Aller au contenu

chri12

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    27

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par chri12

  1. chri12
    Bon je n’ai pas trouver - c:\windows\system32\zjbwfgj.exe je n’ai pas nettoyé la base registre car je suis pas sur de ce qu’il faut garder et supprimer le registre HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\Folders 02/04/2005 19:02:19 E:\SOA\ HKEY_LOCAL_MACHINE Software\Classes\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32 03/05/2005 10:32:25 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CmdLineExt03.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9869EFA6-18E9-11D3-A837-00104B9E30B5}\1.0\0\win32 26/04/2005 20:10:10 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CmdLineExt03.dll HKEY_LOCAL_MACHINE Software\GlobeSpanVirata\Adsl 16/01/2005 09:38:22 srcpath C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX3\ HKEY_CURRENT_USER Software\GSCGameWorld\Alexander 15/01/2005 16:12:43 ExeCDPath C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SetupDemo.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\GSCGameWorld\Alexander 15/01/2005 16:12:43 ExeCDPath C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SetupDemo.exe HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{7545E42A-0009-4447-872F-0C4626E6CCAC}\2.0\HELPDIR 16/01/2005 16:42:28 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9B067924-FF38-4A9F-B693-7E49E715D655}\1.0\HELPDIR 16/01/2005 16:42:28 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{7545E42A-0009-4447-872F-0C4626E6CCAC}\2.0\0\win32 16/01/2005 16:42:28 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9B067924-FF38-4A9F-B693-7E49E715D655}\1.0\0\win32 16/01/2005 16:42:28 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE\RefEdit.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{21A09637-0B19-43BC-868D-F20D2CAEDB56}\2.0\HELPDIR 25/04/2005 11:56:16 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{21A09637-0B19-43BC-868D-F20D2CAEDB56}\2.0\0\win32 25/04/2005 11:56:16 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Word8.0\MSForms.exd HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB834707\Filelist\5 17/01/2005 12:00:42 Location c:\windows\$hf_mig$\KB834707\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB834707\Filelist\6 17/01/2005 12:00:42 Location c:\windows\$hf_mig$\KB834707\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB834707\Filelist\7 17/01/2005 12:00:42 Location c:\windows\$hf_mig$\KB834707\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB834707\Filelist\8 17/01/2005 12:00:42 Location c:\windows\$hf_mig$\KB834707\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB834707\Filelist\9 17/01/2005 12:00:42 Location c:\windows\$hf_mig$\KB834707\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\10 10/02/2005 19:08:08 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\11 10/02/2005 19:08:08 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\12 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\13 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\14 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\15 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\16 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\17 10/02/2005 19:08:09 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB867282\Filelist\9 10/02/2005 19:08:08 Location c:\windows\$hf_mig$\KB867282\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB873333\Filelist\6 10/02/2005 19:08:01 Location c:\windows\$hf_mig$\KB873333\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB873333\Filelist\7 10/02/2005 19:08:02 Location c:\windows\$hf_mig$\KB873333\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB873333\Filelist\8 10/02/2005 19:08:02 Location c:\windows\$hf_mig$\KB873333\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB873333\Filelist\9 10/02/2005 19:08:02 Location c:\windows\$hf_mig$\KB873333\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB873339\Filelist\1 17/01/2005 12:00:47 Location c:\windows\$hf_mig$\KB873339\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB885250\Filelist\2 10/02/2005 19:08:24 Location c:\windows\$hf_mig$\KB885250\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB885835\Filelist\4 17/01/2005 12:00:24 Location c:\windows\$hf_mig$\KB885835\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB885835\Filelist\5 17/01/2005 12:00:24 Location c:\windows\$hf_mig$\KB885835\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB885835\Filelist\6 17/01/2005 12:00:24 Location c:\windows\$hf_mig$\KB885835\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB885836\Filelist\1 17/01/2005 12:00:55 Location c:\windows\$hf_mig$\KB885836\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB886185\Filelist\1 17/01/2005 12:00:35 Location c:\windows\$hf_mig$\KB886185\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB887472\Filelist\1 10/02/2005 19:08:17 Location c:\windows\$hf_mig$\KB887472\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB887742\Filelist\2 24/02/2005 15:12:17 Location c:\windows\$hf_mig$\KB887742\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB888113\Filelist\2 10/02/2005 19:08:21 Location c:\windows\$hf_mig$\KB888113\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB888302\Filelist\1 10/02/2005 19:07:50 Location c:\windows\$hf_mig$\KB888302\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890047\Filelist\1 10/02/2005 19:07:57 Location c:\windows\$hf_mig$\KB890047\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890175\Filelist\1 17/01/2005 12:00:51 Location c:\windows\$hf_mig$\KB890175\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\10 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\11 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\12 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\13 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\14 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\15 14/04/2005 12:07:51 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\16 14/04/2005 12:07:52 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890859\Filelist\17 14/04/2005 12:07:52 Location c:\windows\$hf_mig$\KB890859\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\10 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\11 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\12 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\13 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\14 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\15 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\16 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\17 14/04/2005 12:08:05 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\18 14/04/2005 12:08:06 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB890923\Filelist\19 14/04/2005 12:08:06 Location c:\windows\$hf_mig$\KB890923\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB891781\Filelist\1 10/02/2005 19:08:13 Location c:\windows\$hf_mig$\KB891781\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB893066\Filelist\1 14/04/2005 12:08:10 Location c:\windows\$hf_mig$\KB893066\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP3\KB893086\Filelist\1 14/04/2005 12:07:58 Location c:\windows\$hf_mig$\KB893086\SP2QFE HKEY_LOCAL_MACHINE Software\Microsoft\Updates\Windows XP\SP2\KB811113 26/11/2004 16:15:29 UninstallCommand C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack 26/11/2004 16:11:02 UninstallString C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB834707 17/01/2005 12:00:43 UninstallString C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB867282 10/02/2005 19:08:09 UninstallString C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873333 10/02/2005 19:08:02 UninstallString C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB873339 17/01/2005 12:00:47 UninstallString C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885250 10/02/2005 19:08:24 UninstallString C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885835 17/01/2005 12:00:24 UninstallString C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885836 17/01/2005 12:00:55 UninstallString C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB885884 17/01/2005 12:00:31 UninstallString C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB886185 17/01/2005 12:00:35 UninstallString C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887472 10/02/2005 19:08:17 UninstallString C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB887742 24/02/2005 15:12:17 UninstallString C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888113 10/02/2005 19:08:21 UninstallString C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB888302 10/02/2005 19:07:51 UninstallString C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890047 10/02/2005 19:07:57 UninstallString C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB890175 17/01/2005 12:00:51 UninstallString C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\KB891781 10/02/2005 19:08:13 UninstallString C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe HKEY_LOCAL_MACHINE Software\Classes\CLSID\{302A3240-4805-4a34-97D7-1645A0B08410}\InprocServer32 04/05/2005 03:10:36 C:\WINDOWS\Bolger.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{00000049-8F91-4D9C-9573-F016E7626484}\InprocServer32 15/04/2005 10:42:47 C:\WINDOWS\ceres.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{92DAF5C1-2135-4E0C-B7A0-259ABFCD3904}\1.1\0\win32 08/04/2005 19:05:32 C:\WINDOWS\ceres.dll HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders 29/04/2005 10:14:22 Folder C:\WINDOWS\msdownld.tmp|?:\msdownld.tmp HKEY_LOCAL_MACHINE Software\Microsoft\Windows\Help 07/12/2004 19:12:21 mssskd5.hlp c:\windows\mssskd5.hlp HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\SeCEdit 26/11/2004 16:15:49 TemplateUsed C:\WINDOWS\SEC10F5.tmp HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_eb84b25e 26/11/2004 16:11:01 Codebase C:\WINDOWS\ServicePackFiles\i386/comctl.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_eb84b25e\Codebases\U_Service Pack 2 26/11/2004 16:11:01 URL C:\WINDOWS\ServicePackFiles\i386/comctl.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/controls.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/controls.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_bcc9a281 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_bcc9a281\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_0e037a8a 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_0e037a8a\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_cf59288d 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_cf59288d\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82 26/11/2004 16:10:59 Codebase C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\Codebases\U_Service Pack 2 26/11/2004 16:10:59 URL C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_5ff735e2 26/11/2004 16:10:59 Codebase C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_5ff735e2\Codebases\U_Service Pack 2 26/11/2004 16:10:59 URL C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9 26/11/2004 16:11:01 Codebase C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\Codebases\U_Service Pack 2 26/11/2004 16:11:01 URL C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_cf5111a1 26/11/2004 16:11:01 Codebase C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_cf5111a1\Codebases\U_Service Pack 2 26/11/2004 16:11:01 URL C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d 26/11/2004 16:11:00 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcres.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d\Codebases\U_Service Pack 2 26/11/2004 16:11:00 URL C:\WINDOWS\ServicePackFiles\i386/rtcres.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Setup 14/04/2005 12:08:10 ServicePackCachePath c:\windows\ServicePackFiles\ServicePackCache HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\WU 05/05/2005 18:29:07 CurrentCacheFile C:\WINDOWS\SoftwareDistribution\EventCache\{158EFCED-3714-40B9-9D13-3C2AE23DB186}.bin HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 31/05/2002 11:56:25 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_CURRENT_USER Software\Microsoft\Internet Explorer\Main 05/05/2005 16:55:36 Local Page C:\WINDOWS\system32\blank.htm HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Internet Explorer\Main 05/05/2005 16:55:36 Local Page C:\WINDOWS\system32\blank.htm HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe 26/11/2004 16:11:49 C:\WINDOWS\System32\cmmgr32.exe HKEY_LOCAL_MACHINE Software\Microsoft\Multimedia\WMPlayer\Groups\Video\DVD 26/11/2004 16:20:48 RequiredFile C:\WINDOWS\system32\enable.dvd HKEY_LOCAL_MACHINE Software\Classes\CLSID\{D1C347DF-20AE-11D2-B834-00A0C9054115}\InProcHandler32 21/02/2005 21:33:08 C:\WINDOWS\system32\GCHAND.DLL HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\SDNAWIMC 09/04/2005 22:34:48 DisplayIcon C:\WINDOWS\system32\SDNAWIMC.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\C:\Dex_0934\Dexters.exe 12/02/2005 19:14:04 D:\dexter\C:\Dex_0934\Dexters.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion 05/05/2005 18:28:27 SourcePath E:\I386 HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C3399C57A5B9D442A9E5D6616CD0AA8 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\local\SubChaseTorpedo\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC0E450210552A942826DB5C700B9503 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\local\TitleScreen\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A91590A60FE3EB24CAA2DB22F3B455E4 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\ChestCU\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27EA792799E59F648BAC354701CF0B40 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\Jellyfish\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5606BCC345CCCAC44A368FEEC939B5F5 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\Objectives\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4C7D271244CE0B9489EB13CBA3638CF5 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\ReplayScreen\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\166FA1F146D685E48A79A033FE74F1E5 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SignIn\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B73880579C5809A42B2CB3BCB8A7F0B1 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubChase1\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A0BEFA0EE87674980375D9A756E625 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubChase2\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFAA52851DA6B684FA40B1A010048B81 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubChase3\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF059CAB59D60ED45A73DEC33909D711 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubChaseHall\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E41D8D8717251A47BAEC53F08C64467 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubChaseTorpedo\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A1C4C72E766A2D49996FEC4E71E0562 08/12/2004 12:47:47 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\SubTorpedo\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\77276EAB034883B4F9161A5AD3CE3AF5 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\TestNode\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F840A25F24B43BA49A1E279E4C30E703 08/12/2004 12:47:46 C43462B38AFFC9A49A9C8EEEC9E4984D E:\nemo\resources\universal\Tutorial\ HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\zip 05/05/2005 18:31:33 b E:\telecharger\ALIDADMO.zip HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\zip 05/05/2005 18:31:33 b E:\telecharger\ALIDADMO.zip HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 b E:\telecharger\bpssr.exe HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 a E:\telecharger\bpssr.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 b E:\telecharger\bpssr.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 a E:\telecharger\bpssr.exe HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 f E:\telecharger\hijackthis.zip HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\zip 05/05/2005 18:31:33 h E:\telecharger\hijackthis.zip HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 f E:\telecharger\hijackthis.zip HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\zip 05/05/2005 18:31:33 h E:\telecharger\hijackthis.zip HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 d E:\telecharger\mohpa_mpdemo_2.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 d E:\telecharger\mohpa_mpdemo_2.exe HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 c E:\telecharger\setupfre.exe HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 j E:\telecharger\setupfre.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* 05/05/2005 18:31:33 c E:\telecharger\setupfre.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 j E:\telecharger\setupfre.exe HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 e E:\telecharger\wwiiol0001182.exe HKEY_USERS S-1-5-21-972506294-3563514748-4210259494-500\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe 26/04/2005 20:07:09 e E:\telecharger\wwiiol0001182.exe Logfile of HijackThis v1.99.1 Scan saved at 20:36:27, on 05/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe C:\PROGRA~1\MICROS~4\GAMECO~1\Common\SWTrayV4.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe c:\windows\system32\ymqtzua.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office10\Office10\WINWORD.EXE D:\utilitaires\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MICROS~4\GAMECO~1\Common\SWTrayV4.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [kjidqm] c:\windows\system32\ymqtzua.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{72A5F519-DA06-41C9-AF2D-3E547FA7014C}: NameServer = 80.118.196.36 80.118.192.100 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe Heureux celui qui comprend ces lignes de codes Chri12
  2. chri12
    Bonjour à tous, Voila mon problème : depuis quelques temps, avast me signale un virus de plus en plus fréquemment, je n'arrive pas à m'en débarrasser. il s'agit de : * Win32:Bolger [Adw] J'ai aussi depuis 10 jours des fenetres Aurora qui s'ouvrent tout le temps!! Au secours!! J'ai trouvé un ou deux trucs louches dans le log de hijackthis (comme O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe) mais comme je n'y connais rien du tout j'ai peur de supprimer quelque chose qu'il fallait pas...donc je vous demande de l'aide!! voici le log : Logfile of HijackThis v1.99.1 Scan saved at 10:51:28, on 05/05/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\Explorer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe C:\PROGRA~1\MICROS~4\GAMECO~1\Common\SWTrayV4.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\windows\system32\tdpmx.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe c:\windows\system32\zjbwfgj.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office10\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe E:\telecharger\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [sideWinderTrayV4] C:\PROGRA~1\MICROS~4\GAMECO~1\Common\SWTrayV4.exe O4 - HKLM\..\Run: [tdpmx] c:\windows\system32\tdpmx.exe /nocomm O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [etetce] c:\windows\system32\etetce.exe O4 - HKLM\..\Run: [sDNAWIMC] c:\windows\system32\sdnawimc.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [ipvolim] c:\windows\system32\zjbwfgj.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office10\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU) O17 - HKLM\System\CCS\Services\Tcpip\..\{72A5F519-DA06-41C9-AF2D-3E547FA7014C}: NameServer = 80.118.192.100 80.118.196.36 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe J'espère que vous pourrez m'aider!!! merci beaucoup d'avance!! Chri12
×
×
  • Créer...