

C:\WINDOWS\system32\lafxdkwb.dll

ensuite refait un hijack et colle le resultat ici

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
22 déc. 2006 à 16:11

me revoila pares 2h d absence ce jrs
j ai fais le meme le travail demande mais il y a ces 2 lignes qui reste stjr mlnmp.ini et C:\WINDOWS\system32\lafxdkwb.dll
je vais tenter autre chose
pour le raport c soir

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
22 déc. 2006 à 16:17

normalement the killbox + l'option delete on reboot les supprime sans probleme ...

a++++++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118 > salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012
22 déc. 2006 à 17:00

le rapport apres analayse j ai un msg en Ang apre sle lancement de nettoyer avec killibox

Logfile of HijackThis v1.99.1
Scan saved at 16:56:01, on 22/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
D:\telechargement du net divers\securite xp autre\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.clubic.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {D079AC7E-D81A-4D36-BE86-D56C7ECC82FD} - C:\WINDOWS\system32\pmnlm.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod4\v6\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod4\v6\yhexbmes.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Réponse 22 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
22 déc. 2006 à 17:30

peu tu me faire un copié collé du message en englais que tu recois ??

il faut absolument faire comme ceci

Double clic sur killbox.exe (Pocket Killbox)

- coche: delete on reboot
- Dans "Full Path of File to Delete"
copie et colle:

C:\WINDOWS\system32\pmnlm.dll

- clique sur la croix rouge
- une fenêtre va apparaître pour confirmation clique sur YES
- une seconde fenêtre te demande si tu veux redémarrer clique sur YES

Si ce message s’affiche ignore le :
http://tinypic.com/images/goodbye.jpg
Laisse le pc redémarrer ou redemarre manuellement s il le fait pas.
Et après reposte un log HijackThis.

si t'arrive toujour pas refait un scan l2me.fix et colle le resultat ici

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
22 déc. 2006 à 23:38

Logfile of HijackThis v1.99.1
Scan saved at 23:38:15, on 22/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\WINDOWS\System32\msiexec.exe
D:\telechargement du net divers\securite xp autre\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.clubic.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A09777CC-DC3E-4755-AF36-75956415E497} - C:\WINDOWS\system32\pmnlm.dll
O2 - BHO: (no name) - {EE63025D-CAEC-4F5B-B3FA-5F5DD40D4EF3} - C:\WINDOWS\system32\pmnlm.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod4\v6\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Companion\Modules\messmod4\v6\yhexbmes.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Réponse 23 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
23 déc. 2006 à 00:10

bonsoir le spy resiste en dirais ... on va l'erradiqué avec l2ME.FIX

telecharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
ou ici:
http://www.atribune.org/downloads/l2mfix.exe

Double clic sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuie sur n'impote quelle touche et choisis l'option #1 (et pas autre chose) et valide avec la touche entrée.
Le bloc note va s'ouvrir avec le resultat du scan.
Fais un copier coller du résultat ici

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
23 déc. 2006 à 18:02

scanner apres conseil

L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnlm]
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"
"DllName"="C:\\WINDOWS\\system32\\pmnlm.dll"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
"Maxthon"="IEAK"

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Play as Playlist Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}"="Mes photos Logitech"
"{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v9"
"{1EBC3533-B289-409F-9924-B84B3F0717D2}"="AceFTP Context Menu Shell Extension"
"DxRecord Shell Extension"="{8BF95282-F6F3-41a5-9423-1EB926E6624F}"
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References"
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References"
"{FED7043D-346A-414D-ACD7-550D052499A7}"="dBpowerAMP Music Converter 1"
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}"="dBpowerAMP Music Converter"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="a-squared Context Menu Shell Extension"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{83903CAB-2FC1-40f6-8B82-DF123A5FB9E3}"="ABBYYPDFContextMenuExtension"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}"="Multiscan"
"{C970FE3E-1F8C-486E-A5FA-DA7EDB09FC8D}"="AxCrypt Privacy Wrapper File"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{35786D3C-B075-49b9-88DD-029876E11C01}"="Portable Devices"
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"="Portable Devices Menu"
"{45670FA8-ED97-4F44-BC93-305082590BFB}"="Microsoft.XPS.Shell.Metadata.1"
"{44121072-A222-48f2-A58A-6D9AD51EBBE9}"="Microsoft.XPS.Shell.Thumbnail.1"
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}"="NOD32 Context Menu Shell Extension"
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"="Webroot Spy Sweeper Context Menu Integration"
"{44440D00-FF19-4AFC-B765-9A0970567D97}"="TuneUp Theme Extension"
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"="TuneUp Shredder Shell Extension"

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
alogfhfg.dll Fri 20 Dec 2019 20:10:18 A.... 44 052 43,02 K
artekeiw.dll Thu 21 Dec 2006 0:14:38 A.... 44 052 43,02 K
asferror.dll Tue 24 Oct 2006 20:12:10 A.... 7 680 7,50 K
audiodev.dll Wed 18 Oct 2006 22:47:08 A.... 276 992 270,50 K
auhkfcth.dll Tue 19 Dec 2006 20:37:00 A.... 81 684 79,77 K
bjxrminc.dll Wed 20 Dec 2006 23:37:18 A.... 81 684 79,77 K
blackbox.dll Wed 18 Oct 2006 22:47:10 A.... 542 720 530,00 K
bobtaipr.dll Wed 20 Dec 2006 12:28:40 A.... 81 684 79,77 K
browseui.dll Mon 23 Oct 2006 16:18:46 A.... 1 023 488 999,50 K
bydadyxh.dll Sat 23 Dec 2006 11:07:44 A.... 81 684 79,77 K
cdfview.dll Mon 23 Oct 2006 16:18:46 A.... 152 064 148,50 K
cdhrmsky.dll Sat 23 Dec 2006 17:11:30 A.... 81 684 79,77 K
cdral.dll Wed 27 Sep 2006 16:33:22 A.... 45 056 44,00 K
cdrtc.dll Wed 27 Sep 2006 16:33:22 A.... 49 152 48,00 K
cewmdm.dll Wed 18 Oct 2006 22:47:10 A.... 229 376 224,00 K
danim.dll Mon 23 Oct 2006 16:18:46 A.... 1 056 768 1,01 M
datest~1.dll Sun 17 Dec 2006 1:22:56 A.... 131 072 128,00 K
divx.dll Tue 12 Dec 2006 17:25:20 A.... 635 486 620,59 K
divxwm~1.dll Tue 12 Dec 2006 17:24:44 A.... 12 288 12,00 K
divx_x~1.dll Tue 12 Dec 2006 17:25:22 A.... 806 912 788,00 K
divx_x~2.dll Tue 12 Dec 2006 17:25:22 A.... 806 912 788,00 K
divx_x~3.dll Tue 12 Dec 2006 17:25:20 A.... 790 528 772,00 K
dnyrlwxl.dll Sat 23 Dec 2006 17:16:30 A.... 81 684 79,77 K
dpl100.dll Tue 12 Dec 2006 17:25:26 A.... 73 728 72,00 K
dpu10.dll Tue 12 Dec 2006 17:25:24 A.... 294 912 288,00 K
dpu11.dll Tue 12 Dec 2006 17:25:24 A.... 294 912 288,00 K
dpugui10.dll Tue 12 Dec 2006 17:25:26 A.... 53 248 52,00 K
dpugui11.dll Tue 12 Dec 2006 17:25:24 A.... 593 920 580,00 K
dpus11.dll Tue 12 Dec 2006 17:25:24 A.... 344 064 336,00 K
dpv11.dll Tue 12 Dec 2006 17:25:24 A.... 57 344 56,00 K
drmv2clt.dll Wed 18 Oct 2006 22:47:10 A.... 991 744 968,50 K
dtkmoqbv.dll Sat 23 Dec 2006 17:42:56 A.... 118 804 116,02 K
dtu100.dll Tue 12 Dec 2006 17:25:26 A.... 196 608 192,00 K
dxtmsft.dll Mon 23 Oct 2006 16:18:46 A.... 357 888 349,50 K
dxtrans.dll Mon 23 Oct 2006 16:18:46 A.... 205 312 200,50 K
dxva2.dll Fri 20 Oct 2006 21:29:46 A.... 69 408 67,78 K
ehacxtlg.dll Wed 20 Dec 2006 20:58:16 A.... 81 684 79,77 K
euhmiqai.dll Sun 17 Dec 2006 0:34:44 A.... 118 804 116,02 K
evr.dll Fri 20 Oct 2006 21:30:00 A.... 478 496 467,28 K
extmgr.dll Mon 23 Oct 2006 16:18:46 ..... 55 808 54,50 K
gdpwlhfd.dll Thu 19 Dec 2013 0:37:06 A.... 44 052 43,02 K
gkmtvoge.dll Sat 16 Dec 2006 1:06:28 A.... 44 052 43,02 K
grhkabhe.dll Fri 15 Dec 2006 22:37:04 A.... 44 052 43,02 K
gunamwmj.dll Thu 21 Dec 2006 21:50:06 A.... 118 804 116,02 K
hhuxluky.dll Thu 21 Dec 2006 0:34:40 A.... 118 804 116,02 K
hwdbrqha.dll Thu 21 Dec 2006 1:16:48 A.... 44 052 43,02 K
icardres.dll Mon 30 Oct 2006 3:33:58 A.... 9 480 9,26 K
iepeers.dll Mon 23 Oct 2006 16:18:46 A.... 251 392 245,50 K
imon.dll Sat 21 Dec 2019 10:46:28 A.... 274 432 268,00 K
inetcomm.dll Wed 8 Nov 2006 6:07:30 A.... 679 424 663,50 K
infoca~1.dll Mon 30 Oct 2006 3:33:58 A.... 83 968 82,00 K
inseng.dll Mon 23 Oct 2006 16:18:46 A.... 96 768 94,50 K
jsproxy.dll Mon 23 Oct 2006 16:18:46 A.... 16 384 16,00 K
jsvuvvmv.dll Wed 20 Dec 2006 23:37:22 A.... 44 052 43,02 K
kfnvicwk.dll Wed 20 Dec 2006 14:32:34 A.... 44 052 43,02 K
kghxwckc.dll Thu 14 Dec 2006 23:35:24 A.... 118 804 116,02 K
ksuauwuv.dll Wed 20 Dec 2006 20:58:24 A.... 44 052 43,02 K
lafxdkwb.dll Fri 22 Dec 2006 10:34:16 ..... 118 804 116,02 K
laprxy.dll Wed 18 Oct 2006 22:47:14 A.... 11 264 11,00 K
lbwmxkjv.dll Tue 19 Dec 2006 11:22:30 A.... 118 804 116,02 K
legitc~1.dll Sun 22 Oct 2006 17:33:32 A.... 519 944 507,76 K
libdivx.dll Tue 12 Dec 2006 17:30:20 A.... 1 044 480 1020,00 K
mfplat.dll Wed 18 Oct 2006 22:47:14 ..... 212 992 208,00 K
milcore.dll Fri 20 Oct 2006 21:30:06 A.... 1 980 704 1,89 M
mltdkxvb.dll Fri 22 Dec 2006 0:03:54 A.... 44 052 43,02 K
mp43decd.dll Wed 18 Oct 2006 22:47:14 ..... 259 072 253,00 K
mp43dmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mp4sdecd.dll Wed 18 Oct 2006 22:47:14 ..... 317 440 310,00 K
mp4sdmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mpg4decd.dll Wed 18 Oct 2006 22:47:14 ..... 259 072 253,00 K
mpg4dmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mshtml.dll Mon 23 Oct 2006 16:18:46 A.... 3 076 096 2,93 M
mshtmled.dll Mon 23 Oct 2006 16:18:48 A.... 448 512 438,00 K
msnetobj.dll Wed 18 Oct 2006 22:47:16 A.... 179 712 175,50 K
mspmsnsv.dll Wed 18 Oct 2006 22:47:16 A.... 27 136 26,50 K
mspmsp.dll Wed 18 Oct 2006 22:47:16 A.... 175 616 171,50 K
msrating.dll Mon 23 Oct 2006 16:18:48 A.... 146 432 143,00 K
msscp.dll Wed 18 Oct 2006 22:47:16 A.... 414 208 404,50 K
mstime.dll Mon 23 Oct 2006 16:18:48 A.... 532 480 520,00 K
mswmdm.dll Wed 18 Oct 2006 22:47:16 A.... 321 536 314,00 K
msxml4.dll Sat 4 Nov 2006 14:14:00 A.... 1 245 696 1,19 M
msxml6.dll Sat 4 Nov 2006 20:25:50 A.... 1 321 744 1,26 M
nwapi32.dll Fri 13 Oct 2006 13:36:56 A.... 64 000 62,50 K
nwprovau.dll Fri 13 Oct 2006 13:36:56 A.... 145 920 142,50 K
nwwks.dll Fri 13 Oct 2006 13:36:56 A.... 65 536 64,00 K
photom~1.dll Tue 24 Oct 2006 12:30:20 ..... 412 160 402,50 K
pmnlm.dll Wed 29 Nov 2006 1:35:12 ..... 704 564 688,05 K
pncrt.dll Wed 8 Nov 2006 10:41:50 A.... 278 528 272,00 K
pndx5016.dll Wed 8 Nov 2006 10:42:08 A.... 6 656 6,50 K
pndx5032.dll Wed 8 Nov 2006 10:42:08 A.... 5 632 5,50 K
pngfilt.dll Mon 23 Oct 2006 16:18:48 A.... 39 424 38,50 K
po1676~1.dll Wed 18 Oct 2006 22:47:18 ..... 199 168 194,50 K
portab~1.dll Wed 18 Oct 2006 22:47:18 ..... 284 160 277,50 K
portab~2.dll Wed 18 Oct 2006 22:47:18 ..... 101 888 99,50 K
portab~3.dll Wed 18 Oct 2006 22:47:18 ..... 166 912 163,00 K
portab~4.dll Wed 18 Oct 2006 22:47:18 ..... 132 096 129,00 K
presen~1.dll Fri 20 Oct 2006 21:29:52 A.... 104 224 101,78 K
presen~2.dll Fri 20 Oct 2006 21:29:46 A.... 20 768 20,28 K
presen~3.dll Fri 20 Oct 2006 21:30:02 A.... 769 312 751,28 K
prntvpt.dll Sat 14 Oct 2006 16:43:38 ..... 124 416 121,50 K
qasf.dll Wed 18 Oct 2006 22:47:18 A.... 211 456 206,50 K
qt-dx331.dll Tue 12 Dec 2006 17:30:28 A.... 3 596 288 3,43 M
qtrekxmi.dll Sun 17 Dec 2006 1:23:22 A.... 44 052 43,02 K
rdqpqtyp.dll Sat 23 Dec 2006 13:35:28 A.... 81 684 79,77 K
rmoc3260.dll Wed 8 Nov 2006 10:42:40 A.... 185 952 181,59 K
rxejmbfm.dll Sat 23 Dec 2006 17:40:42 A.... 81 684 79,77 K
sfafycsh.dll Sat 21 Dec 2019 20:46:38 A.... 81 684 79,77 K
shdocvw.dll Mon 23 Oct 2006 16:18:48 A.... 1 495 040 1,43 M
shlwapi.dll Mon 23 Oct 2006 16:18:48 A.... 474 624 463,50 K
smwdnarn.dll Tue 19 Dec 2006 20:37:10 A.... 118 804 116,02 K
spmsg.dll Mon 16 Oct 2006 16:10:58 ..... 14 640 14,30 K
ssldivx.dll Tue 12 Dec 2006 17:30:20 A.... 200 704 196,00 K
sxs.dll Fri 20 Oct 2006 2:38:44 A.... 716 800 700,00 K
tslssvsd.dll Thu 21 Dec 2006 21:16:34 A.... 81 684 79,77 K
uiauto~1.dll Fri 20 Oct 2006 21:29:54 A.... 159 008 155,28 K
urlmon.dll Mon 23 Oct 2006 16:18:48 A.... 615 936 601,50 K
uxnfaybg.dll Sat 16 Dec 2006 9:56:40 A.... 44 052 43,02 K
uxtuneup.dll Fri 6 Oct 2006 6:27:20 A.... 24 072 23,51 K
wdfapi.dll Wed 18 Oct 2006 22:47:18 A.... 4 096 4,00 K
window~1.dll Tue 24 Oct 2006 12:30:06 ..... 716 288 699,50 K
window~2.dll Tue 24 Oct 2006 12:29:50 ..... 352 256 344,00 K
wininet.dll Mon 23 Oct 2006 16:18:48 A.... 663 040 647,50 K
wmadmod.dll Wed 18 Oct 2006 22:47:18 A.... 757 248 739,50 K
wmadmoe.dll Wed 18 Oct 2006 22:47:18 A.... 1 117 696 1,06 M
wmasf.dll Wed 18 Oct 2006 22:47:18 A.... 222 208 217,00 K
wmdmlog.dll Wed 18 Oct 2006 22:47:18 A.... 33 792 33,00 K
wmdmps.dll Wed 18 Oct 2006 22:47:18 A.... 37 376 36,50 K
wmdrmdev.dll Wed 18 Oct 2006 22:47:18 A.... 429 056 419,00 K
wmdrmnet.dll Wed 18 Oct 2006 22:47:20 A.... 348 672 340,50 K
wmdrmsdk.dll Wed 18 Oct 2006 22:47:20 ..... 535 040 522,50 K
wmerror.dll Tue 24 Oct 2006 20:14:18 A.... 272 384 266,00 K
wmidx.dll Wed 18 Oct 2006 22:47:20 A.... 157 184 153,50 K
wmnetmgr.dll Wed 18 Oct 2006 22:47:20 A.... 937 984 916,00 K
wmp.dll Wed 18 Oct 2006 22:47:20 A.... 10 834 432 10,33 M
wmpasf.dll Wed 18 Oct 2006 22:47:20 A.... 242 688 237,00 K
wmpdxm.dll Wed 18 Oct 2006 22:47:20 A.... 314 880 307,50 K
wmpeff~1.dll Wed 18 Oct 2006 22:47:20 ..... 295 936 289,00 K
wmpencen.dll Wed 18 Oct 2006 22:47:20 A.... 1 661 440 1,58 M
wmphoto.dll Tue 24 Oct 2006 12:30:00 ..... 276 992 270,50 K
wmploc.dll Tue 24 Oct 2006 20:35:20 A.... 8 292 352 7,91 M
wmpmde.dll Wed 18 Oct 2006 22:47:20 ..... 613 376 599,00 K
wmpps.dll Wed 18 Oct 2006 22:47:20 ..... 130 048 127,00 K
wmpshell.dll Tue 24 Oct 2006 20:14:48 A.... 99 840 97,50 K
wmpsrcwp.dll Wed 18 Oct 2006 22:47:20 A.... 204 288 199,50 K
wmsdmod.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmsdmoe2.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmspdmod.dll Wed 18 Oct 2006 22:47:22 A.... 603 648 589,50 K
wmspdmoe.dll Wed 18 Oct 2006 22:47:22 A.... 1 329 152 1,27 M
wmvadvd.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvadve.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvcore.dll Wed 18 Oct 2006 22:47:22 A.... 2 450 944 2,34 M
wmvdecod.dll Wed 18 Oct 2006 22:47:22 ..... 1 543 680 1,47 M
wmvdmod.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvdmoe2.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvencod.dll Wed 18 Oct 2006 22:47:22 ..... 1 574 912 1,50 M
wmvsdecd.dll Wed 18 Oct 2006 22:47:22 ..... 1 382 912 1,32 M
wmvsencd.dll Wed 18 Oct 2006 22:47:22 ..... 767 488 749,50 K
wmvxencd.dll Wed 18 Oct 2006 22:47:22 ..... 656 896 641,50 K
wpdconns.dll Wed 18 Oct 2006 22:47:22 A.... 35 840 35,00 K
wpdmtp.dll Wed 18 Oct 2006 22:47:22 A.... 154 624 151,00 K
wpdmtpus.dll Wed 18 Oct 2006 22:47:22 A.... 63 488 62,00 K
wpdshext.dll Wed 18 Oct 2006 22:47:22 ..... 2 603 008 2,48 M
wpdshe~1.dll Wed 18 Oct 2006 23:04:18 ..... 44 032 43,00 K
wpdshs~1.dll Wed 18 Oct 2006 22:47:22 ..... 133 632 130,50 K
wpdsp.dll Wed 18 Oct 2006 22:47:22 A.... 356 352 348,00 K
wpd_ci.dll Wed 18 Oct 2006 22:47:22 A.... 629 760 615,00 K
wudfco~1.dll Thu 28 Sep 2006 20:13:26 ..... 95 344 93,11 K
wudfpl~1.dll Thu 28 Sep 2006 18:56:16 ..... 165 376 161,50 K
wudfsvc.dll Thu 28 Sep 2006 18:56:14 ..... 55 808 54,50 K
wudfx.dll Thu 28 Sep 2006 18:56:38 ..... 316 416 309,00 K
xpsp3res.dll Mon 23 Oct 2006 12:42:56 A.... 121 856 119,00 K
xpsshhdr.dll Sat 14 Oct 2006 20:21:58 ..... 580 352 566,75 K
xpssvcs.dll Sat 14 Oct 2006 20:22:00 ..... 1 698 048 1,62 M

173 items found: 173 files, 0 directories.
Total of file sizes: 85 188 358 bytes 81,24 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
mcrh.tmp Sun 17 Dec 2006 1:30:24 A.... 96 0,09 K
mlnmp.tmp Wed 20 Dec 2006 0:59:16 ..SH. 912 0,89 K
set1b5.tmp Wed 18 Oct 2006 22:47:18 A.... 757 248 739,50 K
set1b7.tmp Wed 18 Oct 2006 22:47:18 A.... 222 208 217,00 K
set1c3.tmp Wed 18 Oct 2006 22:47:22 A.... 2 450 944 2,34 M
set21c.tmp Tue 24 Oct 2006 20:14:48 A.... 99 840 97,50 K
set92.tmp Fri 27 Oct 2006 2:44:26 A.... 71 680 70,00 K
set93.tmp Fri 27 Oct 2006 2:44:06 A.... 123 904 121,00 K
set96.tmp Tue 17 Oct 2006 13:03:56 A.... 17 408 17,00 K
set97.tmp Tue 17 Oct 2006 12:58:06 A.... 346 624 338,50 K
set98.tmp Tue 17 Oct 2006 12:57:50 A.... 214 528 209,50 K
set99.tmp Fri 27 Oct 2006 15:09:58 ..... 131 584 128,50 K
set9a.tmp Tue 17 Oct 2006 13:06:10 ..... 443 904 433,50 K
set9c.tmp Fri 27 Oct 2006 2:44:04 A.... 54 784 53,50 K
set9e.tmp Fri 27 Oct 2006 2:44:36 A.... 152 064 148,50 K
set9f.tmp Fri 27 Oct 2006 2:44:42 A.... 229 376 224,00 K
seta0.tmp Fri 27 Oct 2006 2:42:54 A.... 161 792 158,00 K
seta3.tmp Fri 27 Oct 2006 2:44:46 A.... 382 976 374,00 K
seta4.tmp Tue 17 Oct 2006 13:06:00 ..... 78 336 76,50 K
seta7.tmp Fri 27 Oct 2006 15:09:58 A.... 191 488 187,00 K
seta8.tmp Fri 27 Oct 2006 2:44:08 A.... 43 008 42,00 K
setaa.tmp Fri 27 Oct 2006 2:44:26 A.... 55 296 54,00 K
setac.tmp Fri 27 Oct 2006 2:42:36 A.... 56 483 55,16 K
setad.tmp Tue 17 Oct 2006 12:57:58 A.... 36 352 35,50 K
setae.tmp Tue 17 Oct 2006 13:05:48 A.... 1 817 088 1,73 M
setaf.tmp Fri 27 Oct 2006 2:44:08 A.... 92 672 90,50 K
setb0.tmp Tue 17 Oct 2006 13:00:00 A.... 491 520 480,00 K
setb1.tmp Fri 27 Oct 2006 15:09:58 A.... 27 136 26,50 K
setb2.tmp Tue 17 Oct 2006 13:05:10 A.... 40 960 40,00 K
setb6.tmp Tue 17 Oct 2006 12:56:10 A.... 45 568 44,50 K
setb7.tmp Fri 27 Oct 2006 15:09:58 A.... 3 577 856 3,41 M
setb8.tmp Tue 17 Oct 2006 12:19:54 A.... 1 383 424 1,32 M
setb9.tmp Fri 27 Oct 2006 15:09:58 A.... 475 648 464,50 K
setba.tmp Tue 17 Oct 2006 12:28:56 A.... 48 128 47,00 K
setbb.tmp Fri 27 Oct 2006 15:09:58 A.... 156 160 152,50 K
setbc.tmp Tue 17 Oct 2006 13:05:10 A.... 192 000 187,50 K
setbd.tmp Fri 27 Oct 2006 15:09:58 A.... 670 720 655,00 K
setbe.tmp Tue 17 Oct 2006 13:04:46 A.... 101 376 99,00 K
setbf.tmp Tue 17 Oct 2006 12:58:08 A.... 44 544 43,50 K
setc2.tmp Tue 17 Oct 2006 12:55:56 A.... 66 560 65,00 K
setc4.tmp Tue 17 Oct 2006 13:05:22 A.... 105 984 103,50 K
setc5.tmp Fri 27 Oct 2006 15:09:58 A.... 1 162 240 1,11 M
setc6.tmp Fri 27 Oct 2006 15:09:58 A.... 413 696 404,00 K
setc7.tmp Fri 27 Oct 2006 15:09:58 A.... 231 424 226,00 K

44 items found: 44 files (1 H/S), 0 directories.
Total of file sizes: 17 467 539 bytes 16,66 M
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 4C72-113A

R‚pertoire de C:\WINDOWS\System32

23/12/2006 18:01 668ÿ048 mlnmp.ini2
23/12/2006 17:43 37ÿ559 vbqomktd.ini
23/12/2006 17:39 667ÿ633 mlnmp.bak2
22/12/2006 22:40 3ÿ350 KGyGaAvL.sys
22/12/2006 22:40 104 B8522A440D.sys
22/12/2006 22:03 38ÿ219 bwkdxfal.ini
22/12/2006 16:08 747ÿ743 mlnmp.ini
21/12/2006 21:50 37ÿ559 jmwmanug.ini
21/12/2006 01:16 37ÿ619 ykulxuhh.ini
20/12/2006 00:59 912 mlnmp.tmp
15/12/2006 17:03 <REP> dllcache
15/12/2006 10:17 37ÿ679 ckcwxhgk.ini
09/12/2006 10:45 <REP> Microsoft
27/11/2006 00:17 8ÿ704 Thumbs.db
25/09/2005 20:51 99ÿ480 FwsVpn.dll
13 fichier(s) 2ÿ384ÿ609 octets
2 R‚p(s) 38ÿ544ÿ973ÿ824 octets libres

Réponse 24 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
24 déc. 2006 à 14:58

bonjour :)

tout d'abors créer un point de restauration ca pourais tjr nous servir http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

Ensuite ferme tous les programmes parce qu'il va y avoir reboot automatique
Ouvre le dossier l2mfix créé sur le bureau puis double-clic sur L2Mfix.bat
Ensuite choisis l'option 2 puis Entrée
Puis appuie sur n'importe quelle touche pour redémarrer l'ordinateur
Après redémarrage, le bureau et les icônes vont apparaître puis disparaître, c'est normal ! Et un nouveau rapport va apparaître à l'écran.
>> Si après redémarrage les icônes n'apparaissent/disparaissent pas ou si le rapport n'apparaît pas, alors ouvre le dossier l2mfix et lance second.bat
Enfin poste ce 2ème rapport avec un nouveau rapport HJT.

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
25 déc. 2006 à 10:42

Bonjour salwa et merci encore
le voile le rapport d jrs

L2mfix 051206
Creating Account.
La commande s'est termin‚e correctement.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\SYSTEM32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (680)
Killing 'winlogon.exe'
winlogon.exe (784)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (1948)
Killing 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!

Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnlm]
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"
"DllName"="C:\\WINDOWS\\system32\\pmnlm.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

The following are the files found:
****************************************************************************

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*

zip error: Nothing to do! (backup.zip)
adding: backregs/notibac.reg (188 bytes security) (deflated 61%)
adding: backregs/shell.reg (188 bytes security) (deflated 73%)

Réponse 25 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
25 déc. 2006 à 12:41

Bonjour :) refait l2mefix option 1 pour voir si il a bien supprimé les spys

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
25 déc. 2006 à 17:38

la suite du scanne j ai ma machine qui tourne bien depuis ce matin j ai nstalle zone alarme pro ????

L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnlm]
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000000
"Startup"="SysLogon"
"Logoff"="SysLogoff"
"DllName"="C:\\WINDOWS\\system32\\pmnlm.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
"Maxthon"="IEAK"

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Play as Playlist Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}"="Mes photos Logitech"
"{D653647D-D607-4DF6-A5B8-48D2BA195F7B}"="BitDefender Antivirus v9"
"{1EBC3533-B289-409F-9924-B84B3F0717D2}"="AceFTP Context Menu Shell Extension"
"DxRecord Shell Extension"="{8BF95282-F6F3-41a5-9423-1EB926E6624F}"
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References"
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References"
"{FED7043D-346A-414D-ACD7-550D052499A7}"="dBpowerAMP Music Converter 1"
"{2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5}"="dBpowerAMP Music Converter"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="a-squared Context Menu Shell Extension"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{83903CAB-2FC1-40f6-8B82-DF123A5FB9E3}"="ABBYYPDFContextMenuExtension"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}"="Multiscan"
"{C970FE3E-1F8C-486E-A5FA-DA7EDB09FC8D}"="AxCrypt Privacy Wrapper File"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{35786D3C-B075-49b9-88DD-029876E11C01}"="Portable Devices"
"{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}"="Portable Devices Menu"
"{45670FA8-ED97-4F44-BC93-305082590BFB}"="Microsoft.XPS.Shell.Metadata.1"
"{44121072-A222-48f2-A58A-6D9AD51EBBE9}"="Microsoft.XPS.Shell.Thumbnail.1"
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}"="NOD32 Context Menu Shell Extension"
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"="Webroot Spy Sweeper Context Menu Integration"
"{44440D00-FF19-4AFC-B765-9A0970567D97}"="TuneUp Theme Extension"
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"="TuneUp Shredder Shell Extension"

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
asferror.dll Tue 24 Oct 2006 20:12:10 A.... 7 680 7,50 K
audiodev.dll Wed 18 Oct 2006 22:47:08 A.... 276 992 270,50 K
auhkfcth.dll Tue 19 Dec 2006 20:37:00 A.... 81 684 79,77 K
bjxrminc.dll Wed 20 Dec 2006 23:37:18 A.... 81 684 79,77 K
blackbox.dll Wed 18 Oct 2006 22:47:10 A.... 542 720 530,00 K
bobtaipr.dll Wed 20 Dec 2006 12:28:40 A.... 81 684 79,77 K
browseui.dll Mon 23 Oct 2006 16:18:46 A.... 1 023 488 999,50 K
bydadyxh.dll Sat 23 Dec 2006 11:07:44 A.... 81 684 79,77 K
cdfview.dll Mon 23 Oct 2006 16:18:46 A.... 152 064 148,50 K
cdhrmsky.dll Sat 23 Dec 2006 17:11:30 A.... 81 684 79,77 K
cdral.dll Wed 27 Sep 2006 16:33:22 A.... 45 056 44,00 K
cdrtc.dll Wed 27 Sep 2006 16:33:22 A.... 49 152 48,00 K
cewmdm.dll Wed 18 Oct 2006 22:47:10 A.... 229 376 224,00 K
cgaheggq.dll Sun 24 Dec 2006 13:07:00 A.... 81 684 79,77 K
danim.dll Mon 23 Oct 2006 16:18:46 A.... 1 056 768 1,01 M
datest~1.dll Sun 17 Dec 2006 1:22:56 A.... 131 072 128,00 K
dcmgfgkp.dll Mon 25 Dec 2006 0:35:06 A.... 81 684 79,77 K
divx.dll Tue 12 Dec 2006 17:25:20 A.... 635 486 620,59 K
divxwm~1.dll Tue 12 Dec 2006 17:24:44 A.... 12 288 12,00 K
divx_x~1.dll Tue 12 Dec 2006 17:25:22 A.... 806 912 788,00 K
divx_x~2.dll Tue 12 Dec 2006 17:25:22 A.... 806 912 788,00 K
divx_x~3.dll Tue 12 Dec 2006 17:25:20 A.... 790 528 772,00 K
djbglnlu.dll Sat 23 Dec 2006 22:57:06 A.... 118 804 116,02 K
dnyrlwxl.dll Sat 23 Dec 2006 17:16:30 A.... 81 684 79,77 K
dpjlskru.dll Mon 25 Dec 2006 0:02:46 A.... 81 684 79,77 K
dpl100.dll Tue 12 Dec 2006 17:25:26 A.... 73 728 72,00 K
dpu10.dll Tue 12 Dec 2006 17:25:24 A.... 294 912 288,00 K
dpu11.dll Tue 12 Dec 2006 17:25:24 A.... 294 912 288,00 K
dpugui10.dll Tue 12 Dec 2006 17:25:26 A.... 53 248 52,00 K
dpugui11.dll Tue 12 Dec 2006 17:25:24 A.... 593 920 580,00 K
dpus11.dll Tue 12 Dec 2006 17:25:24 A.... 344 064 336,00 K
dpv11.dll Tue 12 Dec 2006 17:25:24 A.... 57 344 56,00 K
drmv2clt.dll Wed 18 Oct 2006 22:47:10 A.... 991 744 968,50 K
dtu100.dll Tue 12 Dec 2006 17:25:26 A.... 196 608 192,00 K
dxtmsft.dll Mon 23 Oct 2006 16:18:46 A.... 357 888 349,50 K
dxtrans.dll Mon 23 Oct 2006 16:18:46 A.... 205 312 200,50 K
dxva2.dll Fri 20 Oct 2006 21:29:46 A.... 69 408 67,78 K
ehacxtlg.dll Wed 20 Dec 2006 20:58:16 A.... 81 684 79,77 K
enfkdsfm.dll Sun 24 Dec 2006 10:24:56 A.... 81 684 79,77 K
eqoqmlxm.dll Sat 23 Dec 2006 18:51:10 A.... 81 684 79,77 K
euhmiqai.dll Sun 17 Dec 2006 0:34:44 A.... 118 804 116,02 K
evr.dll Fri 20 Oct 2006 21:30:00 A.... 478 496 467,28 K
extmgr.dll Mon 23 Oct 2006 16:18:46 ..... 55 808 54,50 K
ghqaojcb.dll Sat 23 Dec 2006 19:43:38 A.... 81 684 79,77 K
gunamwmj.dll Thu 21 Dec 2006 21:50:06 A.... 118 804 116,02 K
hhuxluky.dll Thu 21 Dec 2006 0:34:40 A.... 118 804 116,02 K
icardres.dll Mon 30 Oct 2006 3:33:58 A.... 9 480 9,26 K
iepeers.dll Mon 23 Oct 2006 16:18:46 A.... 251 392 245,50 K
imon.dll Sat 21 Dec 2019 10:46:28 A.... 274 432 268,00 K
inetcomm.dll Wed 8 Nov 2006 6:07:30 A.... 679 424 663,50 K
infoca~1.dll Mon 30 Oct 2006 3:33:58 A.... 83 968 82,00 K
inseng.dll Mon 23 Oct 2006 16:18:46 A.... 96 768 94,50 K
isxxagls.dll Sun 24 Dec 2006 13:43:26 A.... 81 684 79,77 K
jsproxy.dll Mon 23 Oct 2006 16:18:46 A.... 16 384 16,00 K
kghxwckc.dll Thu 14 Dec 2006 23:35:24 A.... 118 804 116,02 K
lafxdkwb.dll Fri 22 Dec 2006 10:34:16 ..... 118 804 116,02 K
laprxy.dll Wed 18 Oct 2006 22:47:14 A.... 11 264 11,00 K
lbwmxkjv.dll Tue 19 Dec 2006 11:22:30 A.... 118 804 116,02 K
legitc~1.dll Sun 22 Oct 2006 17:33:32 A.... 519 944 507,76 K
libdivx.dll Tue 12 Dec 2006 17:30:20 A.... 1 044 480 1020,00 K
mbjtpjwi.dll Sun 24 Dec 2006 0:05:14 A.... 81 684 79,77 K
mfplat.dll Wed 18 Oct 2006 22:47:14 ..... 212 992 208,00 K
milcore.dll Fri 20 Oct 2006 21:30:06 A.... 1 980 704 1,89 M
mp43decd.dll Wed 18 Oct 2006 22:47:14 ..... 259 072 253,00 K
mp43dmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mp4sdecd.dll Wed 18 Oct 2006 22:47:14 ..... 317 440 310,00 K
mp4sdmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mpg4decd.dll Wed 18 Oct 2006 22:47:14 ..... 259 072 253,00 K
mpg4dmod.dll Wed 18 Oct 2006 22:47:14 A.... 4 096 4,00 K
mshtml.dll Mon 23 Oct 2006 16:18:46 A.... 3 076 096 2,93 M
mshtmled.dll Mon 23 Oct 2006 16:18:48 A.... 448 512 438,00 K
msnetobj.dll Wed 18 Oct 2006 22:47:16 A.... 179 712 175,50 K
mspmsnsv.dll Wed 18 Oct 2006 22:47:16 A.... 27 136 26,50 K
mspmsp.dll Wed 18 Oct 2006 22:47:16 A.... 175 616 171,50 K
msrating.dll Mon 23 Oct 2006 16:18:48 A.... 146 432 143,00 K
msscp.dll Wed 18 Oct 2006 22:47:16 A.... 414 208 404,50 K
mstime.dll Mon 23 Oct 2006 16:18:48 A.... 532 480 520,00 K
mswmdm.dll Wed 18 Oct 2006 22:47:16 A.... 321 536 314,00 K
msxml4.dll Sat 4 Nov 2006 14:14:00 A.... 1 245 696 1,19 M
msxml6.dll Sat 4 Nov 2006 20:25:50 A.... 1 321 744 1,26 M
nwapi32.dll Fri 13 Oct 2006 13:36:56 A.... 64 000 62,50 K
nwprovau.dll Fri 13 Oct 2006 13:36:56 A.... 145 920 142,50 K
nwwks.dll Fri 13 Oct 2006 13:36:56 A.... 65 536 64,00 K
oomfhkip.dll Sun 24 Dec 2006 13:56:44 A.... 81 684 79,77 K
pbsuiftg.dll Mon 25 Dec 2006 9:58:40 A.... 81 684 79,77 K
photom~1.dll Tue 24 Oct 2006 12:30:20 ..... 412 160 402,50 K
pmnlm.dll Wed 29 Nov 2006 1:35:12 ..... 704 564 688,05 K
pncrt.dll Wed 8 Nov 2006 10:41:50 A.... 278 528 272,00 K
pndx5016.dll Wed 8 Nov 2006 10:42:08 A.... 6 656 6,50 K
pndx5032.dll Wed 8 Nov 2006 10:42:08 A.... 5 632 5,50 K
pngfilt.dll Mon 23 Oct 2006 16:18:48 A.... 39 424 38,50 K
po1676~1.dll Wed 18 Oct 2006 22:47:18 ..... 199 168 194,50 K
portab~1.dll Wed 18 Oct 2006 22:47:18 ..... 284 160 277,50 K
portab~2.dll Wed 18 Oct 2006 22:47:18 ..... 101 888 99,50 K
portab~3.dll Wed 18 Oct 2006 22:47:18 ..... 166 912 163,00 K
portab~4.dll Wed 18 Oct 2006 22:47:18 ..... 132 096 129,00 K
presen~1.dll Fri 20 Oct 2006 21:29:52 A.... 104 224 101,78 K
presen~2.dll Fri 20 Oct 2006 21:29:46 A.... 20 768 20,28 K
presen~3.dll Fri 20 Oct 2006 21:30:02 A.... 769 312 751,28 K
prntvpt.dll Sat 14 Oct 2006 16:43:38 ..... 124 416 121,50 K
qasf.dll Wed 18 Oct 2006 22:47:18 A.... 211 456 206,50 K
qcckgnfc.dll Sun 24 Dec 2006 22:16:02 A.... 81 684 79,77 K
qorlgikw.dll Sun 24 Dec 2006 16:54:32 A.... 81 684 79,77 K
qt-dx331.dll Tue 12 Dec 2006 17:30:28 A.... 3 596 288 3,43 M
rdqpqtyp.dll Sat 23 Dec 2006 13:35:28 A.... 81 684 79,77 K
rmoc3260.dll Wed 8 Nov 2006 10:42:40 A.... 185 952 181,59 K
rpjuvurx.dll Sun 24 Dec 2006 13:36:46 A.... 81 684 79,77 K
rxejmbfm.dll Sat 23 Dec 2006 17:40:42 A.... 81 684 79,77 K
sfafycsh.dll Sat 21 Dec 2019 20:46:38 A.... 81 684 79,77 K
shdocvw.dll Mon 23 Oct 2006 16:18:48 A.... 1 495 040 1,43 M
shlwapi.dll Mon 23 Oct 2006 16:18:48 A.... 474 624 463,50 K
smwdnarn.dll Tue 19 Dec 2006 20:37:10 A.... 118 804 116,02 K
spmsg.dll Mon 16 Oct 2006 16:10:58 ..... 14 640 14,30 K
ssldivx.dll Tue 12 Dec 2006 17:30:20 A.... 200 704 196,00 K
sxs.dll Fri 20 Oct 2006 2:38:44 A.... 716 800 700,00 K
tslssvsd.dll Thu 21 Dec 2006 21:16:34 A.... 81 684 79,77 K
uiauto~1.dll Fri 20 Oct 2006 21:29:54 A.... 159 008 155,28 K
urlmon.dll Mon 23 Oct 2006 16:18:48 A.... 615 936 601,50 K
uxtuneup.dll Fri 6 Oct 2006 6:27:20 A.... 24 072 23,51 K
vnggvrai.dll Sun 24 Dec 2006 20:26:32 A.... 81 684 79,77 K
wdfapi.dll Wed 18 Oct 2006 22:47:18 A.... 4 096 4,00 K
window~1.dll Tue 24 Oct 2006 12:30:06 ..... 716 288 699,50 K
window~2.dll Tue 24 Oct 2006 12:29:50 ..... 352 256 344,00 K
wininet.dll Mon 23 Oct 2006 16:18:48 A.... 663 040 647,50 K
wmadmod.dll Wed 18 Oct 2006 22:47:18 A.... 757 248 739,50 K
wmadmoe.dll Wed 18 Oct 2006 22:47:18 A.... 1 117 696 1,06 M
wmasf.dll Wed 18 Oct 2006 22:47:18 A.... 222 208 217,00 K
wmdmlog.dll Wed 18 Oct 2006 22:47:18 A.... 33 792 33,00 K
wmdmps.dll Wed 18 Oct 2006 22:47:18 A.... 37 376 36,50 K
wmdrmdev.dll Wed 18 Oct 2006 22:47:18 A.... 429 056 419,00 K
wmdrmnet.dll Wed 18 Oct 2006 22:47:20 A.... 348 672 340,50 K
wmdrmsdk.dll Wed 18 Oct 2006 22:47:20 ..... 535 040 522,50 K
wmerror.dll Tue 24 Oct 2006 20:14:18 A.... 272 384 266,00 K
wmidx.dll Wed 18 Oct 2006 22:47:20 A.... 157 184 153,50 K
wmnetmgr.dll Wed 18 Oct 2006 22:47:20 A.... 937 984 916,00 K
wmp.dll Wed 18 Oct 2006 22:47:20 A.... 10 834 432 10,33 M
wmpasf.dll Wed 18 Oct 2006 22:47:20 A.... 242 688 237,00 K
wmpdxm.dll Wed 18 Oct 2006 22:47:20 A.... 314 880 307,50 K
wmpeff~1.dll Wed 18 Oct 2006 22:47:20 ..... 295 936 289,00 K
wmpencen.dll Wed 18 Oct 2006 22:47:20 A.... 1 661 440 1,58 M
wmphoto.dll Tue 24 Oct 2006 12:30:00 ..... 276 992 270,50 K
wmploc.dll Tue 24 Oct 2006 20:35:20 A.... 8 292 352 7,91 M
wmpmde.dll Wed 18 Oct 2006 22:47:20 ..... 613 376 599,00 K
wmpps.dll Wed 18 Oct 2006 22:47:20 ..... 130 048 127,00 K
wmpshell.dll Tue 24 Oct 2006 20:14:48 A.... 99 840 97,50 K
wmpsrcwp.dll Wed 18 Oct 2006 22:47:20 A.... 204 288 199,50 K
wmsdmod.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmsdmoe2.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmspdmod.dll Wed 18 Oct 2006 22:47:22 A.... 603 648 589,50 K
wmspdmoe.dll Wed 18 Oct 2006 22:47:22 A.... 1 329 152 1,27 M
wmvadvd.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvadve.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvcore.dll Wed 18 Oct 2006 22:47:22 A.... 2 450 944 2,34 M
wmvdecod.dll Wed 18 Oct 2006 22:47:22 ..... 1 543 680 1,47 M
wmvdmod.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvdmoe2.dll Wed 18 Oct 2006 22:47:22 A.... 4 096 4,00 K
wmvencod.dll Wed 18 Oct 2006 22:47:22 ..... 1 574 912 1,50 M
wmvsdecd.dll Wed 18 Oct 2006 22:47:22 ..... 1 382 912 1,32 M
wmvsencd.dll Wed 18 Oct 2006 22:47:22 ..... 767 488 749,50 K
wmvxencd.dll Wed 18 Oct 2006 22:47:22 ..... 656 896 641,50 K
wpdconns.dll Wed 18 Oct 2006 22:47:22 A.... 35 840 35,00 K
wpdmtp.dll Wed 18 Oct 2006 22:47:22 A.... 154 624 151,00 K
wpdmtpus.dll Wed 18 Oct 2006 22:47:22 A.... 63 488 62,00 K
wpdshext.dll Wed 18 Oct 2006 22:47:22 ..... 2 603 008 2,48 M
wpdshe~1.dll Wed 18 Oct 2006 23:04:18 ..... 44 032 43,00 K
wpdshs~1.dll Wed 18 Oct 2006 22:47:22 ..... 133 632 130,50 K
wpdsp.dll Wed 18 Oct 2006 22:47:22 A.... 356 352 348,00 K
wpd_ci.dll Wed 18 Oct 2006 22:47:22 A.... 629 760 615,00 K
wudfco~1.dll Thu 28 Sep 2006 20:13:26 ..... 95 344 93,11 K
wudfpl~1.dll Thu 28 Sep 2006 18:56:16 ..... 165 376 161,50 K
wudfsvc.dll Thu 28 Sep 2006 18:56:14 ..... 55 808 54,50 K
wudfx.dll Thu 28 Sep 2006 18:56:38 ..... 316 416 309,00 K
xayblhsy.dll Sun 24 Dec 2006 15:45:18 A.... 81 684 79,77 K
xhyndkua.dll Sun 24 Dec 2006 21:18:10 A.... 81 684 79,77 K
xpsp3res.dll Mon 23 Oct 2006 12:42:56 A.... 121 856 119,00 K
xpsshhdr.dll Sat 14 Oct 2006 20:21:58 ..... 580 352 566,75 K
xpssvcs.dll Sat 14 Oct 2006 20:22:00 ..... 1 698 048 1,62 M
yrbjcxeq.dll Sun 24 Dec 2006 23:30:12 A.... 81 684 79,77 K

178 items found: 178 files, 0 directories.
Total of file sizes: 86 048 362 bytes 82,06 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
mcrh.tmp Sat 23 Dec 2006 18:48:30 A.... 143 0,14 K
set1b5.tmp Wed 18 Oct 2006 22:47:18 A.... 757 248 739,50 K
set1b7.tmp Wed 18 Oct 2006 22:47:18 A.... 222 208 217,00 K
set1c3.tmp Wed 18 Oct 2006 22:47:22 A.... 2 450 944 2,34 M
set21c.tmp Tue 24 Oct 2006 20:14:48 A.... 99 840 97,50 K
set92.tmp Fri 27 Oct 2006 2:44:26 A.... 71 680 70,00 K
set93.tmp Fri 27 Oct 2006 2:44:06 A.... 123 904 121,00 K
set96.tmp Tue 17 Oct 2006 13:03:56 A.... 17 408 17,00 K
set97.tmp Tue 17 Oct 2006 12:58:06 A.... 346 624 338,50 K
set98.tmp Tue 17 Oct 2006 12:57:50 A.... 214 528 209,50 K
set99.tmp Fri 27 Oct 2006 15:09:58 ..... 131 584 128,50 K
set9a.tmp Tue 17 Oct 2006 13:06:10 ..... 443 904 433,50 K
set9c.tmp Fri 27 Oct 2006 2:44:04 A.... 54 784 53,50 K
set9e.tmp Fri 27 Oct 2006 2:44:36 A.... 152 064 148,50 K
set9f.tmp Fri 27 Oct 2006 2:44:42 A.... 229 376 224,00 K
seta0.tmp Fri 27 Oct 2006 2:42:54 A.... 161 792 158,00 K
seta3.tmp Fri 27 Oct 2006 2:44:46 A.... 382 976 374,00 K
seta4.tmp Tue 17 Oct 2006 13:06:00 ..... 78 336 76,50 K
seta7.tmp Fri 27 Oct 2006 15:09:58 A.... 191 488 187,00 K
seta8.tmp Fri 27 Oct 2006 2:44:08 A.... 43 008 42,00 K
setaa.tmp Fri 27 Oct 2006 2:44:26 A.... 55 296 54,00 K
setac.tmp Fri 27 Oct 2006 2:42:36 A.... 56 483 55,16 K
setad.tmp Tue 17 Oct 2006 12:57:58 A.... 36 352 35,50 K
setae.tmp Tue 17 Oct 2006 13:05:48 A.... 1 817 088 1,73 M
setaf.tmp Fri 27 Oct 2006 2:44:08 A.... 92 672 90,50 K
setb0.tmp Tue 17 Oct 2006 13:00:00 A.... 491 520 480,00 K
setb1.tmp Fri 27 Oct 2006 15:09:58 A.... 27 136 26,50 K
setb2.tmp Tue 17 Oct 2006 13:05:10 A.... 40 960 40,00 K
setb6.tmp Tue 17 Oct 2006 12:56:10 A.... 45 568 44,50 K
setb7.tmp Fri 27 Oct 2006 15:09:58 A.... 3 577 856 3,41 M
setb8.tmp Tue 17 Oct 2006 12:19:54 A.... 1 383 424 1,32 M
setb9.tmp Fri 27 Oct 2006 15:09:58 A.... 475 648 464,50 K
setba.tmp Tue 17 Oct 2006 12:28:56 A.... 48 128 47,00 K
setbb.tmp Fri 27 Oct 2006 15:09:58 A.... 156 160 152,50 K
setbc.tmp Tue 17 Oct 2006 13:05:10 A.... 192 000 187,50 K
setbd.tmp Fri 27 Oct 2006 15:09:58 A.... 670 720 655,00 K
setbe.tmp Tue 17 Oct 2006 13:04:46 A.... 101 376 99,00 K
setbf.tmp Tue 17 Oct 2006 12:58:08 A.... 44 544 43,50 K
setc2.tmp Tue 17 Oct 2006 12:55:56 A.... 66 560 65,00 K
setc4.tmp Tue 17 Oct 2006 13:05:22 A.... 105 984 103,50 K
setc5.tmp Fri 27 Oct 2006 15:09:58 A.... 1 162 240 1,11 M
setc6.tmp Fri 27 Oct 2006 15:09:58 A.... 413 696 404,00 K
setc7.tmp Fri 27 Oct 2006 15:09:58 A.... 231 424 226,00 K

43 items found: 43 files, 0 directories.
Total of file sizes: 17 466 674 bytes 16,66 M
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 4C72-113A

R‚pertoire de C:\WINDOWS\System32

25/12/2006 17:40 668ÿ377 mlnmp.ini
25/12/2006 11:59 668ÿ012 mlnmp.bak2
25/12/2006 00:44 668ÿ343 mlnmp.ini2
24/12/2006 13:52 3ÿ350 KGyGaAvL.sys
24/12/2006 13:52 104 B8522A440D.sys
24/12/2006 10:24 37ÿ739 ulnlgbjd.ini
22/12/2006 22:03 38ÿ219 bwkdxfal.ini
21/12/2006 21:50 37ÿ559 jmwmanug.ini
21/12/2006 01:16 37ÿ619 ykulxuhh.ini
15/12/2006 17:03 <REP> dllcache
15/12/2006 10:17 37ÿ679 ckcwxhgk.ini
09/12/2006 10:45 <REP> Microsoft
27/11/2006 00:17 8ÿ704 Thumbs.db
25/09/2005 20:51 99ÿ480 FwsVpn.dll
12 fichier(s) 2ÿ305ÿ185 octets
2 R‚p(s) 38ÿ438ÿ608ÿ896 octets libres

Réponse 26 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
25 déc. 2006 à 18:09

aparement les spys n'ont pas été supprimé :

25/12/2006 17:40 668ÿ377 mlnmp.ini
25/12/2006 11:59 668ÿ012 mlnmp.bak2
25/12/2006 00:44 668ÿ343 mlnmp.ini2

on va essayé de les virer avec ca

Télécharge VirtumundoBegone sur le bureau:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe"
target=_blank
>http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

Double clique ensuite sur VirtumundoBeGone.exe et suis les
instructions.
Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le
bureau dans ta prochaine réponse avec un nouveau rapport HijackThis.
Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale",
c'est normal et attendu.

au fait esque t'arrive a demarrer en mode sans echec?

a+++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
25 déc. 2006 à 18:52

je ne peux pas dermarerr en mode sans echec sans savoir la raison autre chose de plus virtumundo je pense que c logiceil provok d spy aussi kan j avais mon probleme il etai dans spybto
ok merci pour l info je te fai in scann deja avec hitjk

Logfile of HijackThis v1.99.1
Scan saved at 18:54:09, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\WINDOWS\system32\svchost.exe
D:\telechargement du net divers\securite xp autre\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.clubic.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {DEEF05A7-7CFD-4F4C-8077-BA2481BF8714} - C:\WINDOWS\system32\pmnlm.dll
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Réponse 27 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
25 déc. 2006 à 19:05

Bonsoir VirtumundoBegone n'est pas un spy mais un antispyware qui permet d'erradiquer l'infection vundo

a+++++

Réponse 28 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
25 déc. 2006 à 19:53

rebonsoir j'ai une autre idée :)

telecharge vundofix

http://www.atribune.org/ccount/click.php?id=4

Double-clique VundoFix.exe afin de le lancer.
[*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
[*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\pmnlm.dll

[*]Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\WINDOWS\system32\mlnmp.*

[*]Clique sur le bouton "Add File(s)"
[*]Clique sur le bouton "Close Window".
[*]Clique à nouveau sur "Remove Vundo"
[*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
[*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
[*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

normalement ca deverais marché :) ensuite colle un nouveau raport hijack pour voir si le spy est bien parti

a++++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
25 déc. 2006 à 23:48

me revoila mais je ne ss plus embeter par le cheval d 3 c bizar quand meme sauf que le fichier pmnlm.dll i tjr la l essentiel c que je ne ss plus deranger autre chose j ai mon parfeu activer impossible de le desactiver j ai tt essayer meme via la base d registre
aller suite

Logfile of HijackThis v1.99.1
Scan saved at 23:48:08, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\telechargement du net divers\securite xp autre\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.clubic.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:3128
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7FF6F17E-F242-466F-AFD1-C3155FFACA3C} - C:\WINDOWS\system32\pmnlm.dll (file missing)
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Réponse 29 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
26 déc. 2006 à 00:05

Bonne nouvelle c'est bon le fichier pmnlm.dll est bien supprimé

maintenant ouvre hijack coche cette ligne puis clic sur fix checked

O2 - BHO: (no name) - {7FF6F17E-F242-466F-AFD1-C3155FFACA3C} - C:\WINDOWS\system32\pmnlm.dll (file missing)

concernant le trojan quelle programe te le detectes et ou ?

a+++++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
26 déc. 2006 à 00:10

c avdc le scanne d hitjk que j ai vue la ligne a cocher je refai in scane d suite, je pense que t as bien raison je ne vois plus d ligne ca fai plz d t avoir ton aide salwa sincerement meme c je connais en infos jt depasser voila
merci encore et n hesite pas pour tte infos o contacte a la suite

Réponse 30 / 30

salwa5 Messages postés 7452 Date d'inscription jeudi 30 novembre 2006 Statut Contributeur Dernière intervention 18 août 2012 1 632
26 déc. 2006 à 00:26

de rien :)

fix ces lignes aussi avec hijack

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

ensuite lance avg antispyware et ccleaner

pour finir quelque conseilles
- passe reglierement les antispyware (adaware , spybot , avg .. ect) pense a les mettre ajour avant de les lancé c'est tres important

-supprime regulierement les fichiers inutiles (fichiers temporaire , cookies .. ect a l'aide de CCleaner https://www.malekal.com/tutoriel-ccleaner/

- Nettoye ta base de registre avec regcleaner : https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/

-maintenant que ton ordinateur est propre je te conseille de creer un point de restauration comme ca en cas de probleme (virus , plantage ..ect) tu poura tjr revenir en arriere
http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

pour le reste je t'envois un message privé :)

a++++

sultan54 Messages postés 227 Date d'inscription jeudi 27 janvier 2005 Statut Membre Dernière intervention 11 juillet 2010 118
26 déc. 2006 à 13:40

assalam et un tres grd bnjr a toi
tt ces conseils sont deja appliki depuis longtemps nettoyage et verification avec spybot adwar celaner etc... zone alarme aussi je vais nettoyer les lignes
merci quand meme

Aider moi win 32 l horreur

30 réponses

Discussions similaires