Probleme de about blank sur mozilla firefox

riviere -  
 riviere -
bonjours,pourriez s'il vous plais avoir la gentillesse de bien vouloir m'aider j'ai eu recement 7 cheval de troi et beaucoup de fichier infecter depuis je ne peut plus utiliser mozilla firefox car quand j'ouvre la page celle ci reste blanche d'apres ce que j'ai lu sur votre site cet un probleme de about blank dailleur dans les information de ma page firefox le url est about blank jai donc fait un scan hijackthis il y apparait des lignes BHO je ne sais pas si il y a des lignes qui envoie sur des sites payants et je ne sais pas suprimer les lignes.
merci de bien vouloir m'aider.ci-joint mon scan hijackthis

ogfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:07:52, on 14/06/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Sanchez\Local Settings\Temporary Internet Files\Content.IE5\4T2B85Q7\HiJackThis_v2[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://start.mozilla.org/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kav.exe" /minimize
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Policies\Explorer\Run: [333] C:\Syswm1f\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [50] C:\SysAd5C\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [4] C:\SysWsj4\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [66] C:\SysDayN5\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Anti-Hacker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: 4C74676 - Unknown owner - C:\WINDOWS\System32\4C74676.EXE (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\System32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Anti-Virus Service (kavsvc) - Kaspersky Labs Ltd. - C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kavsvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\System32\inetsrv\inetinfo.exe
O23 - Service: Service SNMP (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\System32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 8076 bytes
r.
Configuration: Windows XP
Internet Explorer 6.0

17 réponses

Résumé de la discussion

Problème d'infection avec une page about:blank dans Firefox après une infection présumée, avec des entrées BHO suspectes relevées par HijackThis et une crainte d'infection persistante pouvant affecter le navigateur. Les solutions échangées incluent des nettoyages manuels du registre et des démarrages, suppression de dossiers système suspects (Syswm1f, SysAd5C, SysWsj4, SysDayN5), et réinstallation partielle ou complète de Firefox après vérification des modules. En cas de persistance, certains préconisent l’usage d’outils comme Malwarebytes et des vérifications plus approfondies des composants et extensions, tout en avertissant des risques liés aux modifications manuelles du système.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Bonjour

    Pas très propre ;-)

    Télécharge ComboScan sur ton Bureau.
    ---> http://www.techsupportforum.com/sectools/Deckard/dss.exe
    Ferme toutes les applications en cours ; antivirus, pare-feu, etc ..
    Double-clic sur comboscan.exe A la fenêtre qui s'affiche, clic sur OK.
    Soit patient ..
    Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.
    Attention, il peut avoir deux, trois rapports mets les tous ici stp
    0
    1. riviere
       
      merci pour votre reponse voici les resultats du scan.


      eckard's System Scanner v20070611.50
      Run by Sanchez on 2007-06-14 at 20:20:01
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- System Restore --------------------------------------------------------------

      Successfully created a Deckard's System Scanner Restore Point.


      -- Last 5 Restore Point(s) --
      109: 2007-06-14 18:20:14 UTC - RP121 - Deckard's System Scanner Restore Point
      108: 2007-06-14 05:11:14 UTC - RP120 - Software Distribution Service 2.0
      107: 2007-06-14 05:05:54 UTC - RP119 - Opération de restauration
      106: 2007-06-14 04:56:56 UTC - RP118 - Opération de restauration
      105: 2007-06-14 04:32:47 UTC - RP117 - Software Distribution Service 2.0


      -- First Restore Point --
      1: 2007-03-17 12:25:47 UTC - RP13 - Point de vérification système


      Backed up registry hives.

      Performed disk cleanup.


      -- HijackThis (run as Sanchez.exe) ---------------------------------------------

      Logfile of HijackThis v1.99.1
      Scan saved at 20:21:59, on 14/06/2007
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\BroadJump\Client Foundation\CFD.exe
      C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\System32\inetsrv\inetinfo.exe
      C:\WINDOWS\system32\pctspk.exe
      C:\WINDOWS\System32\tcpsvcs.exe
      C:\WINDOWS\System32\snmp.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Documents and Settings\Sanchez\Local Settings\Temporary Internet Files\Content.IE5\KLMW61TR\dss[1].exe
      C:\PROGRA~1\HIJACK~1\Sanchez.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://start.mozilla.org/fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
      O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kav.exe" /minimize
      O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
      O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [drmpbdu] c:\windows\system32\drmpbdu.exe drmpbdu
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
      O4 - Global Startup: Anti-Hacker.lnk = ?
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: 4C74676 - Unknown owner - C:\WINDOWS\System32\4C74676.EXE (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Anti-Virus Service (kavsvc) - Kaspersky Labs Ltd. - C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kavsvc.exe
      O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe


      -- File Associations -----------------------------------------------------------

      [COLOR=red].bat - batfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,-153[/COLOR]
      [COLOR=red].com - comfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,2[/COLOR]
      [COLOR=red].hlp - hlpfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,23[/COLOR]
      [COLOR=red].ini - inifile - DefaultIcon - shell32.dll,-151[/COLOR]
      [COLOR=red].reg - regfile - DefaultIcon - C:\WINDOWS\regedit.exe,1[/COLOR]
      [COLOR=red].txt - txtfile - DefaultIcon - shell32.dll,-152[/COLOR]


      -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

      R0 Klpf - c:\windows\system32\drivers\klpf.sys <Not Verified; KL; KL klpf>
      R0 Klpid - c:\windows\system32\drivers\klpid.sys <Not Verified; KL; KL klpid>
      R1 Klmc - c:\windows\system32\drivers\klmc.sys <Not Verified; Kaspersky Lab; Kaspersky Anti-Virus Personal>
      R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
      R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
      R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

      S3 USB-100 (Realtek RTL8150 USB 10/100 Fast Ethernet Adapter) - c:\windows\system32\drivers\rtl8150.sys <Not Verified; Realtek; Realtek 8150-series USB NIC>
      S4 poof - c:\windows\system32\poof (file missing)


      -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

      S2 4C74676 - c:\windows\system32\4c74676.exe -service (file missing)
      S2 kavsvc (Anti-Virus Service) - "c:\program files\micro application\sécurité internet\anti-virus perso & pro\anti-virus\kavsvc.exe" <Not Verified; Kaspersky Labs Ltd.; Anti-Virus Personal>


      -- Scheduled Tasks -------------------------------------------------------------

      2007-06-14 20:00:02 258 --a------ C:\WINDOWS\Tasks\Rappel d'expiration de la désinstallation.job
      2007-06-08 20:25:16 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
      2007-06-06 19:00:02 502 --a------ C:\WINDOWS\Tasks\Démarrage du programme de réglages.job


      -- Files created between 2007-05-14 and 2007-06-14 -----------------------------

      2007-06-14 16:26:41 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Talkback
      2007-06-14 07:16:57 0 dr-h----- C:\Documents and Settings\Sanchez\Recent
      2007-06-14 07:06:47 0 d--hs---- C:\undo
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.009
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.008
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.007
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.006
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.005
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.004
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.003
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.002
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.001
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.000
      2007-06-14 06:31:31 335 --a------ C:\WINDOWS\mozregistry.dat
      2007-06-13 15:57:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
      2007-06-13 15:55:12 3145728 --a------ C:\Documents and Settings\Sanchez\ntuser.dat
      2007-06-13 00:58:20 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
      2007-06-12 21:51:57 0 d-------- C:\Program Files\Fichiers communs\DriveCleaner Free
      2007-06-12 21:50:35 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
      2007-06-12 21:48:29 153088 --a------ C:\WINDOWS\System32\UNRAR3.dll
      2007-06-12 21:48:28 0 d-------- C:\Program Files\Trojan Remover
      2007-06-12 21:48:28 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Simply Super Software
      2007-06-12 21:45:02 0 d--h----- C:\Program Files\InstallShield Installation Information
      2007-06-12 21:43:36 0 d-------- C:\Program Files\Alice
      2007-06-11 20:11:20 30720 --a------ C:\WINDOWS\System32\poof.ren
      2007-06-11 20:08:12 0 d--hs---- C:\FOUND.020
      2007-06-03 16:49:16 74752 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>
      2007-06-01 20:03:18 0 d--hs---- C:\FOUND.019
      2007-05-28 11:28:30 0 d--hs---- C:\FOUND.018
      2007-05-16 17:50:54 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Apple Computer
      2007-05-16 17:46:10 0 d-------- C:\Program Files\QuickTime
      2007-05-16 17:43:09 0 d-------- C:\Program Files\Apple Software Update
      2007-05-16 17:40:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer


      -- Find3M Report ---------------------------------------------------------------

      2007-05-06 16:14:32 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Sun
      2007-04-14 17:37:08 0 d-------- C:\Program Files\SUPERAntiSpyware
      2007-04-14 17:37:08 0 d-------- C:\Documents and Settings\Sanchez\Application Data\SUPERAntiSpyware.com
      2007-04-14 17:36:24 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
      2007-04-03 22:45:12 1289 --a------ C:\WINDOWS\mozver.dat
      2007-04-01 16:01:20 4212 ---h----- C:\WINDOWS\System32\zllictbl.dat
      2007-03-25 16:32:00 0 --a------ C:\WINDOWS\nsreg.dat
      2007-03-21 16:53:20 1 --a------ C:\WINDOWS\System32\index.dat
      2007-03-20 19:31:40 32768 ---h----- C:\WINDOWS\$NtUninstallKB824151$


      -- Registry Dump ---------------------------------------------------------------

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
      {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      {9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
      "BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
      "KAVPersonal50"="\"C:\\Program Files\\Micro Application\\Sécurité Internet\\Anti-Virus Perso & Pro\\Anti-Virus\\kav.exe\" /minimize"
      "OESpamTest"="C:\\PROGRA~1\\MICROA~1\\SÉCURI~1\\ANTI-V~1\\ANTI-S~1\\OESpamTest.ExE"
      "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
      "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
      "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
      "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
      "drmpbdu"="c:\\windows\\system32\\drmpbdu.exe drmpbdu"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
      "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
      "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
      "DisableRegistryTools"=dword:00000000

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
      "333"="C:\\Syswm1f\\svchost.exe"
      "50"="C:\\SysAd5C\\svchost.exe"
      "4"="C:\\SysWsj4\\svchost.exe"
      "66"="C:\\SysDayN5\\svchost.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
      "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

      HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

      HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
      Authentication Packages REG_MULTI_SZ msv1_0\0\0
      Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
      Notification Packages REG_MULTI_SZ scecli\0\0


      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
      "LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
      LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
      NetworkService REG_MULTI_SZ DnsCache\0\0
      rpcss REG_MULTI_SZ RpcSs\0\0
      imgsvc REG_MULTI_SZ StiSvc\0\0
      termsvcs REG_MULTI_SZ TermService\0\0
      0
    2. riviere
       
      salut il me semble avoir fait se que tu me demander dans ton message 16 et pourtant je n'ai plus de reponse de ta part ai e fait une erreur ?
      en plus n pc s'agrave j'ai sistematiquement des pages de pub qui s'ouvre et internet e ferme tout seul.
      pourrais tu avir la gentillesse de me repondre stp merci de ton aide.
      0
  2. riviere
     
    Re merci pour votre reponse mais j'ai un petit souci avec l'adresse que vous m'avez donnez pour telecharger car as me dit impossible d'afficher la page.
    0
  3. Utilisateur anonyme
     
    Ok, fais ceci et seulement après essaye de le télécharger à nouveau :

    ¤ Clic sur démarrer, poste de travail, C:, cherche et supprime ces dossiers :

    C:\Syswm1f
    C:\SysAd5C
    C:\SysWsj4
    C:\SysDayN5

    ¤ Clic sur démarrer, poste de travail, C:, Windows, system32, cherche et supprime si présent :

    C:\WINDOWS\System32\4C74676.EXE

    **Si un fichier/dossier persiste lors de la suppression fait ceci:
    - Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
    Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.

    ¤ Clic sur "démarrer", "exécuter", tape: services.msc
    Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"

    - Google Updater Service
    - 4C74676

    Redémarre ton PC puis essaye à nouveau de télécharger le fichier que je t'ai demandé
    0
    1. riviere
       
      encore merci de votre aide
      anchez [I](admin)[/I]


      -- Add/Remove Programs ---------------------------------------------------------

      --> "C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /UNINSTALL /PROMPT
      --> C:\PROGRA~1\CLUB-I~1\DRCLUB~1\Uninstall.exe TONLFR
      --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
      Ad-Aware SE Personal --> C:\PROGRA~1\LAVASOFT\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\INSTALL.LOG
      Adobe Flash Player 9 ActiveX --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
      Anti-Hacker --> "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\uninstall.exe"
      Anti-Spam --> "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\uninstall.exe"
      Anti-Virus --> "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\uninstall.exe"
      Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
      AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
      Barre d'outils MSN --> C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c
      BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
      CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
      Configurateur Modem --> "C:\Program Files\Club-Internet\Assistance\ConfModem\uninstall.exe"
      Correctif Windows XP - KB842773 --> C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe
      Docteur Club Internet --> C:\WINDOWS\Motive\TONLFR\MCCUninst.exe
      Désinstallation de Windows XP --> %SYSTEMROOT%\system32\osuninst.exe
      Gnumeric Spreadsheet (With Gtk+ 2.10.6) 1.7.6-win32-1 --> C:\Gnumeric\uninst.exe
      J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
      Kit de Connexion Alice ADSL --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel
      Language pack for Ad-Aware SE --> C:\PROGRA~1\LAVASOFT\AD-AWA~1\PLUGINS\LANGS\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\PLUGINS\LANGS\INSTALL.LOG
      Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
      Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
      QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
      Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
      SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
      Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
      Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
      ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


      -- End of Deckard's System Scanner: finished at 2007-06-14 at 20:23:02 ---------
      0
  4. Utilisateur anonyme
     
    Es-tu sûr d'avoir fais ce que je t'ai demandé dans mon dernier message ?

    - La suppression des dossiers
    - L'arrêt des services que je t'ai indiqué
    - De plus Cmboscan est mal placé et les logiciels de sécurité pas arrêté.

    Fas ce que je te demande à la lettre, le cas échant demande à quelqu'un d'autre de t'aider de plus si je te demande de placer ce fichier sur ton bureau ou arrêté un service, c'est pas pour t'ennuyer ..
    0
    1. riviere
       
      non desole j'avais pas enlever les fichier car avant que je reçois ton messages le telechargement a marcher donc j'ai fait le scan et je tes envoyer le message encore desole j'ai pourtant quiter l'anti virus et zone alarm faut t'il que je les desinstalle et que je recommence le scan ?
      encore desole et merci de ton aide.
      0
    2. riviere
       
      ok merci j'ai compris qu'il faut que je passe par demarrer paneau de configuration puis lecteur c mais je vois pas les fichier a suprimer pourrais tu stp me dire le chemin et il y a pas de soucis je fait se que tu me dit encore merci de ton aide.
      0
    3. riviere
       
      j'ai reussi a ouvrir le service local pour desactiver ce que tu ma demander mais je tai envoyer scan avant veut tu toujour que je desactive ? merci de ton aide
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Non ne les désinstalle pas, les arrêter suffit.

    Supprime les dossiers et arrêtes les services que je t'ai indiqué et ensuite remet un rapport comboscan stp
    0
  7. Utilisateur anonyme
     
    Non pourquoi passer par panneau de configuration ? !

    Fais ceci :

    ¤ Pour afficher tous les dossiers et fichiers cachés :

    Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"

    Coche :
    - afficher les fichiers et dossiers cachés
    - Clic sur "appliquer" puis "ok"
    ----------------------------------------------------------

    Ensuite :

    ¤ Clic sur démarrer, poste de travail, C:, cherche et supprime ces dossiers :

    C:\Syswm1f
    C:\SysAd5C
    C:\SysWsj4
    C:\SysDayN5

    0
    1. riviere
       
      desole j'ai fait tout ce que tu ma dit mais je trouve pas les dossier que tu me demande de suprimer il aparaise pas jai pourtant fait l'option afficher les fichiers et dossiers cacher mais je les trouve pas desole je suis nule mais debutante. que puis je faire.
      0
  8. Utilisateur anonyme
     
    Pas grave !

    Maintenant, fais ceci, si tu l'as déjà fais alors remet un rapport comboscan

    ¤ Clic sur "démarrer", "exécuter", tape: services.msc
    Cherche dans la liste les lignes ci-dessous, tu fais un clic droit dessus choisis "propriétés" et régle les sur "désactivé"

    - Google Updater Service
    - 4C74676
    0
    1. riviere
       
      Utile ? Votez !
      voici le scan demander mais jai pas reussi a faire le reste car sa me fait un flach jai quelque chose qui aparait dans la barre des taches et sa repart aussitot je vais tout de meme reessayer merci de ton aide

      eckard's System Scanner v20070611.50
      Run by Sanchez on 2007-06-14 at 22:06:17
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------



      -- HijackThis (run as Sanchez.exe) ---------------------------------------------

      Logfile of HijackThis v1.99.1
      Scan saved at 22:06:19, on 14/06/2007
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\BroadJump\Client Foundation\CFD.exe
      C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\System32\inetsrv\inetinfo.exe
      C:\WINDOWS\system32\pctspk.exe
      C:\WINDOWS\System32\tcpsvcs.exe
      C:\WINDOWS\System32\snmp.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\Documents and Settings\Sanchez\Local Settings\Temporary Internet Files\Content.IE5\KLMW61TR\dss[1].exe
      C:\PROGRA~1\HIJACK~1\Sanchez.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://start.mozilla.org/fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
      O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
      O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kav.exe" /minimize
      O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
      O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
      O4 - Global Startup: Anti-Hacker.lnk = ?
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: 4C74676 - Unknown owner - C:\WINDOWS\System32\4C74676.EXE (file missing)
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Anti-Virus Service (kavsvc) - Kaspersky Labs Ltd. - C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kavsvc.exe
      O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe


      -- Files created between 2007-05-14 and 2007-06-14 -----------------------------

      2007-06-14 16:26:41 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Talkback
      2007-06-14 07:16:57 0 dr-h----- C:\Documents and Settings\Sanchez\Recent
      2007-06-14 07:06:47 0 d--hs---- C:\undo
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.009
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.008
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.007
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.006
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.005
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.004
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.003
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.002
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.001
      2007-06-14 07:06:47 0 d--hs---- C:\FOUND.000
      2007-06-14 06:31:31 335 --a------ C:\WINDOWS\mozregistry.dat
      2007-06-13 15:57:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
      2007-06-13 15:55:12 3145728 --a------ C:\Documents and Settings\Sanchez\ntuser.dat
      2007-06-13 00:58:20 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
      2007-06-12 21:51:57 0 d-------- C:\Program Files\Fichiers communs\DriveCleaner Free
      2007-06-12 21:50:35 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
      2007-06-12 21:48:29 153088 --a------ C:\WINDOWS\System32\UNRAR3.dll
      2007-06-12 21:48:28 0 d-------- C:\Program Files\Trojan Remover
      2007-06-12 21:48:28 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Simply Super Software
      2007-06-12 21:45:02 0 d--h----- C:\Program Files\InstallShield Installation Information
      2007-06-12 21:43:36 0 d-------- C:\Program Files\Alice
      2007-06-11 20:11:20 30720 --a------ C:\WINDOWS\System32\poof.ren
      2007-06-11 20:08:12 0 d--hs---- C:\FOUND.020
      2007-06-03 16:49:16 74752 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>
      2007-06-01 20:03:18 0 d--hs---- C:\FOUND.019
      2007-05-28 11:28:30 0 d--hs---- C:\FOUND.018
      2007-05-16 17:50:54 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Apple Computer
      2007-05-16 17:46:10 0 d-------- C:\Program Files\QuickTime
      2007-05-16 17:43:09 0 d-------- C:\Program Files\Apple Software Update
      2007-05-16 17:40:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer


      -- Find3M Report ---------------------------------------------------------------

      2007-05-06 16:14:32 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Sun
      2007-04-14 17:37:08 0 d-------- C:\Program Files\SUPERAntiSpyware
      2007-04-14 17:37:08 0 d-------- C:\Documents and Settings\Sanchez\Application Data\SUPERAntiSpyware.com
      2007-04-14 17:36:24 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
      2007-04-03 22:45:12 1289 --a------ C:\WINDOWS\mozver.dat
      2007-04-01 16:01:20 4212 ---h----- C:\WINDOWS\System32\zllictbl.dat
      2007-03-25 16:32:00 0 --a------ C:\WINDOWS\nsreg.dat
      2007-03-21 16:53:20 1 --a------ C:\WINDOWS\System32\index.dat
      2007-03-20 19:31:40 32768 ---h----- C:\WINDOWS\$NtUninstallKB824151$


      -- Registry Dump ---------------------------------------------------------------

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
      {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
      {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      {9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
      {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
      "BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
      "KAVPersonal50"="\"C:\\Program Files\\Micro Application\\Sécurité Internet\\Anti-Virus Perso & Pro\\Anti-Virus\\kav.exe\" /minimize"
      "OESpamTest"="C:\\PROGRA~1\\MICROA~1\\SÉCURI~1\\ANTI-V~1\\ANTI-S~1\\OESpamTest.ExE"
      "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
      "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
      "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
      "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
      "drmpbdu"="c:\\windows\\system32\\drmpbdu.exe drmpbdu"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
      "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
      "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
      "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
      "DisableRegistryTools"=dword:00000000

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
      "333"="C:\\Syswm1f\\svchost.exe"
      "50"="C:\\SysAd5C\\svchost.exe"
      "4"="C:\\SysWsj4\\svchost.exe"
      "66"="C:\\SysDayN5\\svchost.exe"

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
      "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

      HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

      HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
      Authentication Packages REG_MULTI_SZ msv1_0\0\0
      Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
      Notification Packages REG_MULTI_SZ scecli\0\0


      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
      "LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

      [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
      LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
      NetworkService REG_MULTI_SZ DnsCache\0\0
      rpcss REG_MULTI_SZ RpcSs\0\0
      imgsvc REG_MULTI_SZ StiSvc\0\0
      termsvcs REG_MULTI_SZ TermService\0\0
      0
  9. riviere
     
    voici le scan demander mais jai pas reussi a faire le reste car sa me fait un flach jai quelque chose qui aparait dans la barre des taches et sa repart aussitot je vais tout de meme reessayer merci de ton aide

    eckard's System Scanner v20070611.50
    Run by Sanchez on 2007-06-14 at 22:06:17
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- HijackThis (run as Sanchez.exe) ---------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 22:06:19, on 14/06/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Documents and Settings\Sanchez\Local Settings\Temporary Internet Files\Content.IE5\KLMW61TR\dss[1].exe
    C:\PROGRA~1\HIJACK~1\Sanchez.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://start.mozilla.org/fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kav.exe" /minimize
    O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
    O4 - Global Startup: Anti-Hacker.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: 4C74676 - Unknown owner - C:\WINDOWS\System32\4C74676.EXE (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Anti-Virus Service (kavsvc) - Kaspersky Labs Ltd. - C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kavsvc.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

    -- Files created between 2007-05-14 and 2007-06-14 -----------------------------

    2007-06-14 16:26:41 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Talkback
    2007-06-14 07:16:57 0 dr-h----- C:\Documents and Settings\Sanchez\Recent
    2007-06-14 07:06:47 0 d--hs---- C:\undo
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.009
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.008
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.007
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.006
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.005
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.004
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.003
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.002
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.001
    2007-06-14 07:06:47 0 d--hs---- C:\FOUND.000
    2007-06-14 06:31:31 335 --a------ C:\WINDOWS\mozregistry.dat
    2007-06-13 15:57:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2007-06-13 15:55:12 3145728 --a------ C:\Documents and Settings\Sanchez\ntuser.dat
    2007-06-13 00:58:20 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    2007-06-12 21:51:57 0 d-------- C:\Program Files\Fichiers communs\DriveCleaner Free
    2007-06-12 21:50:35 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
    2007-06-12 21:48:29 153088 --a------ C:\WINDOWS\System32\UNRAR3.dll
    2007-06-12 21:48:28 0 d-------- C:\Program Files\Trojan Remover
    2007-06-12 21:48:28 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Simply Super Software
    2007-06-12 21:45:02 0 d--h----- C:\Program Files\InstallShield Installation Information
    2007-06-12 21:43:36 0 d-------- C:\Program Files\Alice
    2007-06-11 20:11:20 30720 --a------ C:\WINDOWS\System32\poof.ren
    2007-06-11 20:08:12 0 d--hs---- C:\FOUND.020
    2007-06-03 16:49:16 74752 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic pour Windows>
    2007-06-01 20:03:18 0 d--hs---- C:\FOUND.019
    2007-05-28 11:28:30 0 d--hs---- C:\FOUND.018
    2007-05-16 17:50:54 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Apple Computer
    2007-05-16 17:46:10 0 d-------- C:\Program Files\QuickTime
    2007-05-16 17:43:09 0 d-------- C:\Program Files\Apple Software Update
    2007-05-16 17:40:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer

    -- Find3M Report ---------------------------------------------------------------

    2007-05-06 16:14:32 0 d-------- C:\Documents and Settings\Sanchez\Application Data\Sun
    2007-04-14 17:37:08 0 d-------- C:\Program Files\SUPERAntiSpyware
    2007-04-14 17:37:08 0 d-------- C:\Documents and Settings\Sanchez\Application Data\SUPERAntiSpyware.com
    2007-04-14 17:36:24 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2007-04-03 22:45:12 1289 --a------ C:\WINDOWS\mozver.dat
    2007-04-01 16:01:20 4212 ---h----- C:\WINDOWS\System32\zllictbl.dat
    2007-03-25 16:32:00 0 --a------ C:\WINDOWS\nsreg.dat
    2007-03-21 16:53:20 1 --a------ C:\WINDOWS\System32\index.dat
    2007-03-20 19:31:40 32768 ---h----- C:\WINDOWS\$NtUninstallKB824151$

    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    {9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    {9394EDE7-C8B5-483E-8773-474BF36AF6E4} C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
    "KAVPersonal50"="\"C:\\Program Files\\Micro Application\\Sécurité Internet\\Anti-Virus Perso & Pro\\Anti-Virus\\kav.exe\" /minimize"
    "OESpamTest"="C:\\PROGRA~1\\MICROA~1\\SÉCURI~1\\ANTI-V~1\\ANTI-S~1\\OESpamTest.ExE"
    "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "drmpbdu"="c:\\windows\\system32\\drmpbdu.exe drmpbdu"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "333"="C:\\Syswm1f\\svchost.exe"
    "50"="C:\\SysAd5C\\svchost.exe"
    "4"="C:\\SysWsj4\\svchost.exe"
    "66"="C:\\SysDayN5\\svchost.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
    "LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0

    -- End of Deckard's System Scanner: finished at 2007-06-14 at 22:06:54 ---------
    0
  10. Utilisateur anonyme
     
    Ok, très bien :

    - Cic sur démarrer, poste de travail, C:,Program Files, Fichiers communs, cherche et supprime ce dossier :

    - DriveCleaner Free

    Télécharge et double-clic sur ce fichier et accepte la fusion au registre c'est pour corriger des saloperies qui sont dans le registre
    ----> https://www.cjoint.com/?goxpOxx3d2

    ¤ Télécharge ce programme puis double clic dessus (ferme ton antivirus s'il te détecte quoi que ce soit)
    --> http://www.suspectfile.com/systemscan/

    * Coche uniquement ces cases, décoche tout le reste :

    - Recent Files, 30 days
    - Registry Run Key
    - Loaded modules
    - Hidden objects
    - suspucious files

    Puis clic sur scan now, soit patient.
    Une fois qu'il aura terminé, un rapport va s'ouvrir, copie et colle son contenu ici et vérifie qu'il soit bien en entier, si besoin crée deux messages.
    0
    1. riviere
       
      ok merci j'ai reussi a trouver et a suprimer drivecleaner free j'ai fait le 1er telechargement que tu ma indiquer sa ma juste dit que cet enregistret dans le registre es ce normal ? ensuite j'ai fait le 2 ieme telechargement indiquer le scan est en court des qu'il est terminer j'envoie. merci de ton aide
      0
    2. riviere
       
      escuse de t'ennuier mais je voulais savoir si il fallait que je desactive ou non se que tu m'avais demander avant de faire le scan du 2ieme telechargement que tu ma dit de faire merci de ton aide
      0
    3. riviere
       
      bonjour je trouve bizzare car le scan que tu ma demander cet effectuer mais il y a pas grand chose sur les resultats es ce normal ? regarde

      catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-06-15 07:23:34
      Windows 5.1.2600 FAT NTAPI

      scanning hidden processes ...

      scanning hidden services ...

      scanning hidden autostart entries ...

      scanning hidden files ...
      0
    4. riviere
       
      je repond a ton message <16> auquel je pense qu'il y a un ptit soucis avec le resultat du scan voila se que sa me donne es ce normal

      catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-06-15 17:09:17
      Windows 5.1.2600 FAT NTAPI

      scanning hidden processes ...

      scanning hidden services ...

      scanning hidden autostart entries ...

      scanning hidden files ...
      0
  11. Utilisateur anonyme
     
    Oui c'est normal que ce soit enregistré dans le registre ça signifie que c'est prit en compte.

    Oui, désactive le service que je t'ai indiqué, quant à ton anti-virus, pare-feu, tu peux les réactiver pas de problème !
    0
    1. riviere
       
      bonjour, j'ai bien essayer de les desactiver mais je peut pas quand je fait un clic droit de la souris deçu tous est griser sauf redemarrer alor que faire ?
      0
  12. Utilisateur anonyme
     
    Fais ce que je t'ai demandé au message <16> et continue ta réponse à la fin du message on comprend plus rien là
    0
  13. Utilisateur anonyme
     
    Non ! je te demande d'exécuter un logiciel à mon message 16 ça n'a rien a voir avec gmer :-/
    0
    1. riviere
       
      [Run]
      "BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe"
      "KAVPersonal50"="\"C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Virus\kav.exe\" /minimize"
      "OESpamTest"="C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE"
      "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe"
      "ZoneAlarm Client"="\"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe\""
      "SunJavaUpdateSched"="\"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe\""
      "QuickTime Task"="\"C:\Program Files\QuickTime\qttask.exe\" -atboottime"
      "drmpbdu"="c:\windows\system32\drmpbdu.exe drmpbdu"

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\Run-----

      [Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe"
      "MsnMsgr"="\"C:\Program Files\MSN Messenger\MsnMsgr.Exe\" /background"
      "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

      -----HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run-----

      [Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE"

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-----

      [run]

      -----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows-----

      [Windows]
      "AppInit_DLLs"=""

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad-----

      [ShellServiceObjectDelayLoad]
      "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
      #### HKCR\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
      "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
      #### HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"
      "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
      #### HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32 @=expand:"%SystemRoot%\System32\webcheck.dll"
      "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
      #### HKCR\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32 @="C:\WINDOWS\System32\stobject.dll"
      "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
      #### HKCR\CLSID\{e57ce738-33e8-4c51-8354-bb4de9d215d1}\InprocServer32 @="C:\WINDOWS\System32\upnpui.dll"

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks-----

      [ShellExecuteHooks]
      "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
      #### HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 @="shell32.dll"
      "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
      #### HKCR\CLSID\{57B86673-276A-48B2-BAE7-C6DBB3020EB8}\InprocServer32 @="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll"
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
      #### HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\InprocServer32 @="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL"

      -----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

      [Winlogon]
      "Shell"="Explorer.exe"
      "System"=""
      "Userinit"="C:\WINDOWS\system32\userinit.exe,"
      "VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
      "UIHost"=expand:"logonui.exe"
      "LogonType"=dword:00000001
      "WinStationsDisabled"="0"

      [Winlogon\GPExtensions]

      [Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
      "@="Folder Redirection"
      "DllName"=expand:"fdeploy.dll"

      [Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
      "@="Quota du disque Microsoft"
      "DllName"=expand:"dskquota.dll"

      [Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
      "@="Planificateur de paquets QoS"
      "DllName"=expand:"gptext.dll"

      [Winlogon\GPExtensions\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}]
      "@="Scripts"
      "DllName"=expand:"gptext.dll"

      [Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
      "DllName"=expand:"scecli.dll"
      "@="Security"

      [Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
      "DllName"=expand:"iedkcs32.dll"
      "@="Personnalisation de Internet Explorer"

      [Winlogon\GPExtensions\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}]
      "DllName"=expand:"scecli.dll"
      "@="EFS recovery"

      [Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}]
      "@="Installation de logiciel"
      "DllName"=expand:"appmgmts.dll"

      [Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
      "@="Sécurité IP"
      "DllName"=expand:"gptext.dll"

      [Winlogon\Notify]

      [Winlogon\Notify\!SASWinLogon]
      "DllName"="C:\Program Files\SUPERAntiSpyware\SASWINLO.dll"
      "Logon"="SABWINLOLogon"
      "Logoff"="SABWINLOLogoff"
      "Startup"="SABWINLOStartup"

      [Winlogon\Notify\crypt32chain]
      "DllName"=expand:"crypt32.dll"
      "Logoff"="ChainWlxLogoffEvent"

      [Winlogon\Notify\cryptnet]
      "DllName"=expand:"cryptnet.dll"
      "Logoff"="CryptnetWlxLogoffEvent"

      [Winlogon\Notify\cscdll]
      "DLLName"="cscdll.dll"
      "Logon"="WinlogonLogonEvent"
      "Logoff"="WinlogonLogoffEvent"
      "ScreenSaver"="WinlogonScreenSaverEvent"
      "Startup"="WinlogonStartupEvent"
      "StartShell"="WinlogonStartShellEvent"

      [Winlogon\Notify\ScCertProp]
      "DLLName"="wlnotify.dll"
      "Logon"="SCardStartCertProp"
      "Logoff"="SCardStopCertProp"
      "Lock"="SCardSuspendCertProp"
      "Unlock"="SCardResumeCertProp"
      "Enabled"=dword:00000001

      [Winlogon\Notify\Schedule]
      "DllName"=expand:"wlnotify.dll"
      "StartShell"="SchedStartShell"
      "Logoff"="SchedEventLogOff"

      [Winlogon\Notify\sclgntfy]
      "Logoff"="WLEventLogoff"
      "DllName"=expand:"sclgntfy.dll"

      [Winlogon\Notify\SensLogn]
      "DLLName"="WlNotify.dll"
      "Lock"="SensLockEvent"
      "Logon"="SensLogonEvent"
      "Logoff"="SensLogoffEvent"
      "Safe"=dword:00000001
      "MaxWait"=dword:00000258
      "StartScreenSaver"="SensStartScreenSaverEvent"
      "StopScreenSaver"="SensStopScreenSaverEvent"
      "Startup"="SensStartupEvent"
      "StartShell"="SensStartShellEvent"
      "PostShell"="SensPostShellEvent"
      "Disconnect"="SensDisconnectEvent"
      "Reconnect"="SensReconnectEvent"
      "Unlock"="SensUnlockEvent"

      [Winlogon\Notify\termsrv]
      "DllName"=expand:"wlnotify.dll"
      "Logoff"="TSEventLogoff"
      "Logon"="TSEventLogon"
      "PostShell"="TSEventPostShell"
      "StartShell"="TSEventStartShell"
      "Startup"="TSEventStartup"
      "MaxWait"=dword:00000258
      "Reconnect"="TSEventReconnect"
      "Disconnect"="TSEventDisconnect"

      [Winlogon\Notify\wlballoon]
      "DLLName"="wlnotify.dll"
      "Logon"="RegisterTicketExpiredNotificationEvent"
      "Logoff"="UnregisterTicketExpiredNotificationEvent"

      [Winlogon\PrevOsVersion]

      [Winlogon\SpecialAccounts]

      [Winlogon\SpecialAccounts\UserList]
      "HelpAssistant"=dword:00000000
      "TsInternetUser"=dword:00000000
      "SQLAgentCmdExec"=dword:00000000
      "NetShowServices"=dword:00000000
      "IWAM_"=dword:00010000
      "IUSR_"=dword:00010000
      "VUSR_"=dword:00010000

      -----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-----

      [Winlogon]
      "ParseAutoexec"="0"
      "ExcludeProfileDirs"="Local Settings;Temporary Internet Files;Historique;Temp"
      "BuildNumber"=dword:00000a28

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options-----

      [Image File Execution Options\Your Image File Name Here without a path]
      "Debugger"="ntsd -d"

      -----HKLM\System\CurrentControlSet\Control\Session Manager\-----

      [Session Manager]
      "BootExecute"=multi:"autocheck autochk *\00\00"

      [Session Manager\SubSystems]
      "Windows"=expand:"%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"

      -----HKLM\SYSTEM\CurrentControlSet\Control\WOW-----

      [WOW]
      "cmdline"=expand:"%SystemRoot%\system32\ntvdm.exe"
      "wowcmdline"=expand:"%SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386"

      -----HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run-----

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

      [RunOnce]

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

      [RunOnceEx]

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices-----

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce-----

      [RunOnce]

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx-----

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices-----

      -----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run-----

      -----HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce-----

      -----HKLM\Software\Microsoft\Command Processor\Autorun-----

      -----HKCU\Software\Microsoft\Command Processor\Autorun-----

      -----HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load-----

      -----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Startup-----

      -----HKCU\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

      -----HKLM\Software\Policies\Microsoft\Windows\System\Scripts\Logon-----

      -----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

      -----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Run-----

      -----HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms-----

      -----HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TerminalServer\Install\Software\Microsoft\Windows\CurrentVersion\Runonce-----

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler-----

      [SharedTaskScheduler]
      "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
      #### HKCR\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 @=expand:"%SystemRoot%\System32\browseui.dll"
      "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
      #### HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 @=expand:"%SystemRoot%\System32\browseui.dll"

      -----HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects-----

      [Browser Helper Objects]

      [Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
      #### HKCR\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\InprocServer32 @="C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"

      [Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
      #### HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InprocServer32 @="C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll"
      "NoExplorer"=dword:00000001

      [Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
      @=""

      [Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
      #### HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\InprocServer32 @="C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll"

      [Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
      #### HKCR\CLSID\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}\InprocServer32 @="C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll"

      [Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
      #### HKCR\CLSID\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\InprocServer32 @="C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll"

      -----HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks-----

      [URLSearchHooks]
      "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=""
      #### HKCR\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 @=expand:"%SystemRoot%\System32\shdocvw.dll"

      -----HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder-----

      -----HKCU\Control Panel\Desktop\-----

      [desktop]
      "SCRNSAVE.EXE"="C:\WINDOWS\System32\ssstars.scr"

      [desktop\ResourceLocale]

      [desktop\WindowMetrics]

      -----HKEY_CLASSES_ROOT\exefile\shell\open\command-----

      [command]
      @="\"%1\" %*"

      -----HKEY_CLASSES_ROOT\comfile\shell\open\command-----

      [command]
      @="\"%1\" %*"

      -----HKEY_CLASSES_ROOT\batfile\shell\open\command-----

      [command]
      @="\"%1\" %*"

      -----HKEY_CLASSES_ROOT\piffile\shell\open\command-----

      [command]
      @="\"%1\" %*"

      -----HKEY_CLASSES_ROOT\scrFile\shell\open\command-----

      [command]
      @="\"%1\" /S"

      -----HKEY_CLASSES_ROOT\htafile\shell\open\command-----

      [Command]
      @="C:\WINDOWS\System32\mshta.exe \"%1\" %*"

      -----HKEY_CLASSES_ROOT\logfile\shell\open\command-----

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL-----

      [URL]

      [URL\DefaultPrefix]
      @="http://"

      [URL\Prefixes]
      "ftp"="ftp://"
      "gopher"="gopher://"
      "home"="http://"
      "mosaic"="http://"
      "www"="http://"

      -----HKLM\SYSTEM\CurrentControlSet\Control\Lsa-----

      [Lsa]
      "Authentication Packages"=multi:"msv1_0\00\00"
      "Bounds"=hex:00,30,00,00,00,20,00,00
      "Security Packages"=multi:"kerberos\00msv1_0\00schannel\00wdigest\00\00"
      "LsaPid"=dword:0000022c
      "SecureBoot"=dword:00000001
      "auditbaseobjects"=dword:00000000
      0
    2. riviere
       
      "crashonauditfail"=dword:00000000
      "disabledomaincreds"=dword:00000000
      "everyoneincludesanonymous"=dword:00000000
      "fipsalgorithmpolicy"=dword:00000000
      "forceguest"=dword:00000001
      "fullprivilegeauditing"=hex:00
      "limitblankpassworduse"=dword:00000001
      "lmcompatibilitylevel"=dword:00000000
      "nodefaultadminowner"=dword:00000001
      "nolmhash"=dword:00000000
      "restrictanonymous"=dword:00000000
      "restrictanonymoussam"=dword:00000001
      "Notification Packages"=multi:"scecli\00\00"

      [Lsa\AccessProviders]
      "ProviderOrder"=multi:"Windows NT Access Provider\00\00"

      [Lsa\AccessProviders\Windows NT Access Provider]
      "ProviderPath"=expand:"%SystemRoot%\system32\ntmarta.dll"

      [Lsa\Data]
      @Class="1c59d534"
      "Pattern"=hex:32,13,40,d2,4b,41,bb,95,1e,b6,cf,30,91,d8,82,98,31,63,35,39,64,\
      35,33,34,00,67,07,00,01,00,00,00,dc,00,00,00,e0,00,00,00,48,fa,06,00,97,55,\
      51,74,04,00,00,00,a0,fd,06,00,b8,fd,06,00,5a,45,3c,8c

      [Lsa\GBG]
      @Class="5af1e892"
      "GrafBlumGroup"=hex:57,66,a0,06,58,23,cb,cb,6c

      [Lsa\JD]
      @Class="fa7b8cea"
      "Lookup"=hex:c9,b4,47,89,3e,a4

      [Lsa\Kerberos]

      [Lsa\Kerberos\Domains]

      [Lsa\Kerberos\SidCache]

      [Lsa\MSV1_0]
      "Auth132"="iissuba"
      "ntlmminclientsec"=dword:00000000
      "ntlmminserversec"=dword:00000000

      [Lsa\Skew1]
      @Class="3c45c6c1"
      "SkewMatrix"=hex:a6,f7,ee,8b,a9,42,5b,d4,19,ca,cf,a6,00,95,32,40

      [Lsa\SSO]

      [Lsa\SSO\Passport1.4]
      "SSOURL"="http://www.passport.com"

      [Lsa\SspiCache]
      "Time"=hex:e0,d2,af,70,ac,61,c7,01

      [Lsa\SspiCache\digest.dll]
      "Name"="Digest"
      "Comment"="Digest SSPI Authentication Package"
      "Capabilities"=dword:00004050
      "RpcId"=dword:0000ffff
      "Version"=dword:00000001
      "TokenSize"=dword:0000ffff
      "Time"=hex:00,e0,8c,f6,b8,2f,c1,01
      "Type"=dword:00000031

      [Lsa\SspiCache\msapsspc.dll]
      "Name"="DPA"
      "Comment"="DPA Security Package"
      "Capabilities"=dword:00000037
      "RpcId"=dword:00000011
      "Version"=dword:00000001
      "TokenSize"=dword:00000300
      "Time"=hex:00,e0,8c,f6,b8,2f,c1,01
      "Type"=dword:00000031

      [Lsa\SspiCache\msnsspc.dll]
      "Name"="MSN"
      "Comment"="MSN Security Package"
      "Capabilities"=dword:00000037
      "RpcId"=dword:00000012
      "Version"=dword:00000001
      "TokenSize"=dword:00000300
      "Time"=hex:00,e0,8c,f6,b8,2f,c1,01
      "Type"=dword:00000031

      -----HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess-----

      [SharedAccess]
      "Type"=dword:00000020
      "Start"=dword:00000003
      "ErrorControl"=dword:00000001
      "ImagePath"=expand:"%SystemRoot%\System32\svchost.exe -k netsvcs"
      "DisplayName"="Pare-feu de connexion Internet (ICF) / Partage de connexion Internet (ICS)"
      "DependOnService"=multi:"Netman\00NLA\00RasMan\00ALG\00\00"
      "DependOnGroup"=multi:"\00"
      "ObjectName"="LocalSystem"
      "Description"="Assure la traduction d'adresses de réseau, l'adressage, les services de résolution de noms et/ou les services de prévention d'intrusion pour un réseau de petite entreprise ou un réseau domestique."

      [SharedAccess\Parameters]
      "ServiceDll"=expand:"%SystemRoot%\System32\ipnathlp.dll"

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Firewall\-----

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Winsock2-----

      -----HKLM\Software\Microsoft\Ole-----

      [Ole]
      "DefaultLaunchPermission"=hex:01,00,04,80,b4,00,00,00,d0,00,00,00,00,00,00,00,\
      14,00,00,00,02,00,a0,00,05,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,\
      00,00,05,12,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,01,00,00,00,00,\
      00,05,04,00,00,00,00,00,00,00,00,00,18,00,01,00,00,00,01,02,00,00,00,00,00,\
      05,20,00,00,00,20,02,00,00,00,00,24,00,01,00,00,00,01,05,00,00,00,00,00,05,\
      15,00,00,00,09,3a,2a,24,eb,25,79,2c,16,c0,ea,32,ec,03,00,00,00,00,24,00,01,\
      00,00,00,01,05,00,00,00,00,00,05,15,00,00,00,09,3a,2a,24,eb,25,79,2c,16,c0,\
      ea,32,ed,03,00,00,15,00,00,00,a0,5f,84,1f,01,05,00,00,00,00,00,05,15,00,00,\
      00,a0,5f,84,1f,5e,2e,6b,49,ce,12,03,03,f4,01,00,00,01,05,00,00,00,00,00,05,\
      15,00,00,00,a0,5f,84,1f,5e,2e,6b,49,ce,12,03,03,f4,01,00,00
      "EnableDCOM"="Y"
      "EnableRemoteConnect"="N"

      -----HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\-----

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\-----

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\-----

      [SystemRestore]
      "DisableSR"=dword:00000000
      "CreateFirstRunRp"=dword:00000001
      "DSMin"=dword:000000c8
      "DSMax"=dword:00000190
      "RPSessionInterval"=dword:00000000
      "RPGlobalInterval"=dword:00015180
      "RPLifeInterval"=dword:0076a700
      "CompressionBurst"=dword:0000003c
      "TimerInterval"=dword:00000078
      "DiskPercent"=dword:0000000c
      "ThawInterval"=dword:00000384
      "RestoreDiskSpaceError"=dword:00000000
      "RestoreStatus"=dword:00000001
      "RestoreSafeModeStatus"=dword:00000000

      [SystemRestore\Cfg]
      "DiskPercent"=dword:0000000c
      "MachineGuid"="{2E85A16F-9FC7-4B38-9445-06D25E25B2F7}"

      [SystemRestore\SnapshotCallbacks]
      @=""

      -----HKEY_CURRENT_USER\Software\VB and VBA Program Settings-----

      [VB and VBA Program Settings]

      [VB and VBA Program Settings\CCleaner]

      [VB and VBA Program Settings\CCleaner\Options]

      -----HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\-----

      [MountPoints2]

      [MountPoints2\A]
      "BaseClass"="Drive"

      [MountPoints2\C]
      "BaseClass"="Drive"

      [MountPoints2\D]
      "BaseClass"="Drive"

      [MountPoints2\E]
      "BaseClass"="Drive"

      [MountPoints2\F]
      "BaseClass"="Drive"

      [MountPoints2\{1b7d06c1-ca4e-11db-86b2-806d6172696f}]
      "BaseClass"="Drive"

      [MountPoints2\{1b7d06c3-ca4e-11db-86b2-806d6172696f}]
      "BaseClass"="Drive"
      "_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,cf,5f,5f,5f,5f,cf,cf,5f,5f,\
      cf,cf,cf,5f,5f,cf,cf,cf,5f,5f,cf,5f,5f,5f,5f,5f,cf,5f,5f,5f,5f,cf,5f,5f,5f,\
      cf,cf,5f,5f,5f,5f,df,5f,5f,5f,5f,5f,5f,5f,5f,5f,5f,00,00,00,20,00,00,00,00,\
      00,00,00

      [MountPoints2\{1b7d06c4-ca4e-11db-86b2-806d6172696f}]
      "BaseClass"="Drive"
      "_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,cf,5f,5f,5f,5f,cf,cf,5f,5f,\
      cf,cf,cf,5f,5f,cf,cf,cf,5f,5f,cf,5f,5f,5f,5f,5f,cf,5f,5f,5f,5f,cf,5f,5f,5f,\
      cf,cf,5f,5f,5f,5f,df,5f,5f,5f,5f,5f,5f,5f,5f,5f,5f,00,00,00,e0,00,00,00,00,\
      00,00,00

      [MountPoints2\{1b7d06c5-ca4e-11db-86b2-806d6172696f}]
      "BaseClass"="Drive"

      [MountPoints2\{303be920-d949-11db-86e4-00e04c030aa9}]
      "BaseClass"="Drive"
      "_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,\
      df,df,df,5f,5f,df,df,df,5f,5f,df,5f,5f,5f,5f,5f,cf,5f,5f,5f,5f,cf,5f,5f,5f,\
      01,01,00,5f,cf,cf,00,5f,5f,5f,5f,5f,5f,5f,5f,5f,5f,00,00,00,00,10,00,00,08,\
      00,00,00
      0
    3. riviere
       
      [MountPoints2\{e688af20-e54e-11db-8710-00163856adb5}]
      "BaseClass"="Drive"
      "_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,\
      df,df,df,5f,5f,df,df,df,5f,5f,df,5f,5f,5f,5f,5f,00,5f,5f,5f,5f,01,00,ee,ff,\
      ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,10,00,00,08,\
      02,00,00

      [MountPoints2\{e688af20-e54e-11db-8710-00163856adb5}\shell]
      @="None"

      [MountPoints2\{e688af20-e54e-11db-8710-00163856adb5}\shell\Autoplay]
      "MUIVerb"="@shell32.dll,-8504"

      [MountPoints2\{e688af20-e54e-11db-8710-00163856adb5}\shell\Autoplay\DropTarget]
      "CLSID"="{f26a669a-bcbb-4e37-abf9-7325da15f931}"
      #### HKCR\CLSID\{f26a669a-bcbb-4e37-abf9-7325da15f931}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"

      [MountPoints2\{e688af21-e54e-11db-8710-00163856adb5}]
      "BaseClass"="Drive"
      "_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,\
      df,df,df,5f,5f,df,df,df,5f,5f,df,5f,5f,5f,5f,5f,00,5f,5f,5f,5f,01,00,ee,ff,\
      ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,10,00,00,08,\
      02,00,00

      [MountPoints2\{e688af21-e54e-11db-8710-00163856adb5}\shell]
      @="None"

      [MountPoints2\{e688af21-e54e-11db-8710-00163856adb5}\shell\Autoplay]
      "MUIVerb"="@shell32.dll,-8504"

      [MountPoints2\{e688af21-e54e-11db-8710-00163856adb5}\shell\Autoplay\DropTarget]
      "CLSID"="{f26a669a-bcbb-4e37-abf9-7325da15f931}"
      #### HKCR\CLSID\{f26a669a-bcbb-4e37-abf9-7325da15f931}\InprocServer32 @=expand:"%SystemRoot%\system32\SHELL32.dll"

      -----HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions-----

      [AdvancedOptions]

      -----HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions-----

      -----HKLM\Software\Microsoft\Active Setup\Installed Components-----

      [Installed Components]

      [Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
      "@="Personnalisation du navigateur"
      "ComponentID"="BRANDING.CAB"
      "StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"

      [Installed Components\MmoptPreferredAudioDevices]
      "@="Installation de Windows - Multimédia"

      [Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
      "@="Microsoft VM"
      "ComponentID"="JAVAVM"
      "KeyFileName"="C:\WINDOWS\System32\msjava.dll"

      [Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608555}]
      "@="IEJAVA"
      "ComponentID"="IEJAVA"

      [Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
      "@="Rendu VML (Vector Graphics Rendering)"
      "ComponentID"="MSVML"

      [Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}]
      #### HKCR\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\InprocServer32 @="C:\WINDOWS\SYSTEM32\MACROMED\DIRECTOR\SWDIR.DLL"
      "@="Macromedia Shockwave Director 7.0.0"
      "ComponentID"="Director"

      [Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
      #### HKCR\CLSID\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}\InprocServer32 @="C:\WINDOWS\System32\msdxm.ocx"
      "ComponentID"="NetShow"
      "StubPath"=""

      [Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
      #### HKCR\CLSID\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\InprocServer32 @="C:\WINDOWS\System32\msdxm.ocx"
      "ComponentID"="Microsoft Windows Media Player"
      "StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT"
      "@="Lecteur Windows Media Microsoft 6.4"

      [Installed Components\{280ad020-daec-11d2-83c7-0000f8051539}]
      "@="Mise à jour pour les processeurs d'ordinateurs portables"

      [Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
      #### HKCR\CLSID\{283807B5-2C60-11D0-A31D-00AA00B92C03}\InprocServer32 @="C:\WINDOWS\System32\danim.dll"
      "@="DirectAnimation"
      "ComponentID"="DirectAnimation"

      [Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}]
      "@="Macromedia Shockwave Director 7.0.0"
      "ComponentID"="Director"

      [Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
      "@="Themes Setup"
      "ComponentID"="Theme Component"
      "StubPath"=expand:"%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll"

      [Installed Components\{34718640-ecfa-11d2-b5da-00a0c90833e8}]
      "@="Windows 98 Deuxième Édition"

      [Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
      "@="Liaison de données Dynamic HTML pour Java"
      "ComponentID"="TridataJava"

      [Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}]
      "@="Logiciel de navigation hors connexion"
      "ComponentID"="MobilePk"

      [Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
      "@="Uniscribe"
      "ComponentID"="USP10"

      [Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}]
      "@="Création avancée"
      "ComponentID"="AdvAuth"

      [Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
      "@="Microsoft Outlook Express 6"
      "ComponentID"="MailNews"
      "StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:OE /CALLER:WINNT /user /install"

      [Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
      "@="NetMeeting 3.01"
      "ComponentID"="NetMeeting"
      "StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT"

      [Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
      "@="DirectShow"
      "ComponentID"="activemovie"

      [Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015D}]
      "@="DirectX"
      "ComponentID"="DirectXMini"

      [Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
      "@="DirectDrawEx"
      "ComponentID"="DirectDrawEx"

      [Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
      "@="Aide sur Internet Explorer"
      "ComponentID"="HelpCont"

      [Installed Components\{47f67d00-9e55-11d1-baef-00c04fc2d130}]
      "@="Fichiers de prise en charge de AOL"
      "ComponentID"="AOLSUPP"

      [Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
      "@="Classes Java DirectAnimation"
      "ComponentID"="DAJava"

      [Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
      "@="Microsoft Windows Script 5.6"
      "ComponentID"="MSVBScript"

      [Installed Components\{50daafc0-e217-11d2-83c7-0000f8051539}]
      "@="Correction continue des opérations Windows"

      [Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
      "KeyFileName"="C:\Program Files\Messenger\msmsgs.exe"
      "@="Windows Messenger 4.0"
      "ComponentID"="Messenger"
      "StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser"

      [Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
      "(Default)"="Internet Connection Wizard"
      "ComponentID"="ICW"
      "@="Internet Connection Wizard"

      [Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
      "@="Outils d'installation Internet Explorer"
      "ComponentID"="GenSetup"

      [Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
      "@="Améliorations pour la navigation"
      "ComponentID"="ExtraPack"
      "KeyFileName"="C:\WINDOWS\System32\msieftp.dll"

      [Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
      #### HKCR\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\InprocServer32 @="C:\WINDOWS\System32\wmp.ocx"
      "@="Microsoft Windows Media Player 8"
      "ComponentID"="Microsoft Windows Media Player 8"
      "StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub"

      [Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
      "@="Accès au site MSN"
      "ComponentID"="MSN_Auth"

      [Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
      "@="Carnet d'adresses 6"
      "ComponentID"="WAB"
      "StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install"

      [Installed Components\{893c7200-9dd-11d2-b0d6-00c04f777f0c}]
      "@="Mise à jour des bibliothèques Microsoft"

      [Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
      "@="Mise à jour du Bureau Windows"
      "ComponentID"="IE4Shell_NT"
      "StubPath"=expand:"regsvr32.exe /s /n /i:U shell32.dll"

      [Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
      "@="Internet Explorer 6"
      "ComponentID"="BASEIE40_W2K"
      "StubPath"=expand:"%SystemRoot%\system32\ie4uinit.exe"

      [Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix]

      [Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
      "@="Fax"
      "ComponentID"="Fax"
      "StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser"

      [Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
      "@="Liaison de données Dynamic HTML"
      "ComponentID"="Tridata"

      [Installed Components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}]
      "@="Fax Provider"
      "ComponentID"="Fax Provider"
      "StubPath"=""

      [Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}]
      "@="Accès Internet Explorer"
      "ComponentID"="IEACCESS"
      "StubPath"=expand:"rundll32 iesetup.dll,IEAccessUserInst"

      [Installed Components\{b59c7da0-daea-11d2-83c7-0000f8051539}]
      "@="Mise à jour de l'Assistant Inscription"

      [Installed Components\{B9A1063C-F9CC-11D1-8E01-0020AFE53FCF}]
      "@="Mise à jour Active accessibility"

      [Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}]
      "@="Polices de base Internet Explorer"
      "ComponentID"="Fontcore"

      [Installed Components\{CA0A4247-44BE-11d1-A005-00805F8ABE06}]
      "@="Paramètres de gestion de l'alimentation"
      "StubPath"="RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf"

      [Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
      "@="Planificateur de tâches"
      "ComponentID"="MSTASK"

      [Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      "@="Adobe Flash Player 9 ActiveX"
      "ComponentID"="Flash"

      [Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
      "@="Aide HTML"
      "ComponentID"="HTMLHelp"

      [Installed Components\{E5925FA0-73D1-11D2-BCC5-0000F83002C6}]
      "@="Correctifs An 2000 pour Windows 98"

      [Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
      "@="Active Directory Service Interface"
      "ComponentID"="ADSI"

      -----Comparing registry keys CCS1 vs CCS2 -----
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Dhcp\Parameters {6CA1C0AF-6945-4DA1-8ED7-4053A87B9809} REG_BINARY 06000000000000000400000000000000D2E77246C0A8010103000000000000000400000000000000D2E77246C0A8010101000000000000000400000000000000D2E77246FFFFFF0036000000000000000400000000000000D2E77246C0A8010135000000000000000100000000000000D2E7724605000000330000000000000004000000000000009E2A744600015180
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Dhcp\Parameters {6CA1C0AF-6945-4DA1-8ED7-4053A87B9809} REG_BINARY 060000000000000004000000000000009E2A7446C0A80101030000000000000004000000000000009E2A7446C0A80101010000000000000004000000000000009E2A7446FFFFFF00330000000000000004000000000000009E2A744600015180360000000000000004000000000000009E2A7446C0A80101350000000000000001000000000000009E2A744605000000
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ C:\WINDOWS\System32\ESENT.dll
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ C:\WINDOWS\System32\ESENT.dll
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\Microsoft H.323 Telephony Service Provider
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\DS
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\LSA
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\NetDDE Object
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\SC Manager
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security Account Manager
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Spooler
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Kl1 InData REG_BINARY 96731C0000000000
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Kl1 InData REG_BINARY 9404000000000000
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Kl1 OutData REG_BINARY C363050000000000
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Kl1 OutData REG_BINARY 2201000000000000
      > Value: HKEY_LOCAL_MACHINE\system\controlset002\services\MRxDAV\EncryptedDirectories
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services\srescan\Parameters\Loaded

      Result compared: Different


      -----Comparing registry keys CCS1 vs CCS3 -----
      < Value: HKEY_LOCAL_MACHINE\system\controlset001\services

      Result compared: Identical


      ===================== loaded Dlls =====================

      *** NOTE *** Process iesanhppba.exe belongs to SystemScan
      Already known legit dlls are not shown

      ------------------------------------------------------------------------------
      System pid: 4
      Command line: <no command line>
      ------------------------------------------------------------------------------
      SMSS.EXE pid: 336
      Command line: \SystemRoot\System32\smss.exe

      Base Size Version Path
      0x48580000 0xe000 \SystemRoot\System32\smss.exe
      ------------------------------------------------------------------------------
      CSRSS.EXE pid: 468
      Command line: C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

      Base Size Version Path
      0x4a680000 0x4000 \??\C:\WINDOWS\system32\csrss.exe
      0x75ad0000 0xa000 5.01.2600.0000 C:\WINDOWS\system32\CSRSRV.dll
      0x75ae0000 0xe000 5.01.2600.0000 C:\WINDOWS\system32\basesrv.dll
      0x75af0000 0x46000 5.01.2600.0000 C:\WINDOWS\system32\winsrv.dll
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      ------------------------------------------------------------------------------
      WINLOGON.EXE pid: 492
      Command line: winlogon.exe

      Base Size Version Path
      0x01000000 0x6f000 \??\C:\WINDOWS\system32\winlogon.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76c70000 0x10000 5.01.2600.0000 C:\WINDOWS\system32\AUTHZ.dll
      0x008f0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x10000000 0x47000 1.00.0000.1030 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      ------------------------------------------------------------------------------
      SERVICES.EXE pid: 544
      Command line: C:\WINDOWS\system32\services.exe

      Base Size Version Path
      0x01000000 0x1b000 5.01.2600.0000 C:\WINDOWS\system32\services.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x75860000 0x50000 5.01.2600.0000 C:\WINDOWS\system32\SCESRV.dll
      0x76c70000 0x10000 5.01.2600.0000 C:\WINDOWS\system32\AUTHZ.dll
      0x75840000 0x1c000 5.01.2600.0000 C:\WINDOWS\system32\umpnpmgr.dll
      0x75820000 0xf000 5.01.2600.0000 C:\WINDOWS\system32\eventlog.dll
      ------------------------------------------------------------------------------
      LSASS.EXE pid: 556
      Command line: C:\WINDOWS\system32\lsass.exe

      Base Size Version Path
      0x01000000 0x5000 5.01.2600.0000 C:\WINDOWS\system32\lsass.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x74490000 0xa8000 5.01.2600.0000 C:\WINDOWS\system32\LSASRV.dll
      0x743b0000 0x6d000 5.01.2600.0000 C:\WINDOWS\system32\SAMSRV.dll
      0x76730000 0xb000 5.01.2600.0000 C:\WINDOWS\system32\cryptdll.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\system32\DNSAPI.dll
      0x76740000 0x13000 5.01.2600.0000 C:\WINDOWS\system32\NTDSAPI.dll
      0x74310000 0xd000 5.01.2600.0000 C:\WINDOWS\system32\msprivs.dll
      0x71c50000 0x44000 5.01.2600.0000 C:\WINDOWS\system32\kerberos.dll
      0x74420000 0x63000 5.01.2600.0000 C:\WINDOWS\system32\netlogon.dll
      0x76760000 0x2b000 5.01.2600.0000 C:\WINDOWS\system32\w32time.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\system32\MSVCP60.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\system32\ATL.DLL
      0x008e0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x76790000 0x24000 5.01.2600.0000 C:\WINDOWS\system32\schannel.dll
      0x742e0000 0xf000 5.01.2600.0000 C:\WINDOWS\system32\wdigest.dll
      0x74370000 0x2f000 5.01.2600.0000 C:\WINDOWS\system32\scecli.dll
      0x74340000 0x28000 5.01.2600.0000 C:\WINDOWS\system32\ipsecsvc.dll
      0x74540000 0xb7000 5.01.2600.0000 C:\WINDOWS\system32\oakley.DLL
      0x742d0000 0xa000 5.01.2600.0000 C:\WINDOWS\system32\WINIPSEC.DLL
      0x74300000 0x9000 5.01.2600.0000 C:\WINDOWS\system32\pstorsvc.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x74320000 0x17000 5.01.2600.0000 C:\WINDOWS\system32\psbase.dll
      0x0ffa0000 0x21000 5.01.2518.0000 C:\WINDOWS\System32\dssenh.dll
      ------------------------------------------------------------------------------
      SVCHOST.EXE pid: 712
      Command line: C:\WINDOWS\system32\svchost -k rpcss

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0000 C:\WINDOWS\system32\svchost.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\system32\DNSAPI.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\system32\ATL.DLL
      0x00700000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      ------------------------------------------------------------------------------
      SVCHOST.EXE pid: 776
      Command line: C:\WINDOWS\System32\svchost.exe -k netsvcs

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\svchost.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x76ed0000 0x25000 5.01.2600.0000 c:\windows\system32\DNSAPI.dll
      0x76ac0000 0x15000 3.00.9238.0000 c:\windows\system32\ATL.DLL
      0x00800000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x00760000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x76790000 0x24000 5.01.2600.0000 C:\WINDOWS\System32\SCHANNEL.dll
      0x76740000 0x13000 5.01.2600.0000 c:\windows\system32\NTDSAPI.dll
      0x66820000 0xb000 5.01.2600.0000 c:\windows\system32\iprip.dll
      0x74eb0000 0xa000 5.01.2600.0000 c:\windows\pchealth\helpctr\binaries\pchsvc.dll
      0x76b10000 0x3d000 2001.12.4414.0042 c:\windows\system32\es.dll
      0x74f00000 0x9000 2600.00.0503.0000 c:\windows\system32\dmserver.dll
      0x74ed0000 0xb000 5.01.2600.0000 c:\windows\system32\msgsvc.dll
      0x75040000 0x17000 2001.12.4414.0042 C:\WINDOWS\System32\mtxoci.dll
      0x74e30000 0x5000 5.04.2600.0000 c:\windows\system32\wuauserv.dll
      0x72410000 0xf000 8.00.0001.0020 c:\windows\system32\mspmspsv.dll
      0x50040000 0x14a000 5.08.0000.2469 C:\WINDOWS\System32\wuaueng.dll
      0x751d0000 0x27000 6.00.2600.0000 C:\WINDOWS\System32\ADVPACK.dll
      0x750c0000 0x13000 5.01.2600.0000 C:\WINDOWS\System32\Cabinet.dll
      0x60440000 0x9000 5.01.2600.0000 C:\WINDOWS\System32\mspatcha.dll
      0x59a80000 0x1c000 5.01.2600.0000 c:\windows\system32\wbem\wmisvc.dll
      0x76760000 0x2b000 5.01.2600.0000 c:\windows\system32\w32time.dll
      0x76010000 0x61000 6.00.8972.0000 c:\windows\system32\MSVCP60.dll
      0x76c70000 0x10000 5.01.2600.0000 c:\windows\system32\AUTHZ.dll
      0x742d0000 0xa000 5.01.2600.0000 c:\windows\system32\WINIPSEC.DLL
      0x74e40000 0xf000 5.01.2600.0000 C:\WINDOWS\System32\wbem\wbemsvc.dll
      0x76bb0000 0x2e000 5.01.2600.0000 C:\WINDOWS\system32\credui.dll
      0x57f70000 0x31000 5.01.2600.0000 C:\WINDOWS\System32\unimdm.tsp
      0x68ce0000 0x3f000 5.01.2600.0000 C:\WINDOWS\System32\hnetcfg.dll
      0x5b390000 0x15000 5.01.2600.0000 C:\WINDOWS\System32\unimdmat.dll
      0x61a20000 0x27000 5.01.2600.0000 C:\WINDOWS\System32\modemui.dll
      0x57ff0000 0xb000 5.01.2600.0000 C:\WINDOWS\System32\kmddsp.tsp
      0x57fd0000 0x10000 5.01.2600.0000 C:\WINDOWS\System32\ndptsp.tsp
      0x58000000 0x7000 5.01.2600.0000 C:\WINDOWS\System32\ipconf.tsp
      0x58020000 0x43000 5.01.2600.0000 C:\WINDOWS\System32\h323.tsp
      0x58010000 0xa000 5.01.2600.0000 C:\WINDOWS\System32\hidphone.tsp
      0x72010000 0x19000 5.01.2600.0000 c:\windows\system32\rasauto.dll
      0x741e0000 0x4000 5.01.2600.0000 C:\WINDOWS\System32\icmp.dll
      0x7c6d0000 0x122000 8.50.2162.0000 C:\WINDOWS\System32\msxml3.dll
      0x50640000 0xc000 5.08.0000.2469 C:\WINDOWS\System32\wups.dll
      0x50e60000 0x7000 5.08.0000.2469 C:\WINDOWS\System32\wups2.dll
      0x72220000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\sensapi.dll
      0x746e0000 0x8f000 6.00.2600.0000 C:\WINDOWS\System32\mlang.dll
      ------------------------------------------------------------------------------
      SVCHOST.EXE pid: 852
      Command line: C:\WINDOWS\System32\svchost.exe -k NetworkService

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\svchost.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76ed0000 0x25000 5.01.2600.0000 c:\windows\system32\DNSAPI.dll
      0x76ac0000 0x15000 3.00.9238.0000 c:\windows\system32\ATL.DLL
      0x00640000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      ------------------------------------------------------------------------------
      SVCHOST.EXE pid: 876
      Command line: C:\WINDOWS\System32\svchost.exe -k LocalService

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\svchost.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76ac0000 0x15000 3.00.9238.0000 c:\windows\system32\ATL.DLL
      0x76ed0000 0x25000 5.01.2600.0000 c:\windows\system32\DNSAPI.dll
      0x00640000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x74b90000 0x10000 5.01.2600.0000 c:\windows\system32\regsvc.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x72220000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\sensapi.dll
      ------------------------------------------------------------------------------
      VSMON.EXE pid: 900
      Command line: C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe -service

      ------------------------------------------------------------------------------
      EXPLORER.EXE pid: 1148
      Command line: C:\WINDOWS\Explorer.EXE

      Base Size Version Path
      0x01000000 0xf8000 6.00.2600.0000 C:\WINDOWS\Explorer.EXE
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x75f10000 0xfc000 6.00.2600.0000 C:\WINDOWS\System32\BROWSEUI.dll
      0x76960000 0x149000 6.00.2600.0000 C:\WINDOWS\System32\SHDOCVW.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x5b950000 0x71000 6.00.2600.0000 C:\WINDOWS\System32\themeui.dll
      0x76310000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\MSIMG32.dll
      0x5ffb0000 0x36000 5.01.2600.0000 C:\WINDOWS\System32\msutb.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x76920000 0x7000 5.01.2600.0000 C:\WINDOWS\System32\LINKINFO.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
      0x76bb0000 0x2e000 5.01.2600.0000 C:\WINDOWS\system32\credui.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\system32\DNSAPI.dll
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x00f70000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74a70000 0x20000 5.01.2600.0000 C:\WINDOWS\System32\stobject.dll
      0x74a60000 0x9000 6.00.2600.0000 C:\WINDOWS\System32\BatMeter.dll
      0x5b2a0000 0x3c000 5.01.2600.0000 C:\WINDOWS\System32\upnpui.dll
      0x01240000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x01550000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\actxprxy.dll
      0x74af0000 0x86000 5.01.2600.0000 C:\WINDOWS\System32\printui.dll
      0x74a50000 0x7000 5.01.2600.0000 C:\WINDOWS\System32\CFGMGR32.dll
      0x69270000 0x8c000 5.02.1776.0000 C:\WINDOWS\System32\fxsst.dll
      0x694a0000 0x70000 5.02.1776.0000 C:\WINDOWS\System32\FXSAPI.dll
      0x71b70000 0xd000 5.01.2600.0000 C:\WINDOWS\System32\ntlanman.dll
      0x71c30000 0x16000 5.01.2600.0000 C:\WINDOWS\System32\NETUI0.dll
      0x71bf0000 0x3c000 5.01.2600.0000 C:\WINDOWS\System32\NETUI1.dll
      0x75ef0000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\drprov.dll
      0x75f00000 0x9000 5.01.2600.0000 C:\WINDOWS\System32\davclnt.dll
      0x76100000 0x8e000 6.00.2600.0000 C:\WINDOWS\System32\shdoclc.dll
      ------------------------------------------------------------------------------
      CFD.EXE pid: 1240
      Command line: "C:\Program Files\BroadJump\Client Foundation\CFD.exe"

      Base Size Version Path
      0x00400000 0x5c000 2.02.0001.0168 C:\Program Files\BroadJump\Client Foundation\CFD.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x689e0000 0x80000 4.00.0000.0000 C:\WINDOWS\System32\stlport_4_0_0_DDR.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x68e00000 0x22000 3.02.0000.0014 C:\Program Files\BroadJump\Client Foundation\BJComRT.dll
      0x68ee0000 0x19000 3.02.0000.0014 C:\Program Files\BroadJump\Client Foundation\BasicLoaderService.dll
      0x68fa0000 0x11000 2.02.0002.0036 C:\Program Files\BroadJump\Client Foundation\AppProperties.dll
      0x68e80000 0x8000 1.00.0001.0013 C:\Program Files\BroadJump\Client Foundation\Marshaller.dll
      0x68860000 0x2d000 2.02.0000.0034 C:\Program Files\BroadJump\Client Foundation\TimerManager.dll
      0x68db0000 0xb000 2.02.0002.0032 C:\Program Files\BroadJump\Client Foundation\BJComSRCManager.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
      0x010e0000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x01120000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      ------------------------------------------------------------------------------
      KAV.EXE pid: 1252
      Command line: <unable to retrieve>
      ------------------------------------------------------------------------------
      OESpamTest.exe pid: 1260
      Command line: "C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE"

      Base Size Version Path
      0x00400000 0xc000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OESpamTest.ExE
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x00850000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      ------------------------------------------------------------------------------
      PicasaMediaDetector.exe pid: 1268
      Command line: "C:\Program Files\Picasa2\PicasaMediaDetector.exe"

      Base Size Version Path
      0x00400000 0x5c000 2.06.0036.0019 C:\Program Files\Picasa2\PicasaMediaDetector.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x73af0000 0x13000 5.01.2600.0000 C:\WINDOWS\System32\STI.dll
      0x74a50000 0x7000 5.01.2600.0000 C:\WINDOWS\System32\CFGMGR32.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x00aa0000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      ------------------------------------------------------------------------------
      ZLCLIENT.EXE pid: 1276
      Command line: "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

      ------------------------------------------------------------------------------
      JUSCHED.EXE pid: 1284
      Command line: "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

      Base Size Version Path
      0x00400000 0x11000 5.00.0110.0003 C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      ------------------------------------------------------------------------------
      QTTASK.EXE pid: 1292
      Command line: "C:\Program Files\QuickTime\qttask.exe" -atboottime

      Base Size Version Path
      0x00400000 0x47000 7.01.0006.0200 C:\Program Files\QuickTime\qttask.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      ------------------------------------------------------------------------------
      DRMPBDU.EXE pid: 1300
      Command line: "C:\windows\system32\drmpbdu.exe" drmpbdu

      Base Size Version Path
      0x00400000 0x65000 C:\windows\system32\drmpbdu.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76ac0000 0x15000 3.00.9238.0000 C:\windows\system32\ATL.DLL
      0x76ed0000 0x25000 5.01.2600.0000 C:\windows\system32\DNSAPI.dll
      0x00a50000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x00b40000 0x10000 7.00.2600.0000 C:\windows\system32\MSVCIRT.dll
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x00b80000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x74e60000 0xa000 5.01.2600.0000 C:\WINDOWS\System32\wbem\wbemprox.dll
      0x74e40000 0xf000 5.01.2600.0000 C:\WINDOWS\System32\wbem\wbemsvc.dll
      0x7c6d0000 0x122000 8.50.2162.0000 C:\WINDOWS\System32\msxml3.dll
      0x74bf0000 0x2c000 4.02.5406.0000 C:\windows\system32\OLEACC.DLL
      0x74780000 0x2ad000 6.00.2600.0000 C:\WINDOWS\System32\mshtml.dll
      0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\actxprxy.dll
      ------------------------------------------------------------------------------
      CTFMON.EXE pid: 1308
      Command line: "C:\WINDOWS\System32\ctfmon.exe"

      Base Size Version Path
      0x00400000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\ctfmon.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x5ffb0000 0x36000 5.01.2600.0000 C:\WINDOWS\System32\MSUTB.dll
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x008e0000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      ------------------------------------------------------------------------------
      MSNMSGR.EXE pid: 1316
      Command line: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

      Base Size Version Path
      0x00400000 0x56a000 8.01.0178.0000 C:\Program Files\MSN Messenger\MsnMsgr.Exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x78130000 0x9b000 8.00.50727.0163 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
      0x76310000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\MSIMG32.dll
      0x70d00000 0x1a0000 5.01.3097.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\gdiplus.dll
      0x59100000 0xf7000 8.01.0178.0000 C:\Program Files\MSN Messenger\MSNCore.dll
      0x00270000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\System32\DNSAPI.dll
      0x27500000 0xc8000 4.100.0313.0001 C:\Program Files\MSN Messenger\msidcrl40.dll
      0x72220000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\SensApi.dll
      0x5a700000 0x55000 8.01.0178.0000 C:\Program Files\MSN Messenger\ContactsUX.dll
      0x73ca0000 0x10000 5.131.2600.0000 C:\WINDOWS\System32\CRYPTNET.dll
      0x10000000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x01230000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x74d00000 0x95000 6.00.2600.0000 C:\WINDOWS\System32\inetcomm.dll
      0x74cd0000 0x1f000 6.00.2600.0000 C:\WINDOWS\System32\MSOERT2.dll
      0x66b00000 0xe000 6.00.2600.0000 C:\WINDOWS\System32\inetres.dll
      0x746e0000 0x8f000 6.00.2600.0000 C:\WINDOWS\System32\mlang.dll
      0x59300000 0x1a9000 8.01.0178.0000 C:\Program Files\MSN Messenger\msgslang.8.1.0178.00.dll
      0x5b200000 0x23e000 8.01.0178.0000 C:\Program Files\MSN Messenger\msgsres.dll
      0x76b10000 0x3d000 2001.12.4414.0042 C:\WINDOWS\System32\es.dll
      0x79000000 0x1a4000 1.07.0256.0000 C:\Program Files\MSN Messenger\lcapi.dll
      0x73e60000 0x55000 5.01.2600.0000 C:\WINDOWS\System32\DSOUND.dll
      0x73600000 0x7000 6.04.2600.0000 C:\WINDOWS\System32\msdmo.dll
      0x7a100000 0x60000 1.07.0109.0000 C:\Program Files\MSN Messenger\lcres.dll
      0x016e0000 0x3db000 3.00.5774.0000 C:\Program Files\MSN Messenger\RTMPLTFM.dll
      0x73e40000 0xf000 6.04.2600.0000 C:\WINDOWS\System32\devenum.dll
      0x73ec0000 0x149000 6.04.2600.0000 C:\WINDOWS\System32\quartz.dll
      0x736b0000 0x45000 5.01.2600.0000 C:\WINDOWS\System32\DDRAW.dll
      0x73b10000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\DCIMAN32.dll
      0x73890000 0xc7000 5.01.2600.0000 C:\WINDOWS\System32\D3DIM700.DLL
      0x6cb80000 0x11000 5.01.2600.0000 C:\WINDOWS\System32\dpnhupnp.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x68ce0000 0x3f000 5.01.2600.0000 C:\WINDOWS\System32\hnetcfg.dll
      0x76bb0000 0x2e000 5.01.2600.0000 C:\WINDOWS\System32\credui.dll
      0x74e60000 0xa000 5.01.2600.0000 C:\WINDOWS\System32\wbem\wbemprox.dll
      0x74e40000 0xf000 5.01.2600.0000 C:\WINDOWS\System32\wbem\wbemsvc.dll
      0x76790000 0x24000 5.01.2600.0000 C:\WINDOWS\system32\schannel.dll
      0x7c6d0000 0x122000 8.50.2162.0000 C:\WINDOWS\System32\msxml3.dll
      0x5b500000 0xa4000 8.01.0178.0000 C:\Program Files\MSN Messenger\MSGSWCAM.dll
      0x5a600000 0x13000 8.01.0178.0000 C:\WINDOWS\System32\sirenacm.dll
      0x74da0000 0x6b000 5.30.0023.1210 C:\WINDOWS\System32\RichEd20.dll
      ------------------------------------------------------------------------------
      SUPERAntiSpyware.exe pid: 1360
      Command line: "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

      Base Size Version Path
      0x00400000 0x149000 3.06.0000.1000 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x10000000 0x5a000 1.00.0000.0002 C:\Program Files\SUPERAntiSpyware\deupx.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x00c40000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x00cc0000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x5d300000 0x80000 5.02.3669.0000 C:\WINDOWS\System32\hhctrl.ocx
      0x68d60000 0x19000 4.74.9273.0000 C:\WINDOWS\System32\mui\000c\hhctrlui.dll
      0x76960000 0x149000 6.00.2600.0000 C:\WINDOWS\System32\shdocvw.dll
      0x76100000 0x8e000 6.00.2600.0000 C:\WINDOWS\System32\shdoclc.dll
      0x74780000 0x2ad000 6.00.2600.0000 C:\WINDOWS\System32\mshtml.dll
      0x74660000 0x29000 5.01.2600.0000 C:\WINDOWS\System32\msimtf.dll
      0x74630000 0x27000 3.10.0349.0000 C:\WINDOWS\System32\MSLS31.DLL
      ------------------------------------------------------------------------------
      KAVPF.EXE pid: 1376
      Command line: "C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe" /silence

      Base Size Version Path
      0x00400000 0x369000 1.08.0000.0180 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\KAVPF.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x10000000 0xf0000 5.84.0000.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\BCGCB59.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x00d30000 0x73000 1.01.0050.0000 C:\PROGRA~1\MICROA~1\SÉCURI~1\ANTI-V~1\ANTI-S~1\OEHook.dll
      0x003c0000 0x7000 1.01.0050.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Spam\CatNames.dll
      0x74690000 0x4b000 5.01.2600.0000 C:\WINDOWS\System32\MSCTF.dll
      0x00df0000 0x15c000 1.08.0000.0000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\perfiloc.dll
      0x73230000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\RICHED32.DLL
      0x74da0000 0x6b000 5.30.0023.1210 C:\WINDOWS\System32\RICHED20.dll
      0x00f50000 0xb000 C:\Program Files\Micro Application\Sécurité Internet\Anti-Virus Perso & Pro\Anti-Hacker\BCGCBRes.dll
      0x019f0000 0x3c000 5.01.2600.0000 C:\WINDOWS\System32\mswsock.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\System32\DNSAPI.dll
      ------------------------------------------------------------------------------
      SPOOLSV.EXE pid: 1748
      Command line: C:\WINDOWS\system32\spoolsv.exe

      Base Size Version Path
      0x01000000 0xf000 5.01.2600.0000 C:\WINDOWS\system32\spoolsv.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\system32\DNSAPI.dll
      0x62da0000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\lprmon.dll
      0x62db0000 0x6000 5.01.2600.0000 C:\WINDOWS\system32\LPRHELP.dll
      0x69380000 0x8000 5.02.1776.0000 C:\WINDOWS\system32\FXSMON.DLL
      0x693a0000 0x13000 5.02.1776.0000 C:\WINDOWS\system32\FXSEVENT.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\System32\mswsock.dll
      0x741e0000 0x4000 5.01.2600.0000 C:\WINDOWS\system32\icmp.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\system32\ATL.DLL
      0x00e50000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x71470000 0xc000 6.00.2600.0001 C:\WINDOWS\system32\ADMWPROX.DLL
      ------------------------------------------------------------------------------
      GUARD.EXE pid: 1940
      Command line: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe"

      Base Size Version Path
      0x00400000 0x34000 7.05.0000.0047 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x10000000 0xdd000 4.02.0000.0015 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      ------------------------------------------------------------------------------
      INETINFO.EXE pid: 1968
      Command line: C:\WINDOWS\System32\inetsrv\inetinfo.exe

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0001 C:\WINDOWS\System32\inetsrv\inetinfo.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x66e00000 0x20000 6.00.2600.0001 C:\WINDOWS\system32\IisRTL.DLL
      0x5dc60000 0x5000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\rpcref.dll
      0x67160000 0x9000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\iisadmin.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\system32\ATL.DLL
      0x6ec60000 0xd000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\COADMIN.dll
      0x71470000 0xc000 6.00.2600.0001 C:\WINDOWS\system32\ADMWPROX.dll
      0x005c0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x62010000 0x15000 5.01.2600.0001 C:\WINDOWS\System32\inetsrv\metadata.dll
      0x5f680000 0xc000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\nsepm.dll
      0x66e50000 0x12000 6.00.2600.0001 C:\WINDOWS\system32\IISMAP.dll
      0x76790000 0x24000 5.01.2600.0000 C:\WINDOWS\system32\schannel.dll
      0x76b10000 0x3d000 2001.12.4414.0042 C:\WINDOWS\System32\es.dll
      0x5ab10000 0xf000 5.01.2600.0001 C:\WINDOWS\System32\inetsrv\wamreg.dll
      0x714a0000 0xa000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\admexs.dll
      0x5bf50000 0xe000 5.01.2600.0001 C:\WINDOWS\System32\inetsrv\svcext.dll
      0x71ef0000 0x4000 5.01.2600.0000 C:\WINDOWS\system32\Security.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\system32\DNSAPI.dll
      0x6c110000 0x6000 6.00.2600.0001 C:\WINDOWS\system32\RWNH.dll
      0x69940000 0xc000 5.06.2600.0001 C:\WINDOWS\system32\exstrace.dll
      0x5c100000 0x6000 6.00.2600.0001 C:\WINDOWS\system32\STAXMEM.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x6bc70000 0x35000 6.00.2600.0001 C:\WINDOWS\System32\inetsrv\seo.dll
      ------------------------------------------------------------------------------
      KAVSVC.EXE pid: 1988
      Command line: <unable to retrieve>
      ------------------------------------------------------------------------------
      PCTSPK.EXE pid: 212
      Command line: C:\WINDOWS\system32\pctspk.exe

      Base Size Version Path
      0x00400000 0x18000 4.00.0000.0000 C:\WINDOWS\system32\pctspk.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x73aa0000 0x15000 5.01.2600.0000 C:\WINDOWS\system32\AVIFIL32.dll
      0x73b20000 0x1f000 5.01.2600.0000 C:\WINDOWS\system32\MSVFW32.dll
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      ------------------------------------------------------------------------------
      TCPSVCS.EXE pid: 248
      Command line: C:\WINDOWS\System32\tcpsvcs.exe

      Base Size Version Path
      0x01000000 0x7000 5.01.2600.0000 C:\WINDOWS\System32\tcpsvcs.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x5cb90000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\simptcp.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\system32\mswsock.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\System32\DNSAPI.dll
      ------------------------------------------------------------------------------
      SNMP.EXE pid: 308
      Command line: C:\WINDOWS\System32\snmp.exe

      Base Size Version Path
      0x01000000 0x9000 5.01.2600.0000 C:\WINDOWS\System32\snmp.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x71ed0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\snmpapi.dll
      0x71990000 0x3c000 5.01.2600.0000 C:\WINDOWS\System32\mswsock.dll
      0x76ed0000 0x25000 5.01.2600.0000 C:\WINDOWS\System32\DNSAPI.dll
      0x719d0000 0x8000 5.01.2600.0000 C:\WINDOWS\System32\wshtcpip.dll
      0x62f70000 0xb000 5.01.2600.0000 C:\WINDOWS\System32\lmmib2.dll
      0x66b20000 0xb000 5.01.2600.0000 C:\WINDOWS\System32\inetmib1.dll
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
      0x006f0000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
      0x68c00000 0xc000 5.01.2600.0000 C:\WINDOWS\System32\hostmib.dll
      0x5c830000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\snmpmib.dll
      0x69980000 0x1e000 5.01.2600.0000 C:\WINDOWS\System32\evntagnt.dll
      0x76010000 0x61000 6.00.8972.0000 C:\WINDOWS\System32\MSVCP60.dll
      0x67220000 0x5000 5.01.2600.0000 C:\WINDOWS\System32\igmpagnt.dll
      0x621d0000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\mcastmib.dll
      0x5d6c0000 0xa000 5.01.2600.0000 C:\WINDOWS\System32\rtipxmib.dll
      0x67970000 0x5000 5.01.2600.0001 C:\WINDOWS\System32\inetsrv\httpmib.dll
      0x66ae0000 0x6000 6.00.2600.0001 C:\WINDOWS\system32\INFOADMN.dll
      0x66e00000 0x20000 6.00.2600.0001 C:\WINDOWS\system32\IisRTL.DLL
      0x5ead0000 0x9000 5.01.2600.0000 C:\WINDOWS\System32\perfos.dll
      ------------------------------------------------------------------------------
      SVCHOST.EXE pid: 376
      Command line: C:\WINDOWS\System32\svchost.exe -k imgsvc

      Base Size Version Path
      0x01000000 0x6000 5.01.2600.0000 C:\WINDOWS\System32\svchost.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x73990000 0x50000 5.01.2600.0000 c:\windows\system32\wiaservc.dll
      0x74a50000 0x7000 5.01.2600.0000 c:\windows\system32\CFGMGR32.dll
      0x73a80000 0x13000 5.01.2600.0000 c:\windows\system32\mscms.dll
      0x71ca0000 0x1b000 6.00.2600.0000 C:\WINDOWS\System32\actxprxy.dll
      0x73af0000 0x13000 5.01.2600.0000 C:\WINDOWS\System32\sti.dll
      ------------------------------------------------------------------------------
      KLSWD.EXE pid: 660
      Command line: <unable to retrieve>
      ------------------------------------------------------------------------------
      wuauclt.exe pid: 3004
      Command line: "C:\WINDOWS\System32\wuauclt.exe" /RunStoreAsComServer Local\[308]SUSDS74b79b7ca63b184d94b98728476beb17

      Base Size Version Path
      0x00400000 0x1f000 5.08.0000.2469 C:\WINDOWS\System32\wuauclt.exe
      *** File timestamp: Thu Aug 23 18:43:58 2001
      *** Loaded image timestamp: Thu Aug 23 18:43:59 2001
      0x76ac0000 0x15000 3.00.9238.0000 C:\WINDOWS\System32\ATL.DLL
      0x71950000 0xe4000 6.00.2600.0000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
      0x50940000 0x2c000 5.08.0000.2469 C:\WINDOWS\System32\wuaucpl.cpl
      0x50040000 0x14a000 5.08.0000.2469 C:\WINDOWS\System32\wuaueng.dll
      0x751d0000 0x27000 6.00.2600.0000 C:\WINDOWS\System32\ADVPACK.dll
      0x002a0000 0x8000 5.01.2

      ===================== Hidden Objects =====================


      SCAN ABORTED: an unknown error has occurred. Please check Rootkit presence with another tool

      ===================== Checking Rustock rootkit =====================



      ===================== Checking Suspicious files =====================
      (Unusually Runtime packers compressed exe and dll files in C:\, %windir%\, %windir%\system32\


      ==========================================
      Scan completed in 2,9 minutes
      End of report
      0
  14. riviere
     
    es sa qu'il te fallait je pense avoir reussi il y a la suite

    SystemScan - www.suspectfile.com - ver. 3.1.2

    Running on: Windows XP PROFESSIONAL Edition (2600.5.1)
    System directory: C:\WINDOWS

    Date: 15/06/2007
    Time: 20:29:32

    Output limited to:
    -Recent files
    -Registry Run Keys
    -Loaded Dlls
    -Hidden objects
    -Suspicious Files

    ===================== Recent files (30 days old)=====================

    ----- recent files in C:\
    28/05/2007 11:28:30 (DIR) 0 byte 18 days old -- FOUND.018
    28/05/2007 22:37:52 244 byte 18 days old -- sqmnoopt01.sqm
    28/05/2007 22:37:52 268 byte 18 days old -- sqmdata01.sqm
    29/05/2007 00:54:24 268 byte 17 days old -- sqmdata02.sqm
    29/05/2007 00:54:24 244 byte 17 days old -- sqmnoopt02.sqm
    01/06/2007 20:03:18 (DIR) 0 byte 14 days old -- FOUND.019
    11/06/2007 20:08:12 (DIR) 0 byte 4 days old -- FOUND.020
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.007
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.006
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.005
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- undo
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.009
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.008
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.001
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.000
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.002
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.004
    14/06/2007 07:06:48 (DIR) 0 byte 1 days old -- FOUND.003
    14/06/2007 20:19:48 (DIR) 0 byte 1 days old -- Deckard
    14/06/2007 23:46:34 (DIR) 0 byte 1 days old -- suspectfile
    15/06/2007 20:23:00 503316480 byte 0 days old -- pagefile.sys

    ----- recent files in C:\WINDOWS\
    03/06/2007 16:33:50 1120 byte 12 days old -- win.ini
    03/06/2007 16:52:52 74752 byte 12 days old -- ST6UNST.EXE
    03/06/2007 16:52:54 253952 byte 12 days old -- Setup1.exe
    04/06/2007 19:13:42 1409 byte 11 days old -- QTFont.for
    11/06/2007 10:36:36 2 byte 4 days old -- System32KBRunOnce2.t__
    11/06/2007 10:36:36 0 byte 4 days old -- System32KBRunOnce2.tm_
    12/06/2007 11:39:02 (DIR) 0 byte 3 days old -- Minidump
    13/06/2007 00:57:14 54156 byte 2 days old -- QTFont.qfn
    14/06/2007 06:31:32 335 byte 1 days old -- mozregistry.dat
    14/06/2007 20:20:16 (DIR) 0 byte 1 days old -- ERDNT
    15/06/2007 20:21:54 50 byte 0 days old -- wiaservc.log
    15/06/2007 20:21:54 32172 byte 0 days old -- SchedLgU.Txt
    15/06/2007 20:21:58 1227898 byte 0 days old -- WindowsUpdate.log
    15/06/2007 20:23:02 2048 byte 0 days old -- bootstat.dat
    15/06/2007 20:23:56 159 byte 0 days old -- wiadebug.log
    15/06/2007 20:24:00 4344 byte 0 days old -- ModemLog_HSP56 Micromodem.txt
    15/06/2007 20:24:06 0 byte 0 days old -- 0.log

    ----- recent files in C:\WINDOWS\Downloaded Program Files\

    ----- recent files in C:\WINDOWS\system\

    ----- recent files in C:\WINDOWS\system32\
    11/06/2007 10:21:28 2184 byte 4 days old -- wpa.dbl
    11/06/2007 10:28:10 13573 byte 4 days old -- KB_963493.exe.bak
    11/06/2007 20:10:46 24 byte 4 days old -- KBRunOnce2.t__
    11/06/2007 20:11:22 30720 byte 4 days old -- poof.ren
    15/06/2007 20:24:10 336 byte 0 days old -- vsconfig.xml

    ----- recent files in C:\WINDOWS\system32\drivers\
    17/05/2007 15:15:40 82258 byte 29 days old -- klin.sys
    17/05/2007 15:15:40 82258 byte 29 days old -- klick.sys

    ----- recent files in C:\WINDOWS\temp\
    14/06/2007 09:35:32 16384 byte 1 days old -- Perflib_Perfdata_f8.dat
    14/06/2007 22:01:14 16384 byte 1 days old -- Perflib_Perfdata_180.dat
    14/06/2007 22:01:18 0 byte 1 days old -- T30DebugLogFile.txt
    15/06/2007 07:03:12 16384 byte 0 days old -- Perflib_Perfdata_f4.dat
    15/06/2007 16:40:34 256 byte 0 days old -- ZLT00f3d.TMP
    15/06/2007 16:41:04 16384 byte 0 days old -- Perflib_Perfdata_fc.dat
    15/06/2007 20:23:28 256 byte 0 days old -- ZLT039d7.TMP
    15/06/2007 20:23:32 256 byte 0 days old -- ZLT039e4.TMP
    15/06/2007 20:23:58 16384 byte 0 days old -- Perflib_Perfdata_134.dat

    ----- recent files in C:\Program Files\
    12/06/2007 21:43:38 (DIR) 0 byte 3 days old -- Alice
    12/06/2007 21:45:04 (DIR) 0 byte 3 days old -- InstallShield Installation Information
    12/06/2007 21:48:30 (DIR) 0 byte 3 days old -- Trojan Remover
    13/06/2007 08:45:20 (DIR) 0 byte 2 days old -- Mozilla Firefox
    14/06/2007 20:21:56 (DIR) 0 byte 1 days old -- HijackThis

    ----- recent files in C:\Program Files\Fichiers communs\

    ===================== REGISTRY SCAN =====================

    -----HKLM\Software\Microsoft\Windows\CurrentVersion\Run-----
    0
  15. Utilisateur anonyme
     
    Fais un clic droit sur ce lien :Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip logiciel d'Il Mafioso

    Fais un clic droit sur navilog1.zip et choisis "tout extraire"
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal choisis F, ensuite choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sansmon avis)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***

    Appuie sur une touche comme demandé, le bloc-note va s'ouvrir.
    Copie-colle l'intégralité dans un nouveau message
    Le rapport est aussi sauvegardé à la racine du disque (fixnavi.txt)
    0
    1. riviere
       
      merci de ton aide voici les resultat du scan demander

      Search Navipromo version 2.0.3 commencé le 17/06/2007 à 0:28:00,35

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Poster ce rapport sur le forum pour le faire analyser !!!
      !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

      Fix lancé depuis C:\Program Files\navilog1
      Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

      Executé en mode normal

      *** Recherche Programmes installes ***




      *** Recherche dossiers dans C:\WINDOWS ***




      *** Recherche dossiers dans C:\Program Files ***


      C:\Program Files\MessengerSkinner trouvé !


      *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




      *** Recherche dossiers dans C:\Documents and Settings\Sanchez\Application Data ***


      ...\Application Data\MessengerSkinner trouvé !

      *** Recherche avec BlackLight Engine/F-secure ***
      BlackLight Engine est un produit de F-secure, pour + d'infos :
      https://www.f-secure.com/en

      Fichier(s) caché(s) dans C:\WINDOWS\system32 :

      C:\windows\system32\drmpbdu.exe

      Processus caché(s) dans C:\WINDOWS\system32 :

      C:\windows\system32\drmpbdu.exe


      *** Recherche fichiers ***


      C:\WINDOWS\pack.epk trouvé !
      C:\WINDOWS\system32\nvs2.inf trouvé !


      *** Recherche cles registre ***


      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



      Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



      Recherche Clé Magic Control

      HKEY_CURRENT_USER\Software\Lanconfig trouvé !


      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche fichiers connus:


      2)Recherche Heuristique :
      *
      C:\WINDOWS\system32\drmpbdu.dat trouvé !
      **
      C:\WINDOWS\system32\drmpbdu.dat trouvé !
      ***
      ****
      C:\WINDOWS\system32\drmpbdu_navps.dat trouvé !
      *****
      ******
      *******
      C:\WINDOWS\system32\ouwyfrp.exe trouvé !
      ********
      C:\WINDOWS\system32\ouwyfrp.exe trouvé !
      C:\WINDOWS\system32\fcwmyp.exe trouvé !
      C:\WINDOWS\system32\oeyhksnmq.exe trouvé !
      C:\WINDOWS\system32\qpdhsfzaki.exe trouvé !


      *** Analyse Terminé le 17/06/2007 à 0:29:11,22 ***
      0
    2. Utilisateur anonyme > riviere
       
      N'installe plus ce porgramme c'est de la saloperie : MessengerSkinner


      Avec Navilog :

      Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
      Au menu principal, choisis 2 et valide.

      Le fix va t'informer qu'il va alors redémarrer ton PC
      Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
      Appuie sur une touche comme demandé.
      (si ton Pc ne redémarre pas automatiquement, fais le toi même)
      Au redémarrage de ton PC, choisis ta session habituelle.

      Patiente jusqu'au message :
      *** Nettoyage Termine le ..... ***
      Le blocnote va s'ouvrir.
      Sauvegarde le rapport de manière à le retrouver
      Referme le blocnote. Ton bureau va réapparaitre

      Si ton bureau ne réapparait pas, appuie en même temps sur les touches CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
      Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
      Tape explorer et valide. Cela te fera apparaitre ton bureau.
      0
    3. riviere > Utilisateur anonyme
       
      j'ai effectuer le nettoyage comme demander et mozilla firefox marche maintenant merci merci et encore merci tes vraiment genial ya t'il autre chose a faire apres sa je te donne le rapport de nettoyage navilog 1


      Clean Navipromo version 2.0.3 commencé le 17/06/2007 à 8:56:04,05

      Fix lancé depuis C:\Program Files\navilog1
      Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

      Mode suppression automatique avec prise en charge résultats Blacklight


      *** Creation backups fichiers trouvés par Blacklight ***

      Copie vers "C:\Program Files\navilog1\Backupnavi"


      *** Suppression des fichiers trouvés avec Blacklight ***

      C:\windows\system32\drmpbdu.exe supprimé !

      ** 2ème passage **

      C:\WINDOWS\system32\drmpbdu.exe absent !
      C:\WINDOWS\system32\drmpbdu_navup.dat absent !
      C:\WINDOWS\system32\drmpbdu_navtmp.dat absent !
      C:\WINDOWS\system32\drmpbdu_m2s.xml absent !


      C:\WINDOWS\system32\drmpbdu.dat trouvé !
      Copie C:\WINDOWS\system32\drmpbdu.dat réalise avec succes !
      C:\WINDOWS\system32\drmpbdu.dat supprimé !

      C:\WINDOWS\system32\drmpbdu_nav.dat trouvé !
      Copie C:\WINDOWS\system32\drmpbdu_nav.dat réalise avec succes !
      C:\WINDOWS\system32\drmpbdu_nav.dat supprimé !

      C:\WINDOWS\system32\drmpbdu_navps.dat trouvé !
      Copie C:\WINDOWS\system32\drmpbdu_navps.dat réalise avec succes !
      C:\WINDOWS\system32\drmpbdu_navps.dat supprimé !

      C:\WINDOWS\prefetch\drmpbdu*.pf trouvé !
      Copie C:\WINDOWS\prefetch\drmpbdu*.pf réalise avec succes !
      C:\WINDOWS\prefetch\drmpbdu*.pf supprimé !

      *** Suppression dossiers dans C:\WINDOWS ***


      *** Suppression dossiers dans C:\Program Files ***

      C:\Program Files\MessengerSkinner ...suppression...
      C:\Program Files\MessengerSkinner supprimé !


      *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


      *** Suppression dossiers dans C:\Documents and Settings\Sanchez\Application Data ***

      ...\Application Data\MessengerSkinner ...suppression...
      ...\Application Data\MessengerSkinner supprimé !



      *** Suppression fichiers ***

      C:\WINDOWS\pack.epk supprimé !
      C:\WINDOWS\system32\nvs2.inf supprimé !

      *** Suppression fichiers temporaires ***

      Nettoyage contenu C:\WINDOWS\Temp effectué !
      Nettoyage contenu C:\Documents and Settings\Sanchez\Local Settings\Temp effectué !


      *** Sauvegarde du registre vers dossier Backupnavi***


      sauvegarde du registre réalise avec succes !


      *** Nettoyage registre ***


      Nettoyage registre Ok

      *** Traitement Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche fichiers connus:


      2)Recherche et Suppression Heuristique :

      *
      **
      ***
      ****
      *****
      ******
      *******
      C:\WINDOWS\System32\ouwyfrp.exe trouvé !
      Copie C:\WINDOWS\system32\ouwyfrp.exe réalise avec succes !
      C:\WINDOWS\system32\ouwyfrp.exe supprimé !

      ********
      C:\WINDOWS\System32\fcwmyp.exe trouvé !
      Copie C:\WINDOWS\system32\fcwmyp.exe réalise avec succes !
      C:\WINDOWS\system32\fcwmyp.exe supprimé !

      C:\WINDOWS\System32\oeyhksnmq.exe trouvé !
      Copie C:\WINDOWS\system32\oeyhksnmq.exe réalise avec succes !
      C:\WINDOWS\system32\oeyhksnmq.exe supprimé !

      C:\WINDOWS\System32\qpdhsfzaki.exe trouvé !
      Copie C:\WINDOWS\system32\qpdhsfzaki.exe réalise avec succes !
      C:\WINDOWS\system32\qpdhsfzaki.exe supprimé !


      3)Contrôle présence clés Rootkit dans le registre :

      Aucune autre clés présente dans le registre !

      *** Nettoyage termine le 17/06/2007 à 8:59:22,83 ***
      0
    4. riviere
       
      re apres le nettoyage navilog 1 mozilla firefox marcher correctement puis apres plus rien sa marche plus je suppose qu'il doit y avoir encore des saloperie merci de ta reponse et ton aides.
      0
    5. riviere > Utilisateur anonyme
       
      coucou boulepat desole de t'embeter mais sa marche tjr pas j'ai toujour une page blanche avec mozilla.
      merci de ton aide.
      0
  16. Utilisateur anonyme
     
    C'ets quoi cette page blanche ? ! T'as regardé au niveau de ta page de démarrage ?

    Avec Internet Explorer comment ça se passe ?

    A++
    0
    1. riviere
       
      en fait c toujours mozilla firefox quand je l'ouvre cet une page blanche et les info sur la page cet about blank et au niveau d'explorer sa a l'air d'aller pour le moment j'ai plus de page de pub merci de ton aide.
      0
  17. Utilisateur anonyme
     
    oki, fais ces deux choses :

    Télécharge
    http://www.trojaner-info.de/cgi-bin/download.cgi?file=sphjfix

    Clic sur Start disinfection
    Clic sur "LOg"
    Le rapport s'ouvre, copie et colle le contenu ici stp

    ET

    Télécharge
    https://www.malwarebytes.com/

    Clic sur begin scan

    Dès qu'ils ont terminé, redémarre ton PC et ouvre FireFox dis mo ice que ça donne ;-)

    0
    1. riviere
       
      ok merci voici le rapport du 1er lien demander

      (6/21/07 00:07:38) SPSeHjFix started v1.1.2
      (6/21/07 00:07:38) OS: WinXP (5.1.2600)
      (6/21/07 00:07:38) Language: français
      (6/21/07 00:07:38) Win-Path: C:\WINDOWS
      (6/21/07 00:07:38) System-Path: C:\WINDOWS\System32
      (6/21/07 00:07:38) Temp-Path: C:\DOCUME~1\Sanchez\LOCALS~1\Temp\
      (6/21/07 00:07:42) Disinfection started
      (6/21/07 00:07:42) Bad-Dll(IEP): (not found)
      (6/21/07 00:07:42) Bad-Dll(IEP) in BHO: (not found)
      (6/21/07 00:07:42) UBF: 4 - UBB: 0 - UBR: 11
      (6/21/07 00:07:42) UBF: 4 - UBB: 0 - UBR: 11
      (6/21/07 00:07:42) Bad IE-pages: (none)
      (6/21/07 00:07:42) Stealth-String not found
      (6/21/07 00:07:42) Not infected->END
      0
    2. riviere
       
      about buster me marque scan was completed successfully at 00:24:12
      puis erreue d'execution '339' le composant 'comctl32.ocx' ou une de ses dependances n'est pas correctementenregistre :un fichier est absent ou incorrect donc j'ai pas de rapport de scan et mozilla marche toujours pas merci de ton aide.
      0
  18. Utilisateur anonyme
     
    Télécharge http://www.malwarebytes.org/libraries/COMCTL32.OCX

    Mets ce fichier dans le dossier /System32/
    Une fois que tu l'as mis dans ce dossier.

    Ensuite, clic sur démarrer, exécuter et tape :
    regsrv32 %windir%\system32\COMCTL32.OCX

    Puis exécute à nouveau le logiciel.

    A mon avis ça donnera rien, as-tu essayé de réinstaller complétement firefox ?
    0
    1. riviere
       
      j'ai tout essayer et rien a faire cela ne veut pas marcher.
      0