pounette
-
Compteur de contenus
38 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par pounette
-
j'ai aussi oublier pas de probleme pour donner votre site a tous les sales gosses qui viennent avec ma fille me poluer mon ordi cela leur evitera de faire de multiple reformatage de leur systeme @+ dominique
-
merci encore pour tous ces conseils je pense mis mettre des demain apres lecture des tutoriaux des differents elements a installer si besoin je sais ou vous trouver merci
-
et me revoilà les dernières nouvelles tout va super bien l'ordi tourne sans problème beaucoup plus vite plus aucune pages internet intempestives et plus d'alerte virale de norton je dois un très grand merci a Ipl ainsi qu'a toutes les autres personnes de ce site qui donnent leur temps et mettent leurs compétences au services des autres beaucoup moins doués qu'eux dans ce domaine. ils existe encore des gens remarquables et il me semble bien de leur faire savoir merci mille fois cette aventure m’a servie de leçon et je pense sérieusement a renforcer la défense de mon ordi je pense prendre zone alarme comme par feu a la place du par feu window si tu as d’autres conseils a me donner dans le domaine tu peux faire passer si le sujet de base te semble clos je peux refaire une nouvelle annonce @+ Pounette
-
recoucou pas encore la nuit mais vu le temps dehors j'ai allumée la lumiere bon cette fois j'ai fais le final du grand menage j'ai tout viré avec easycleaner les fichiers inutiles (sauf 2 qu'il a pas voulu jeter a la corbeille il m'a mis un message comme quoi ils etaient en cours d'utilisation) dans le registre il y aplus rien et j'ai viré aussi Netmon.exe.anc j'ai remis l'option des dossiers comme avant et j'ai enlever l'option desactivé la restauration systeme pour la restauration est il possible de virer les anciens points de restauration et d'en faire un de suite puisque l'ordi est tout propre? nouvelle analyse en mode normal Logfile of HijackThis v1.99.1 Scan saved at 16:58:24, on 14/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton Internet Security\SymProxySvc.exe C:\Program Files\Norton Internet Security\NISSERV.EXE C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Norton Internet Security\IAMAPP.EXE C:\PROGRA~1\NORTON~1\navapw32.exe C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe C:\PROGRA~1\PHILIP~1\VProperty.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\WINDOWS\system32\wuauclt.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe @+ a bientot
-
bonjour en esperant que le soleil se leve aussi pour repondre a tes questions precedantes oui il y a bien sur une erreur de recopie c'est un N a la place du M le dossier "msnmsgr.exe.BAK corbeille fichier BAK 30/03/05" etait dans la poubele apres restauration il est dans c:\program Files\MSN Messenger 30.03.05 j'en fais quoi ? @+
-
recoucou juste un petit mot avant d'aller manger j'ai remplacé java pas de probleme message pour verifier installation We detected your java environement as follows et que devient celui de microSoft ? il faut le virer ou pas? j'ai pas trouvé la clé que tu me demandais pas dans la liste j'ai pas trouvé mnsg3insller.exe ni ntd6mon.exe par contre j'ai trouvé enfin 3 fichiers msnmsgr.exe msnmsgr.exe.BAK corbeille fichier BAK 30/03/05 msnmsgr.exe c:\progam Files\MSMMessenger Application 27.04.05 MSNMSGR.EXE-366A1A81 c:\window\prefetch fichier PF 12.08.05 sinon pour le registre sur easycleaner oui j'ai bien fait en premier bouton inutiles et j'ai viré tout a la poubelle puis apres bouton registre et la il m'a affiché la liste d'enfer que je t'ai fais suivre plus tot avec un point vert devant chaque ligne et la panique et j'ai rien supprimé je n'ai pas encore supprimer le dossier netmon.exe.anc j'attends encore et je jure de ne pas supprimer lsass.exe promis @+ avec la nuit
-
coucou et bonjour a tous tu n'as pas a t'excuser tu fais quand tu as le temps c'est deja bien entre l'aeroport et la visite chez le veto me voila une petite demi heure pour repondre et faire qq manipes sur ordi je suis ravi moi aussi que le rapport de mon analyse te plaise moi j'y comprends toujours rien mais tout ce que je vois c'est que c'est beaucoup beaucoup mieux merci encore pour les details pour easycleaner j'ai lancé supprimer les fichiers inutiles et je les ai mis dans la corbeille ils y sont toujours apres j'ai cliqué sur registre mais j'ai pas osé jeter tout si tu veux je mets la copie du rapport pour te faire une idée ( peut etre que j'ai pas parametrer comme il faut easycleaner j'ai rien touché dans les options) pour le ver sasser j'ai peut etre pas bien lu c'est toi je pense qui a raison mais ne t'inquiete pas je ne jette rien sans demander (je suis une collectionneuse) cela va peut etre te faire tomber de ton siege alors accroche toi bien rapport easycleaner base de registre Racine Clé de Registre Modifié Valeur de chaîne Fichiers/réf. chemin HKEY_LOCAL_MACHINE Software\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\Contains\Files 15/07/2004 22:16:43 C:\WINDOWS\System32\iuctl.dll HKEY_CURRENT_USER Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers 02/02/2003 15:12:14 C:\PROGRAMF\ATCCE1\ATOUTCLI\CE1.EXE 256COLOR HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers 02/02/2003 15:12:14 C:\PROGRAMF\ATCCE1\ATOUTCLI\CE1.EXE 256COLOR HKEY_LOCAL_MACHINE Software\Microsoft\COM3\Setup 23/01/2001 10:32:18 Source Path C:\$WIN_NT$.~LS HKEY_LOCAL_MACHINE Software\Microsoft\MSDTC\Setup 07/08/2005 20:22:00 Source Path C:\$WIN_NT$.~LS HKEY_LOCAL_MACHINE Software\Microsoft\Transaction Server\Setup(OCM) 23/01/2001 10:32:18 Source Path C:\$WIN_NT$.~LS HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths 14/04/2003 13:12:28 dodo C:\Administrateur HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\psd 02/02/2003 10:27:33 d C:\Alain_et_Dominique\Dodo\App0001.psd HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\psd 02/02/2003 10:27:33 d C:\Alain_et_Dominique\Dodo\App0001.psd HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\ini 13/10/2002 15:35:10 a C:\Alain_et_Dominique\Dodo\best\jeux.ini HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\ini 13/10/2002 15:35:10 a C:\Alain_et_Dominique\Dodo\best\jeux.ini HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\eml 03/06/2003 16:32:33 a C:\Alain_et_Dominique\Dodo\FW__MISTER_FRANCE_2003[1].msg.eml HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\eml 03/06/2003 16:32:33 a C:\Alain_et_Dominique\Dodo\FW__MISTER_FRANCE_2003[1].msg.eml HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\xls 10/12/2003 10:24:12 e C:\Alain_et_Dominique\Dodo\JUILLET.xls HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\xls 10/12/2003 10:24:12 e C:\Alain_et_Dominique\Dodo\JUILLET.xls HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\Web 11/05/2002 19:46:19 a C:\Alain_et_Dominique\Dodo\Local.Web HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\Web 11/05/2002 19:46:19 a C:\Alain_et_Dominique\Dodo\Local.Web HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\txt 15/05/2003 16:51:18 a C:\Alain_et_Dominique\VolumeC.txt HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\txt 15/05/2003 16:51:18 a C:\Alain_et_Dominique\VolumeC.txt HKEY_CURRENT_USER Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\txt 15/05/2003 16:51:18 b C:\Alain_et_Dominique\VolumeD.txt HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\txt 15/05/2003 16:51:18 b C:\Alain_et_Dominique\VolumeD.txt HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 5.0 14/04/2002 09:33:04 InstallSource c:\APPL.ZIP\Acrobat5.0\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 5.0 14/04/2002 09:33:04 ModifyPath c:\APPL.ZIP\Acrobat5.0\Setup.exe HKEY_LOCAL_MACHINE Software\Microsoft\Microsoft Interactive Training 14/04/2002 09:33:04 MediaPath c:\APPL.ZIP\content\ HKEY_LOCAL_MACHINE Software\COMPAQ\Internet\CPQINET\CCH 14/04/2002 09:33:04 Path C:\Compaq\CPQINET\CCH.EXE HKEY_LOCAL_MACHINE Software\Classes\Installer\Products\9EC9653600AFC964FAC55E4D9DA3FC19\SourceList\Net 07/08/2005 20:50:14 1 C:\DOCUME~1\alain\LOCALS~1\Temp\IXP000.TMP\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC9653600AFC964FAC55E4D9DA3FC19\InstallProperties 07/08/2005 20:50:14 InstallSource C:\DOCUME~1\alain\LOCALS~1\Temp\IXP000.TMP\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} 07/08/2005 20:50:14 InstallSource C:\DOCUME~1\alain\LOCALS~1\Temp\IXP000.TMP\ HKEY_CURRENT_USER Software\Sapphire Games\BrainTwister\2.0 01/09/2002 13:31:52 SourcePath C:\DOCUME~1\alain\LOCALS~1\Temp\IXP001.TMP\ HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Sapphire Games\BrainTwister\2.0 01/09/2002 13:31:52 SourcePath C:\DOCUME~1\alain\LOCALS~1\Temp\IXP001.TMP\ HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\MSIEFTP 01/11/2002 09:42:41 InstallINFFile C:\DOCUME~1\alain\LOCALS~1\Temp\RGI27.tmp HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\IEContentAdvisor.Assoc 01/11/2002 09:42:28 InstallINFFile C:\DOCUME~1\alain\LOCALS~1\Temp\RGIF.tmp HKEY_CURRENT_USER Software\Microsoft\FrontPage 12/05/2005 15:39:52 WecErrorLog C:\DOCUME~1\alain\LOCALS~1\Temp\wecerr.txt HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\FrontPage 12/05/2005 15:39:52 WecErrorLog C:\DOCUME~1\alain\LOCALS~1\Temp\wecerr.txt HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{E45852AF-F53E-40C5-946B-58EB0B174258}\1.0\HELPDIR 17/09/2004 17:33:12 C:\DOCUME~1\alain\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{E45852AF-F53E-40C5-946B-58EB0B174258}\1.0\0\win32 17/09/2004 17:33:12 C:\DOCUME~1\alain\LOCALS~1\Temp\Word8.0\ShockwaveFlashObjects.exd HKEY_LOCAL_MACHINE Software\Classes\Installer\Products\C78D6251559ABAF4FB8196B74A753E25\SourceList\Net 01/12/2004 11:12:16 1 C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EX1333~1\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C78D6251559ABAF4FB8196B74A753E25\InstallProperties 01/12/2004 11:12:16 InstallSource C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EX1333~1\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\{1526D87C-A955-4FAB-BF18-697BA457E352} 01/12/2004 11:12:16 InstallSource C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EX1333~1\ HKEY_LOCAL_MACHINE Software\Classes\Installer\Products\45E1A0ACF0EC66340BC98AB716CD6533\SourceList\Net 27/04/2005 17:04:18 1 C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.4_E\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45E1A0ACF0EC66340BC98AB716CD6533\InstallProperties 27/04/2005 17:04:18 InstallSource C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.4_E\ HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA0A1E54-CE0F-4366-B09C-A87B61DC5633} 27/04/2005 17:04:18 InstallSource C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.4_E\ HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9869EFA6-18E9-11D3-A837-00104B9E30B5}\1.0\0\win32 07/04/2004 13:54:52 C:\DOCUME~1\lola\LOCALS~1\Temp\CmdLineExt03.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5}\InprocServer32 22/02/2005 22:20:59 C:\DOCUME~1\lola\LOCALS~1\Temp\CMDLIN~1.DLL HKEY_LOCAL_MACHINE Software\Classes\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}\InprocServer32 02/02/2004 18:32:51 C:\DOCUME~1\lola\LOCALS~1\Temp\InfoWindow.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{7AF322C5-AB43-11D4-A00B-0050DA18DE71}\1.0\0\win32 02/02/2004 18:32:51 C:\DOCUME~1\lola\LOCALS~1\Temp\InfoWindow.dll HKEY_LOCAL_MACHINE Software\Classes\Installer\Products\C838BEBA7A1AD5C47B1EB83441068031\SourceList\Net 09/06/2005 18:00:04 1 C:\DOCUME~1\lola\LOCALS~1\Temp\IXP000.TMP\ HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\IE6SETUP 12/09/2003 17:53:51 InstallINFFile C:\DOCUME~1\lola\LOCALS~1\Temp\IXP000.TMP\IESetup.inf HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{C4F70752-E7D0-46DC-8265-9E8D62737EBE}\1.0\HELPDIR 07/04/2004 12:09:40 C:\DOCUME~1\lola\LOCALS~1\Temp\PPT10.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{C4F70752-E7D0-46DC-8265-9E8D62737EBE}\1.0\0\win32 07/04/2004 12:09:40 C:\DOCUME~1\lola\LOCALS~1\Temp\PPT10.0\ShockwaveFlashObjects.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{3002964C-15AF-41CB-8A50-F46C1E7F16F0}\2.0\HELPDIR 17/12/2002 22:03:05 C:\DOCUME~1\lola\LOCALS~1\Temp\PPT8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{3002964C-15AF-41CB-8A50-F46C1E7F16F0}\2.0\0\win32 17/12/2002 22:03:05 C:\DOCUME~1\lola\LOCALS~1\Temp\PPT8.0\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{F99490F5-76A7-44DA-B3F9-A0BC7FB8DDD4}\2.0\HELPDIR 07/04/2004 12:09:40 C:\DOCUME~1\lola\LOCALS~1\Temp\VBE HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{F99490F5-76A7-44DA-B3F9-A0BC7FB8DDD4}\2.0\0\win32 07/04/2004 12:09:40 C:\DOCUME~1\lola\LOCALS~1\Temp\VBE\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{0C04F8A2-BBBD-4D14-9FB9-063DD3E7AB40}\2.0\HELPDIR 04/07/2002 20:53:54 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{277B2C26-A747-4EEC-A853-36EEA869BE9D}\1.0\HELPDIR 07/09/2002 18:19:10 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{3ECE4D47-8C0A-4A51-AEBB-E1649BD99ECE}\1.0\HELPDIR 08/05/2004 12:14:11 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{46467815-489C-4CC8-81B3-D256631DCE76}\2.0\HELPDIR 24/10/2002 15:34:47 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{82559818-B640-4C55-AC0A-83C1D6EAA910}\2.0\HELPDIR 10/04/2004 09:05:09 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9F153AE2-66B1-4DB9-AA17-777ECE882700}\1.0\HELPDIR 24/11/2002 08:31:44 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0 HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{277B2C26-A747-4EEC-A853-36EEA869BE9D}\1.0\0\win32 07/09/2002 18:19:10 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\MARQUEELib.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{9F153AE2-66B1-4DB9-AA17-777ECE882700}\1.0\0\win32 24/11/2002 08:31:44 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\MARQUEELib.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{0C04F8A2-BBBD-4D14-9FB9-063DD3E7AB40}\2.0\0\win32 04/07/2002 20:53:54 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{46467815-489C-4CC8-81B3-D256631DCE76}\2.0\0\win32 24/10/2002 15:34:47 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{82559818-B640-4C55-AC0A-83C1D6EAA910}\2.0\0\win32 10/04/2004 09:05:09 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\MSForms.exd HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{3ECE4D47-8C0A-4A51-AEBB-E1649BD99ECE}\1.0\0\win32 08/05/2004 12:14:11 C:\DOCUME~1\lola\LOCALS~1\Temp\Word8.0\ShockwaveFlashObjects.exd HKEY_LOCAL_MACHINE Software\Classes\CLSID\{6EB75D93-1F08-213E-3DC5-8714BFEDFE8}\{4093CC05-E32F-73E7-8350-BF053133D0A} 09/08/2005 19:28:20 WRL7XEF5Z4WVV6V2NY8FI3NU c:\docume~R\BEB0\locals~R\t4CF\JCFXWXQ.4N4 HKEY_LOCAL_MACHINE Software\Classes\CLSID\{29EBC4A0-A5C2-11D0-9374-00A0C90D0410}\LocalServer32 02/06/2002 15:47:56 C:\FICHIE~1\Corel\PRINTH~1\photohse.exe HKEY_LOCAL_MACHINE Software\Classes\CLSID\{C0E10005-0200-0900-C0E1-C0E1C0E1C0E1}\InprocServer32 02/06/2002 15:27:17 C:\FICHIE~1\Corel\PRINTH~1\wt9li.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{C0E10005-0300-0900-C0E1-C0E1C0E1C0E1}\InprocServer32 02/06/2002 15:27:17 C:\FICHIE~1\Corel\PRINTH~1\wt9li.dll HKEY_LOCAL_MACHINE Software\Ahead\Nero - Burning Rom\Settings 27/02/2005 16:31:43 NeroCompilation C:\Lola HKEY_LOCAL_MACHINE Software\Ahead\Nero - Burning Rom\Settings 27/02/2005 16:31:43 ImageDir C:\Lola HKEY_LOCAL_MACHINE Software\Ahead\Nero - Burning Rom\Settings 27/02/2005 16:31:43 LogFile C:\Lola HKEY_LOCAL_MACHINE Software\Ahead\Nero Toolkit\CD Speed\Save 20/07/2003 20:50:32 Folder C:\Lola HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths 14/04/2003 13:12:28 lola C:\Lola HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\Foxmail_is1 21/04/2004 18:50:33 Inno Setup: App Path C:\Lola\ HKEY_LOCAL_MACHINE Software\Aerofox\Foxmail 21/04/2004 18:51:38 Executable C:\Lola\Foxmail.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\C:\CBuilder6\Projects\Neodivx10\Neodivx\Neodivx.exe 20/07/2003 20:39:49 c:\neodivx93\C:\CBuilder6\Projects\Neodivx10\Neodivx\Neodivx.exe HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B5502CC6-85A0-4A11-AB3B-036B1FDA2B9B}\1.0\HELPDIR 16/11/2003 20:44:44 C:\Paltalk\ HKEY_LOCAL_MACHINE Software\Classes\CLSID\{3319EDAE-A738-4CC4-A039-0ECA23C1981E}\InprocServer32 16/11/2003 20:44:44 C:\Paltalk\pticon1.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{4D26F18F-5543-4DDC-B0B7-3E4B12199A8E}\InprocServer32 16/11/2003 20:44:44 C:\Paltalk\pticon1.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{4EB5AB56-1A53-45DE-9756-E6A0D46B2698}\InprocServer32 16/11/2003 20:44:44 C:\Paltalk\pticon1.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{A125D8B5-891E-4877-ADD4-A73D27C2DE89}\InprocServer32 16/11/2003 20:44:44 C:\Paltalk\pticon1.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B5502CC6-85A0-4A11-AB3B-036B1FDA2B9B}\1.0\0\win32 16/11/2003 20:44:44 C:\Paltalk\pticon1.dll HKEY_LOCAL_MACHINE Software\Classes\Software\Pegasus Mail\Command 20/11/2002 12:00:41 C:\PMAIL\WINPMAIL.EXE HKEY_LOCAL_MACHINE Software\Clients\Mail\Pegasus Mail\Shell\open\command 20/11/2002 11:30:35 C:\PMAIL\WINPMAIL.EXE HKEY_LOCAL_MACHINE Software\Classes\CLSID\{FCEF3C38-F274-11D3-ADEB-0090270D827A}\InprocServer32 22/01/2003 19:28:58 C:\PROGRA~1\ICQ\ICQChnl.ocx HKEY_LOCAL_MACHINE Software\Classes\CLSID\{FCEF3C39-F274-11D3-ADEB-0090270D827A}\InprocServer32 22/01/2003 19:28:58 C:\PROGRA~1\ICQ\ICQChnl.ocx HKEY_LOCAL_MACHINE Software\Classes\CLSID\{9F9012BA-E55B-11D3-ADE7-0090270D8F00}\InprocServer32 22/01/2003 19:28:59 C:\PROGRA~1\ICQ\ICQHTT~1.OCX HKEY_LOCAL_MACHINE Software\Classes\CLSID\{42D0B57E-5EF6-4DC0-BC75-8A5DD85AD84B}\InprocServer32 22/01/2003 19:29:05 C:\PROGRA~1\ICQ\ICQSWA~1.OCX HKEY_LOCAL_MACHINE Software\Classes\CLSID\{D26BB11A-2890-11D3-AF1A-0090270D8D35}\InProcServer32 22/01/2003 19:29:02 C:\PROGRA~1\ICQ\STREAM~1.DLL HKEY_LOCAL_MACHINE Software\Classes\CLSID\{2524A5A2-6DE6-433B-A067-33AAA8CF1587}\LocalServer32 24/09/2003 17:52:33 C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe HKEY_LOCAL_MACHINE Software\Classes\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}\InprocServer32 01/07/2003 11:51:51 C:\PROGRA~1\MESSEN~1\rtcimsp.dll HKEY_LOCAL_MACHINE Software\Vid_0471\ToUcam\VLounge\EManual 16/07/2004 19:55:53 PathName C:\PROGRA~1\PHILIP~1\eManual\Index.htm HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 PDFManual C:\PROGRA~1\PHILIP~1\Manual\Francais\Manual.pdf HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 PDFManual C:\PROGRA~1\PHILIP~1\Manual\Francais\Manual.pdf HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 PDFManual C:\PROGRA~1\PHILIP~1\Manual\Francais\Manual.pdf HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 PDFManual C:\PROGRA~1\PHILIP~1\Manual\Francais\Manual.pdf HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 ManualFile C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\index.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 ManualFile C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\index.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 ManualFile C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\index.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 PropPageHelpImg C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05a.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 PropPageHelpImg C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05a.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 PropPageHelpImg C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05a.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 PropPageHelpCam C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05b.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 PropPageHelpCam C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05b.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 PropPageHelpCam C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05b.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 PropPageHelpAud C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05c.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 PropPageHelpAud C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05c.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 PropPageHelpAud C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index05c.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0310 16/07/2004 19:59:19 TWAINHelp C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index06.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0311 16/07/2004 19:59:19 TwainHelp C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index06.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0313 16/07/2004 19:59:19 TWAINHelp C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc720_730_740k\Index06.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 ManualFile C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc750k\index.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 PropPageHelpImg C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc750k\Index05a.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 PropPageHelpCam C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc750k\Index05b.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 PropPageHelpAud C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc750k\Index05c.html HKEY_LOCAL_MACHINE Software\Vid_0471\Pid_0312 16/07/2004 19:59:19 TWAINHelp C:\PROGRA~1\PHILIP~1\Manual\Francais\Win\Pcvc750k\Index06.html HKEY_CURRENT_USER Software\DivXNetworks\DivX4Windows 08/10/2003 20:30:44 Log File Name C:\PROGRA~1\RIPPAC~1\Data\divx.LOG HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\DivXNetworks\DivX4Windows 08/10/2003 20:30:44 Log File Name C:\PROGRA~1\RIPPAC~1\Data\divx.LOG HKEY_CURRENT_USER Software\Gabest\vsfilter\DefTextPathes 23/01/2004 16:41:39 Path1 c:\subtitles HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Gabest\vsfilter\DefTextPathes 23/01/2004 16:41:39 Path1 c:\subtitles HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Uninstall\Corel Applications 02/06/2002 15:27:16 UninstallString C:\WINDOWS\Corel\Uninst32.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\D:\InstallShield\Kazaa\kazaa.exe 05/01/2003 11:31:52 C:\WINDOWS\D:\InstallShield\Kazaa\kazaa.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Run 11/08/2005 19:17:04 System service62 C:\WINDOWS\etb\pokapoka63.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Run 11/08/2005 19:17:04 System service63 C:\WINDOWS\etb\pokapoka63.exe HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Setup\SetupX\INF\OEM Name 14/04/2002 09:33:04 Software\Microsoft\Windows\CurrentVersion\Setup\SetupX\INF\OEM Name C:\WINDOWS\INF\OTHER\Smwdm.inf HKEY_LOCAL_MACHINE Software\Microsoft\Java VM 09/08/2005 16:46:50 LibsDirectory C:\WINDOWS\java\lib HKEY_LOCAL_MACHINE Software\L&H\TTS\data 17/10/2002 18:41:27 American English$V4.01 C:\WINDOWS\LHSP\DATAFILE\ENG_USA2.C22 HKEY_LOCAL_MACHINE Software\L&H\TTS\Engines 17/10/2002 18:41:27 American English$V4.01 C:\WINDOWS\LHSP\LANGUAGE\ENG_U232.DLL HKEY_LOCAL_MACHINE Software\L&H\TTS\help 17/10/2002 18:41:27 American English$V4.00 C:\WINDOWS\LHSP\LANGUAGE\ENG_U232.DLL HKEY_LOCAL_MACHINE Software\L&H\TTS\system 17/10/2002 18:41:27 TTS Manager$V4.00 C:\WINDOWS\LHSP\TTSMGR32.DLL HKEY_LOCAL_MACHINE Software\L&H\Common 17/10/2002 18:41:27 Visual Edition Kit C:\WINDOWS\LHSP\VEKCTL32.DLL HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\IE5BAK 01/11/2002 09:33:49 InstallINFFile C:\WINDOWS\msdownld.tmp\AS0C64AB.tmp\iew2kuni.inf HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\IEEX 01/11/2002 09:33:53 InstallINFFile C:\WINDOWS\msdownld.tmp\AS0E1C7C.tmp\IEEX\ieexinst.inf HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\OutlookExpress 01/11/2002 09:34:16 InstallINFFile C:\WINDOWS\msdownld.tmp\AS0E2E7E.tmp\oeexcep.inf HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\IEREADME 01/11/2002 09:36:34 InstallINFFile C:\WINDOWS\msdownld.tmp\AS109685.tmp\iereadme.inf HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\Active Setup Temp Folders 21/10/2002 19:29:33 Folder C:\WINDOWS\msdownld.tmp|?:\msdownld.tmp HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\ORUN32.EXE 14/04/2002 09:33:04 C:\WINDOWS\ORUN32.EXE HKEY_LOCAL_MACHINE Software\Microsoft\Windows NT\CurrentVersion\SeCEdit 07/08/2005 20:15:50 TemplateUsed C:\WINDOWS\SECFBA.tmp HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_eb84b25e 07/08/2005 20:07:26 Codebase C:\WINDOWS\ServicePackFiles\i386/comctl.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_eb84b25e\Codebases\U_Service Pack 2 07/08/2005 20:07:26 URL C:\WINDOWS\ServicePackFiles\i386/comctl.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9 07/08/2005 20:07:26 Codebase C:\WINDOWS\ServicePackFiles\i386/controls.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\Codebases\U_Service Pack 2 07/08/2005 20:07:26 URL C:\WINDOWS\ServicePackFiles\i386/controls.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_bcc9a281 07/08/2005 20:07:24 Codebase C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_bcc9a281\Codebases\U_Service Pack 2 07/08/2005 20:07:24 URL C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_0e037a8a 07/08/2005 20:07:24 Codebase C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.1.Microsoft.Windows.SystemCompatible_6595b64144ccf1df_5.1.2600.2000_x-ww_0e037a8a\Codebases\U_Service Pack 2 07/08/2005 20:07:24 URL C:\WINDOWS\ServicePackFiles\i386/default.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7 07/08/2005 20:07:25 Codebase C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\Codebases\U_Service Pack 2 07/08/2005 20:07:25 URL C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_cf59288d 07/08/2005 20:07:26 Codebase C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_cf59288d\Codebases\U_Service Pack 2 07/08/2005 20:07:26 URL C:\WINDOWS\ServicePackFiles\i386/dxmrtp.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82 07/08/2005 20:07:24 Codebase C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\Codebases\U_Service Pack 2 07/08/2005 20:07:24 URL C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_5ff735e2 07/08/2005 20:07:24 Codebase C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.1.0.Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_5ff735e2\Codebases\U_Service Pack 2 07/08/2005 20:07:24 URL C:\WINDOWS\ServicePackFiles\i386/gdiplus.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9 07/08/2005 20:07:27 Codebase C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\Codebases\U_Service Pack 2 07/08/2005 20:07:27 URL C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_cf5111a1 07/08/2005 20:07:27 Codebase C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_cf5111a1\Codebases\U_Service Pack 2 07/08/2005 20:07:27 URL C:\WINDOWS\ServicePackFiles\i386/mswincrt.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95 07/08/2005 20:07:25 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\Codebases\U_Service Pack 2 07/08/2005 20:07:25 URL C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b 07/08/2005 20:07:26 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.5.2.Microsoft.Windows.Networking.Rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_5f924d7b\Codebases\U_Service Pack 2 07/08/2005 20:07:26 URL C:\WINDOWS\ServicePackFiles\i386/rtcdll.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d 07/08/2005 20:07:25 Codebase C:\WINDOWS\ServicePackFiles\i386/rtcres.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3d\Codebases\U_Service Pack 2 07/08/2005 20:07:25 URL C:\WINDOWS\ServicePackFiles\i386/rtcres.man HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Setup 09/08/2005 16:43:45 ServicePackCachePath c:\windows\ServicePackFiles\ServicePackCache HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_LOCAL_MACHINE Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{D0BA83B0-DB49-11D2-B886-00C04F866F52} 23/01/2001 10:33:23 Dll C:\WINDOWS\System32\asfsipc.dll HKEY_CURRENT_USER Software\Microsoft\Internet Explorer\Main 11/08/2005 20:08:04 Local Page C:\WINDOWS\system32\blank.htm HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Internet Explorer\Main 11/08/2005 20:08:04 Local Page C:\WINDOWS\system32\blank.htm HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe 07/08/2005 20:10:29 C:\WINDOWS\System32\cmmgr32.exe HKEY_LOCAL_MACHINE Software\Classes\CLSID\{6E28339B-7A2A-47B6-AEB2-46BA53782379}\InprocServer32 14/07/2005 13:21:50 C:\WINDOWS\System32\dllcache\msxml32.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{A2D5957F-6D1A-44CE-BFBA-D448EAAB8781}\1.0\0\win32 14/07/2005 13:21:50 C:\WINDOWS\System32\dllcache\msxml32.dll HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Run 11/08/2005 19:17:04 checkrun C:\windows\system32\elitejgf32.exe HKEY_LOCAL_MACHINE Software\Microsoft\Multimedia\WMPlayer\Groups\Video\DVD 07/08/2005 20:21:53 RequiredFile C:\WINDOWS\system32\enable.dvd HKEY_LOCAL_MACHINE Software\Classes\Software\RealNetworks\RealPlayer\6.0\Preferences\SystemCookiesPath 19/07/2004 16:59:28 C:\WINDOWS\System32\syscookies.txt HKEY_LOCAL_MACHINE Software\Classes\CLSID\{CC2C83A6-9BE4-11D0-98E7-00C04FC2CAF5}\InprocServer32 23/01/2001 11:03:22 SystemDB C:\WINDOWS\System32\system.mdw HKEY_LOCAL_MACHINE Software\Microsoft\Windows Media Device Manager 27/06/2003 23:10:34 Log.Filename C:\WINDOWS\System32\Wmdm.log HKEY_LOCAL_MACHINE Software\Microsoft\Windows\CurrentVersion\Setup\SetupX\Catalogs 14/04/2002 09:33:04 C:\WINDOWS\INF\OTHER\Smwdm.inf C:\WINDOWS\System\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Smwdm.cat HKEY_CURRENT_USER Software\K-Dat 12/09/2003 16:02:04 Temp C:\WINDOWS\temp\k-dat\ HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\K-Dat 12/09/2003 16:02:04 Temp C:\WINDOWS\temp\k-dat\ HKEY_LOCAL_MACHINE Software\Microsoft\Advanced INF Setup\ZzZzZzZz 23/09/2002 16:41:53 InstallCabFile C:\WINDOWS\TEMP\~dxmcab~\strmanim.cab HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B162D478-EF46-4475-B1FE-216BDEDB7FAD}\1.0\HELPDIR 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\ HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B7E20302-C22C-4AF2-9D75-C3EB6EEE9DD8}\1.0\HELPDIR 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\ HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\HELPDIR 11/10/2004 18:19:58 C:\WINDOWS\wt\webdriver\4.1.1\ HKEY_LOCAL_MACHINE Software\Classes\CLSID\{7F23E6E5-0E79-4aee-B723-B1463805D5A9}\InprocServer32 11/10/2004 18:20:00 C:\WINDOWS\wt\webdriver\4.1.1\sound.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{B9BA256A-075B-49ea-B9E2-7DBC2EF021D5}\InprocServer32 11/10/2004 18:20:00 C:\WINDOWS\wt\webdriver\4.1.1\sound.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 11/10/2004 18:19:58 C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\0\win32 11/10/2004 18:19:58 C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A}\InprocServer32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B7E20302-C22C-4AF2-9D75-C3EB6EEE9DD8}\1.0\0\win32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{0c097121-c5d6-47eb-841d-30bff71a71c4}\InprocServer32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll HKEY_LOCAL_MACHINE Software\Classes\TypeLib\{B162D478-EF46-4475-B1FE-216BDEDB7FAD}\1.0\0\win32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll HKEY_LOCAL_MACHINE Software\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63}\InprocServer32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax HKEY_LOCAL_MACHINE Software\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63}\InprocServer32 11/10/2004 18:19:59 C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax HKEY_LOCAL_MACHINE Software\Microsoft\IMAPI\StashInfo 16/06/2003 05:47:13 StashPath D:\StashIMAPI.bin HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\windows\system32\elitejgf32.exe elitejgf32 HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\windows\system32\elitejgf32.exe elitejgf32 HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\APPLIC~1\PlusPeak\idarwcbg.exe idarwcbg HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\APPLIC~1\PlusPeak\idarwcbg.exe idarwcbg HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\Set2.tmp InstallShield ® Setup Launcher HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\Set3.tmp InstallShield ® Setup Launcher HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\Set2.tmp InstallShield ® Setup Launcher HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\Set3.tmp InstallShield ® Setup Launcher HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\is-CMHF5.tmp\is-K8C46.tmp is-K8C46 HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\is-CMHF5.tmp\is-K8C46.tmp is-K8C46 HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\kcmri.exe kcmri HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\kcmri.exe kcmri HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\ALLUSE~1\APPLIC~1\TYPEFI~1\KEEPIN~1.EXE KEEPIN~1 HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\ALLUSE~1\APPLIC~1\TYPEFI~1\KEEPIN~1.EXE KEEPIN~1 HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\logon.exe logon HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\logon.exe logon HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\etb\pokapoka62.exe pokapoka62 HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\etb\pokapoka62.exe pokapoka62 HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\etb\pokapoka63.exe pokapoka63 HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\WINDOWS\etb\pokapoka63.exe pokapoka63 HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\APPLIC~1\PlusPeak\rrnmyqxq.exe rrnmyqxq HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\APPLIC~1\PlusPeak\rrnmyqxq.exe rrnmyqxq HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\_iu14D2N.tmp Uninstaller HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\DOCUME~1\alain\LOCALS~1\Temp\_iu14D2N.tmp Uninstaller HKEY_CURRENT_USER Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\PROGRA~1\SOUTHP~1\SCOOBY~1\UNWISE.EXE UNWISE HKEY_USERS S-1-5-21-3369531988-3233852318-2805738209-1009\Software\Microsoft\Windows\ShellNoRoam\MUICache 11/08/2005 19:59:02 C:\PROGRA~1\SOUTHP~1\SCOOBY~1\UNWISE.EXE UNWISE en attendant je vais aller faire ce que tu m'as dit plus haut a plus tard dans la soirée je pense @+ bon courage
-
et me revoila de nouveau je fais suivre ma derniere analyse en mode sans echec (pour y acceder avec la touche F8 j'ai du debrancher tous les ports USB de l'ordi sauf celui du clavier) confirmée j'ai desactivée le service Net Fonctions Monotoring en demarrage dois-je le remettre comme avant ou le laisser comme cela (entre nous il sert a quoi) je pense aussi qu'il y a d'autres programmes au demarrage qui ne sont pas tres utiles tu pourras me dire par la suite lesquels je peux desactiver sinon je n'ai toujours pas trouver les programmes pour lesquels tu me demandes les dates des dernieres mises a jour( donne moi un peu plus de precisions pour les trouver je suis pas tres douée) j'ai supprimée (encore dans la corbeille) tous les dossiers inutiles avec easycleaner mais es tu sur que je peux vraiment suprimer tout ce qui se trouve sur nettoyage du registre la liste est vraiment tres longue (42 pages de HKEY) j'ai toujours tres peur de jeter (comme tu as pu le voir apres premiere analyse j'aime bien stocker) sinon au niveau de l'ordi petit bilan il tourne vachement mieux beaucoup plus rapide au demarrage plus de pages internet qui arrivent toutes seules, plus d'icones non plus sur le bureau( faudra voir dans qq jours ) plus cette fenetre qui s'affichait dès la mise en route du PC et me demandait l'autorisation de tel vers je ne sais quel truc mais bien sur not free petit detail qui demande confirmation il parait que la ligne c:\windows\system32\Isass.exe correspondrait au ver Sasser est ce vrai ? voila le rapport Logfile of HijackThis v1.99.1 Scan saved at 22:30:17, on 12/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe TU PENSES QU'ON VA S'EN SORTIR ? @+ et merci
-
salut la nuit arrive et moi avec Apres plusieurs tentatives pour acceder au mode sans echec avec clavier j'ai enfin trouver la solution si cela interresse quelqu'un je ferai suivre la procedure sinon je fais suivre le dernier rapport hijackthis j'ai pas trouver les programmes suivant 180solutions, SurfAccuracy, ISTsv,roia dans Ajout-suppression de programmes par contre j'ai trouver des programmes bizarres et je sais pas a quoi ils servent OIN , Abox.exe et Norton me signal le virus W32 toxbot (Netmon.exe) j'ai scanner l'ordi avec easycleaner vu tous les dossiers qu'il a trouver j'ai eu tres peur es tu sur que je peux tous supprimer moi j'ai pas oséé j'ai sauvegardé la liste si tu veux je peux la mettre dans un prochain message en attendant voila mon premier rapport Logfile of HijackThis v1.99.1 Scan saved at 22:13:50, on 11/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\Netmon.exe C:\Documents and Settings\alain\Bureau\anti truc\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [MSN Messenger] msnmsgr.exe O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitejgf32.exe O4 - HKLM\..\Run: [system service62] C:\WINDOWS\etb\pokapoka63.exe O4 - HKLM\..\Run: [system service63] C:\WINDOWS\etb\pokapoka63.exe O4 - HKLM\..\RunServices: [MSN Messenger] msnmsgr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [cos4RPc6g] ntd6mon.exe O4 - HKCU\..\Run: [MSN Messenger] msnmsgr.exe O4 - HKCU\..\Run: [MS Unix Binary] msnq3insller.exe O4 - HKCU\..\RunServices: [MSN Messenger] msnmsgr.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Net Functions Monitoring (Netmon) - Unknown owner - C:\WINDOWS\System32\Netmon.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe je reste pas loin pour les nouvelles @+
-
c'est bon je m'installe a faire tout ce qui est demandé rectification pour la connection clavier je viens de verifier c'est un raccord USB @+
-
message personnel pour Ipl il m'a sembler detecter dans ta reponse de prise en charge de mon cas un plaisir intense, j'espere partager les memes sentiments à la fin de ma galere. des que je rentre je m'occupe de suivre tes instructions à la lettre si j'y arrive en sachant que je ne suis pas une pro de l'informatique pour information mon clavier n'est pas connecté par un port USB en esperant que le mode sans echec fonctionne ce soir!!!!!!!! question peut etre bete mais je pose quand meme je passe par la touche F8 pour y acceder j'ai vu qu'il y avait une autre façon d'y acceder directement en configurant mon ordi mais une fois dans ce mode si le clavier est toujours innactif je fais comment moi pour reconfigurer mon ordi en mode normal ?????? @+
-
ok merci de m'avoir repondu je fais suivre mon analyse en mode normal Logfile of HijackThis v1.99.1 Scan saved at 22:52:39, on 10/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton Internet Security\NISUM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton Internet Security\SymProxySvc.exe C:\Program Files\Norton Internet Security\NISSERV.EXE C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Norton Internet Security\IAMAPP.EXE C:\PROGRA~1\NORTON~1\navapw32.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\PROGRA~1\PHILIP~1\VProperty.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Media Gateway\MediaGateway.exe C:\WINDOWS\kcmri.exe C:\WINDOWS\logon.exe C:\Program Files\SurfAccuracy\SAcc.exe C:\Program Files\ISTsvc\istsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\etb\pokapoka62.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe c:\progra~1\intern~1\iexplore.exe C:\WINDOWS\System32\w?nlogon.exe C:\Program Files\roia\eumn.exe C:\WINDOWS\System32\Netmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.edxphpumrwkndfinvt.com/aqe0Qopp...wufUTN0IKm.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 209.107.25.67 onlineaccounts2.abbeynational.co.uk O1 - Hosts: 209.107.25.67 www3.aibgbonline.co.uk O1 - Hosts: 209.107.25.67 www.bank.alliance-leicester.co.uk O1 - Hosts: 209.107.25.67 login.iblogin.com O1 - Hosts: 209.107.25.67 ww2.bankofscotlandhalifax-online.co.uk O1 - Hosts: 209.107.25.67 inet.barclays.co.uk O1 - Hosts: 209.107.25.67 iibank.barclays.co.uk O1 - Hosts: 209.107.25.67 iibank.cahoot.com O1 - Hosts: 209.107.25.67 www3.coventrybuildingsociety.co.uk O1 - Hosts: 209.107.25.67 ww.hsbc.co.uk O1 - Hosts: 209.107.25.67 login.ebank.offshore.hsbc.co.je O1 - Hosts: 209.107.25.67 ww3.online-offshore.lloydstsb.com O1 - Hosts: 209.107.25.67 ww3.online-business.lloydstsb.co.uk O1 - Hosts: 209.107.25.67 ww3.online.lloydstsb.co.uk O1 - Hosts: 209.107.25.67 ww3.online.lloydstsb.co.uk O1 - Hosts: 209.107.25.67 ww3.online-business.lloydstsb.co.uk O1 - Hosts: 209.107.25.67 ob2.nationet.com O1 - Hosts: 209.107.25.67 ww3.onlinebanking.natwestoffshore.com O1 - Hosts: 209.107.25.67 ww1.nwolb.com O1 - Hosts: 209.107.25.67 ww1.onlinebanking.iombank.com O1 - Hosts: 209.107.25.67 ww1.www.rbsdigital.com O1 - Hosts: 209.107.25.67 welcome.smile.co.uk O1 - Hosts: 209.107.25.67 login.365online.com O1 - Hosts: 209.107.25.67 wvw.citizensbankonline.com O1 - Hosts: 209.107.25.67 esecure.regionsnet.com O1 - Hosts: 209.107.25.67 rollb.associatedbank.com O1 - Hosts: 209.107.25.67 upb.unionplanters.com O1 - Hosts: 209.107.25.67 www.onlinebanking.huntington.com O1 - Hosts: 209.107.25.67 inet.southtrustonlinebanking.com O1 - Hosts: 209.107.25.67 logon.personal.wamu.com O1 - Hosts: 209.107.25.67 login.compassweb.com O1 - Hosts: 209.107.25.67 logon.firstmeritib.com O1 - Hosts: 209.107.25.67 login.ccfcuonline.org O1 - Hosts: 209.107.25.67 ww3.etimebanker.bankofthewest.com O1 - Hosts: 209.107.25.67 ww2.onlinebanking.lasallebank.com O1 - Hosts: 209.107.25.67 wvw.totallyfreebanking.com O1 - Hosts: 209.107.25.67 www.online.wellsfargo.com O1 - Hosts: 209.107.25.67 www.onlinebanking.bankofoklahoma.com O1 - Hosts: 209.107.25.67 accounts4.keybank.com O1 - Hosts: 209.107.25.67 logon.bankone.com O1 - Hosts: 209.107.25.67 www.secure.tdbanknorth.com O1 - Hosts: 209.107.25.67 www.secure.mvnt4.com O1 - Hosts: 209.107.25.67 ww.mynfbonline.com O1 - Hosts: 209.107.25.67 login.forumcuonline.com O1 - Hosts: 209.107.25.67 www.eds.usersonlnet.com O1 - Hosts: 209.107.25.67 www.onlineid.bankofamerica.com O1 - Hosts: 209.107.25.67 wvw.e-gold.com O1 - Hosts: 209.107.25.67 pcbs.peoples.com O1 - Hosts: 209.107.25.67 www.global1.onlinebank.com O1 - Hosts: 209.107.25.67 ww2.mybranch.lafcu.com O1 - Hosts: 209.107.25.67 login.webbanking.comerica.com O1 - Hosts: 209.107.25.67 web.banking.firsttennessee.com O1 - Hosts: 209.107.25.67 logon.members1st.org O1 - Hosts: 209.107.25.67 www.cib.ibanking-services.com O1 - Hosts: 209.107.25.67 www.miwebbusbank.ebanking-services.com O1 - Hosts: 209.107.25.67 wvw.paypal.com O1 - Hosts: 209.107.25.67 www.signin.ebay.com O1 - Hosts: 209.107.25.67 wvw.etrade.com O1 - Hosts: 209.107.25.67 ww4.fleethomelink.fleet.com O1 - Hosts: 209.107.25.67 ww3.connect.skyfi.com O1 - Hosts: 209.107.25.67 www6.usbank.com O1 - Hosts: 209.107.25.67 www.bvi.bancodevalencia.es O1 - Hosts: 209.107.25.67 extrant.banesto.es O1 - Hosts: 209.107.25.67 banesnt.banesto.es O1 - Hosts: 209.107.25.67 activia.caixagalicia.es O1 - Hosts: 209.107.25.67 www.bancae.caixapenedes.com O1 - Hosts: 209.107.25.67 login.caixasabadell.net O1 - Hosts: 209.107.25.67 oii.cajamadrid.es O1 - Hosts: 209.107.25.67 login.cajamar.es O1 - Hosts: 209.107.25.67 login.ccm.es O1 - Hosts: 209.107.25.67 ww.unicaja.es O1 - Hosts: 209.107.25.67 www5.bancopopular.es O1 - Hosts: 209.107.25.67 ww3.bbvanet.com O1 - Hosts: 209.107.25.67 ww.bayernlb.de O1 - Hosts: 209.107.25.67 ww2.berliner-volksbank.de O1 - Hosts: 209.107.25.67 ww7.homebanking-berlin.de O1 - Hosts: 209.107.25.67 portal09.commerzbanking.de O1 - Hosts: 209.107.25.67 www.meine.deutsche-bank.de O1 - Hosts: 209.107.25.67 ww2.dresdner-privat.de O1 - Hosts: 209.107.25.67 ww.e-banking.helaba.de O1 - Hosts: 209.107.25.67 ww.hsh-nordbank.de O1 - Hosts: 209.107.25.67 www.my.hypovereinsbank.de O1 - Hosts: 209.107.25.67 ww3.homebanking-berlin.de O1 - Hosts: 209.107.25.67 ww3.homebanking-berlin.de O1 - Hosts: 209.107.25.67 www.banking.lbbw.de O1 - Hosts: 209.107.25.67 lrp.sparkasse-banking.de O1 - Hosts: 209.107.25.67 ww3.homebanking-niedersachsen.de O1 - Hosts: 209.107.25.67 www.onlinebanking.norisbank.de O1 - Hosts: 209.107.25.67 www.banking.postbank.de O1 - Hosts: 209.107.25.67 wvw.internetbanking.gad.de O1 - Hosts: 209.107.25.67 ww1.portal.izb.de O1 - Hosts: 209.107.25.67 wvw.kunden-service.lbs.de O1 - Hosts: 209.107.25.67 ibanking.seb.de O1 - Hosts: 209.107.25.67 bw7.sparkasse-banking.de O1 - Hosts: 209.107.25.67 ww2.homebanking-sparkasse.de O1 - Hosts: 209.107.25.67 ww2.vr-networld-ebanking.de O1 - Hosts: 209.107.25.67 ww.bics.fr O1 - Hosts: 209.107.25.67 www.co.caixabank.fr O1 - Hosts: 209.107.25.67 ww.creditmutuel.fr O1 - Hosts: 209.107.25.67 internetbank.intesabci.it O1 - Hosts: 209.107.25.67 ww.extensive.bancalombarda.it O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\ACDSee\CAMDET~1.EXE O4 - HKLM\..\Run: [eCarteBleue-SG-P3] "C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" /dontopenmycards O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [MSN Messenger] msnmsgr.exe O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitejgf32.exe O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe O4 - HKLM\..\Run: [VID INTERNET WEB DRIVERS FOR WIN32] phqghu.exe O4 - HKLM\..\Run: [pP6ECTAZ] C:\WINDOWS\kcmri.exe O4 - HKLM\..\Run: [WinLogon] C:\WINDOWS\logon.exe O4 - HKLM\..\Run: [surfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [liveinfoboltbags] C:\Documents and Settings\All Users\Application Data\TypeFilmLiveInfo\Keepinternet.exe O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [Audioholdtraymore] C:\Documents and Settings\All Users\Application Data\optionplanaudiohold\soft free.exe O4 - HKLM\..\Run: [system service62] C:\WINDOWS\etb\pokapoka62.exe O4 - HKLM\..\RunServices: [MSN Messenger] msnmsgr.exe O4 - HKLM\..\RunServices: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\RunServices: [VID INTERNET WEB DRIVERS FOR WIN32] phqghu.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [cos4RPc6g] ntd6mon.exe O4 - HKCU\..\Run: [MSN Messenger] msnmsgr.exe O4 - HKCU\..\Run: [MS Unix Binary] msnq3insller.exe O4 - HKCU\..\Run: [Zlwu] C:\WINDOWS\System32\w?nlogon.exe O4 - HKCU\..\Run: [VID INTERNET WEB DRIVERS FOR WIN32] phqghu.exe O4 - HKCU\..\Run: [Wipe Chic] C:\DOCUME~1\alain\APPLIC~1\PlusPeak\MEOW JUGS.exe O4 - HKCU\..\Run: [Csrt] C:\Program Files\roia\eumn.exe O4 - HKCU\..\RunServices: [MSN Messenger] msnmsgr.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb012 O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Capturer ! - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra 'Tools' menuitem: Capturer ce web - {47055D63-DFCD-11d3-8406-00500445A7D0} - C:\Program Files\Goto\Memoweb 3\IEBtn\Launcher (file missing) O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O15 - Trusted Zone: *.media-motor.net O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos_med.exe O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int10.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://www.free32.com/POP.CHM::/sp.exe O16 - DPF: {11111111-1111-1111-1111-111191113457} - file://c:\ied_s7.cab O16 - DPF: {11111111-1111-1111-1111-511111193457} - file://c:\x.cab O16 - DPF: {11111111-1111-1111-1111-511111193458} - file://c:\x.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...Bridge-c139.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/02eeb91b6c88f5...RdxIE601_fr.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123446898296 O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} - http://cabs.media-motor.net/cabs/joysaver.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab O18 - Protocol: hola - {626601A0-4BAE-11D1-A7E1-00A0246C1E64} - (no file) O18 - Protocol: holb - {626601A1-4BAE-11D1-A7E1-00A0246C1E64} - (no file) O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Net Functions Monitoring (Netmon) - Unknown owner - C:\WINDOWS\System32\Netmon.exe O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe @+
-
bonjour à tous je viens malheureusement completer la longue liste des personnes touchées par toxbot et divers petits logiciels qui m'empechent de vivre ma vie de PC Norton a reussi a neutraliser Mapi32.exe et l'éliminer mais il reste pas mal de propblemes car des pages internet s'ouvrent toutes seules et pleins d'icones viennent me poluer mon bureau J'ai voulu suivre les instructions pour faire un rapport d'analyse HijacThis mais le probleme quand je passe en mode sans echec est que je ne peux plus taper mon mot de passe pour ouvrir ma session le clavier ne reponds plus si quelqu'un a une solution merci d'avance