Qui peut regarder mon log hijackis, merci

marvin92 Messages postés 44 Statut Membre -  
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
bonjours a tous

quelqu'un peut il regarder mon pour voir si tous va bien.

merci

Logfile of HijackThis v1.99.1
Scan saved at 14:24:40, on 04/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [CAKETYPEMAPISAFE] C:\Documents and Settings\All Users\Application Data\DvdCompCakeType\GreyBrowse.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\felix.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BashWma] C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\TimeChic.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: A3Cab1 - http://www.globalcashsolutions.com/kithtml/A3Cab1.CAB
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {266B9238-31A5-4B53-9039-272FE846DF9D} (DiameterTransfer Control) - http://www.sis.com/download/SISTransfer.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://k-ty92.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://1132052230000.kit.sexequalite.com/14749/CD/DiabloteenLive.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Configuration: Windows XP
Internet Explorer 6.0

4 réponses

  1. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    l'as tu fais en mode sans echec ou mode normal

    des petites saltés ...

    Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
    O1 - Hosts: 127.255.255.255 images.alcohol-soft.com

    toutes les 016, sauf celle-ci :

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

    ++
    0
    1. marvin92 Messages postés 44 Statut Membre 1
       
      salut a toi green day et merci de m'avoir repondu.

      j'ai fais comme tu ma dis et encore merci.

      je t'envoye un dernier log au ka ou

      a+
      0
    2. marvin92 Messages postés 44 Statut Membre 1
       
      tu le voila

      merci

      Logfile of HijackThis v1.99.1
      Scan saved at 10:43:28, on 05/02/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
      C:\WINDOWS\system32\oodag.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
      C:\Program Files\AlienGUIse\wbload.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
      C:\WINDOWS\Explorer.EXE
      C:\windows\system\hpsysdrv.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
      C:\Program Files\CursorXP\CursorXP.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\RamBoost XP\rambxpfr.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files\Shareaza\Shareaza.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr10.hpwis.com/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
      O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
      O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
      O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
      O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
      O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
      O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
      O4 - HKLM\..\Run: [CAKETYPEMAPISAFE] C:\Documents and Settings\All Users\Application Data\DvdCompCakeType\GreyBrowse.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
      O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
      O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\felix.exe
      O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
      O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BashWma] C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\TimeChic.exe
      O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
      O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
      O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: A3Cab1 - http://www.globalcashsolutions.com/kithtml/A3Cab1.CAB
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
      O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      0
    3. marvin92 Messages postés 44 Statut Membre 1
       
      merci a toi green day

      j'ai bien supprimer comme tu me la demande (sauf pour le mode sans echec) mais pour l'instant je croise les doigt , tou va bien.

      il est super ce petit lgiciel.

      et le scan en ligne (bitdefender) ma supprimee plein de trojans , donc je pense que mon probleme est resolu.

      sinon je te renvoye un dernier log en mode sans echec.

      j'attend ta reponse et merci encore, bye.
      0
  2. Utilisateur anonyme
     
    Salut vous deux ;-)

    Pour vous faire avancer :

    ¤ Clic sur démarrer, rechercher, cherche et supprime :

    - ALCXMNTR.EXE

    ¤ Télécharge lopxp :
    http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2.zip

    dézippe-le sur ton bureau puis double-clic sur le fichier "lopxpMH.bat"
    quand il a terminé, un rapport s'ouvre : fait un copier-coller du rapport puis mets le ici
    0
    1. marvin92 Messages postés 44 Statut Membre 1
       
      bonjours et merci

      tiens je te donne se que tu ma demander

      merci et tiens moi au courant si y'a un truc louche


      Rapport fait à 23:34:33,65 le 05/02/2007

      ******************************************
      ## Répertoires Application Data

      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

      02/02/2007 09:57 <REP> .
      02/02/2007 09:57 <REP> ..
      02/02/2007 09:57 <REP> HbTools
      02/02/2007 09:57 <REP> Help
      02/02/2007 09:57 <REP> Identities
      02/02/2007 09:57 <REP> Macromedia
      02/02/2007 09:57 <REP> Microsoft
      02/02/2007 09:57 <REP> MSN6
      02/02/2007 09:57 <REP> SampleView
      02/02/2007 09:57 <REP> ShopperReports
      02/02/2007 09:57 <REP> Sonic
      02/02/2007 09:57 <REP> Sun
      02/02/2007 09:57 <REP> Symantec
      02/02/2007 09:58 62 desktop.ini
      1 fichier(s) 62 octets
      13 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data

      02/02/2007 09:57 <REP> .
      02/02/2007 09:57 <REP> ..
      02/02/2007 09:57 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
      02/02/2007 09:57 <REP> ApplicationHistory
      02/02/2007 09:57 <REP> Help
      02/02/2007 09:57 <REP> Microsoft
      02/02/2007 09:57 135 fusioncache.dat
      1 fichier(s) 135 octets
      6 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\All Users\Application Data

      23/10/2005 00:19 <REP> .
      23/10/2005 00:19 <REP> ..
      10/01/2006 18:13 <REP> Adobe
      25/10/2005 10:19 <REP> Apple Computer
      26/10/2006 15:26 <REP> ArcSoft
      26/10/2005 01:19 <REP> BOONTY
      29/09/2006 10:26 <REP> CyberLink
      08/12/2006 17:17 <REP> DvdCompCakeType
      21/08/2006 15:13 <REP> HP
      02/01/2003 00:01 <REP> InterVideo
      28/10/2005 00:42 <REP> Macrovision
      29/11/2005 18:34 <REP> Messenger Plus!
      01/01/2003 22:04 <REP> Microsoft
      02/01/2003 00:28 <REP> Motive
      22/10/2005 17:13 <REP> MSN6
      14/02/2006 23:44 <REP> OD2
      14/11/2005 21:49 <REP> pixelStorm
      01/01/2003 22:14 <REP> SBSI
      19/12/2005 18:52 <REP> Spybot - Search & Destroy
      01/01/2003 22:10 <REP> Symantec
      28/09/2006 22:49 <REP> Trymedia
      23/10/2005 01:18 <REP> TuneUp Software
      24/05/2006 20:30 <REP> WhiteCap (Holiday Edition)
      28/10/2005 18:21 <REP> Windows Genuine Advantage
      02/10/2006 20:49 <REP> Windows Live Toolbar
      26/11/2006 12:26 <REP> Yahoo!
      02/11/2005 16:18 <REP> Yahoo! Companion
      27/11/2005 01:15 <REP> Zylom
      01/01/2003 22:04 62 desktop.ini
      01/01/2003 23:22 5ÿ749 hpzinstall.log
      25/11/2005 22:17 1ÿ763 QTSBandwidthCache
      3 fichier(s) 7ÿ574 octets
      28 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Default User\Application Data

      23/10/2005 00:19 <REP> .
      23/10/2005 00:19 <REP> ..
      22/10/2005 20:57 <REP> HbTools
      22/10/2005 20:57 <REP> Help
      01/01/2003 22:11 <REP> Identities
      22/10/2005 20:57 <REP> Macromedia
      01/01/2003 22:04 <REP> Microsoft
      22/10/2005 20:57 <REP> MSN6
      22/10/2005 16:48 <REP> SampleView
      22/10/2005 20:57 <REP> ShopperReports
      22/10/2005 16:48 <REP> Sonic
      22/10/2005 16:48 <REP> Sun
      22/10/2005 16:48 <REP> Symantec
      01/01/2003 22:04 62 desktop.ini
      1 fichier(s) 62 octets
      13 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

      01/01/2003 22:04 <REP> .
      01/01/2003 22:04 <REP> ..
      22/10/2005 16:48 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
      22/10/2005 16:48 <REP> ApplicationHistory
      22/10/2005 20:57 <REP> Help
      22/10/2005 16:48 <REP> Microsoft
      22/10/2005 16:48 135 fusioncache.dat
      1 fichier(s) 135 octets
      6 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\LocalService\Application Data

      01/01/2003 22:13 <REP> .
      01/01/2003 22:13 <REP> ..
      01/01/2003 22:13 <REP> Microsoft
      27/06/2006 11:33 <REP> Webroot
      0 fichier(s) 0 octets
      4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

      01/01/2003 22:13 <REP> .
      01/01/2003 22:13 <REP> ..
      01/01/2003 22:13 <REP> Microsoft
      0 fichier(s) 0 octets
      3 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

      01/01/2003 22:13 <REP> .
      01/01/2003 22:13 <REP> ..
      01/01/2003 22:13 <REP> Microsoft
      27/11/2006 13:21 <REP> Mozilla
      0 fichier(s) 0 octets
      4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

      01/01/2003 22:13 <REP> .
      01/01/2003 22:13 <REP> ..
      01/01/2003 22:13 <REP> Microsoft
      27/11/2006 13:21 <REP> Mozilla
      0 fichier(s) 0 octets
      4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Propri‚taire\Application Data

      23/10/2005 00:19 <REP> .
      23/10/2005 00:19 <REP> ..
      30/10/2006 01:20 <REP> .ZMatrix
      23/10/2005 01:58 <REP> Adobe
      10/02/2006 01:47 <REP> AdobeAUM
      23/10/2005 01:58 <REP> AdobeUM
      16/11/2005 14:27 <REP> Ahead
      25/10/2005 10:22 <REP> Apple Computer
      21/02/2006 00:24 <REP> ArcSoft
      03/01/2006 10:10 <REP> Azureus
      16/11/2006 08:47 <REP> BitRoll
      17/11/2006 10:35 <REP> BitTorrent
      25/04/2006 12:54 <REP> BSplayer Pro
      28/04/2006 17:10 <REP> Common Files
      13/09/2006 11:38 <REP> COWON
      15/02/2006 00:04 <REP> Creative
      29/09/2006 10:26 <REP> CyberLink
      11/11/2005 15:52 <REP> DMCache
      15/02/2006 15:22 <REP> dvdcss
      27/06/2006 14:57 <REP> Encyclopedie Hachette
      20/12/2005 00:44 <REP> EoRezo
      04/01/2006 15:43 <REP> Google
      22/10/2005 16:29 <REP> Help
      28/04/2006 17:08 <REP> HP
      01/01/2003 22:13 <REP> Identities
      21/08/2006 23:48 <REP> Image Zone Express
      06/11/2005 03:25 <REP> InterVideo
      19/12/2005 18:57 <REP> Lavasoft
      18/11/2005 17:47 <REP> Leadertech
      22/10/2005 16:39 <REP> Macromedia
      09/12/2005 00:39 <REP> Magic Match
      23/08/2006 23:49 <REP> Media Player Classic
      23/01/2007 21:28 <REP> MessengerSkinner
      02/10/2006 15:49 <REP> Micro Application
      01/01/2003 22:13 <REP> Microsoft
      27/10/2005 11:16 <REP> Motive
      18/06/2006 12:31 <REP> Mozilla
      22/10/2005 17:13 <REP> MSN6
      15/02/2006 00:03 <REP> OD2
      03/02/2006 00:04 <REP> OpenOffice.org2
      31/10/2006 21:29 <REP> Preclick
      08/12/2006 17:17 <REP> Program Support
      23/08/2006 15:34 <REP> Real
      02/01/2003 02:02 <REP> SampleView
      04/11/2005 15:21 <REP> Shareaza
      25/08/2006 12:13 <REP> Skype
      01/01/2003 23:58 <REP> Sonic
      01/01/2003 22:51 <REP> Sun
      01/01/2003 22:11 <REP> Symantec
      19/06/2006 08:58 <REP> Talkback
      19/06/2006 08:57 <REP> Thunderbird
      30/03/2006 21:00 <REP> Trend Micro
      23/10/2005 01:19 <REP> TuneUp Software
      16/11/2006 19:31 <REP> Uniblue
      25/07/2006 22:45 <REP> vlc
      13/02/2006 16:53 <REP> VoipBuster
      22/12/2005 14:17 <REP> WhenU
      10/12/2005 20:02 <REP> Wildfire
      27/11/2006 13:03 <REP> Winamp
      27/11/2005 01:18 <REP> Zylom
      01/01/2003 22:13 62 desktop.ini
      13/12/2005 18:52 99ÿ288 GDIPFONTCACHEV1.DAT
      28/04/2006 16:52 14ÿ817 GdiplusUpgrade_MSIApproach_Wrapper.log
      26/08/2006 15:22 114 Hewlett-PackardHP PSC 1500 series1156170074_API.log
      26/08/2006 15:22 3ÿ077 Hewlett-PackardHP PSC 1500 series1156170074_PROTOCOL.log
      26/08/2006 15:22 621 Hewlett-PackardHP PSC 1500 series1156170074_UI.log
      27/08/2006 23:24 2ÿ173 HPSU_48BitScanUpdate.log
      27/08/2006 23:24 359ÿ222 PatchUpdate_HP_CounterReport_Update_HPSU.log
      23/06/2006 09:29 739 QuickZip45.ini
      27/08/2006 23:21 69ÿ132 Update_HP_RedboxHprblog_HPSU.log
      10 fichier(s) 549ÿ245 octets
      60 R‚p(s) 26ÿ690ÿ355ÿ200 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Documents and Settings\Propri‚taire\Local Settings\Application Data

      01/01/2003 22:13 <REP> .
      01/01/2003 22:13 <REP> ..
      01/01/2003 22:51 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
      23/10/2005 01:58 <REP> Adobe
      16/11/2005 14:33 <REP> Ahead
      25/10/2005 10:22 <REP> Apple Computer
      02/01/2003 00:27 <REP> ApplicationHistory
      03/11/2005 13:19 <REP> Google
      22/10/2005 16:29 <REP> Help
      28/04/2006 17:15 <REP> HP
      22/10/2005 22:46 <REP> Identities
      28/04/2006 17:15 <REP> IsolatedStorage
      22/08/2006 18:54 <REP> K-Meleon
      01/01/2003 22:13 <REP> Microsoft
      18/06/2006 12:31 <REP> Mozilla
      05/07/2006 20:10 <REP> PCHealth
      04/11/2005 15:21 <REP> Shareaza
      11/09/2006 10:17 <REP> Stardock
      19/06/2006 08:57 <REP> Thunderbird
      04/11/2006 18:21 <REP> WMTools Downloaded Files
      23/10/2005 16:41 69ÿ632 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      02/01/2003 00:27 135 fusioncache.dat
      28/10/2005 19:16 100ÿ608 GDIPFONTCACHEV1.DAT
      28/12/2006 00:04 4ÿ773ÿ066 IconCache.db
      4 fichier(s) 4ÿ943ÿ441 octets
      20 R‚p(s) 26ÿ690ÿ355ÿ200 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

      23/10/2005 04:35 <REP> .
      23/10/2005 04:35 <REP> ..
      22/10/2005 21:00 <REP> Help
      01/01/2003 22:12 <REP> Identities
      22/10/2005 21:00 <REP> Macromedia
      01/01/2003 22:12 <REP> Microsoft
      22/10/2005 21:00 <REP> MSN6
      22/10/2005 21:00 <REP> SampleView
      22/10/2005 21:00 <REP> Sonic
      22/10/2005 21:00 <REP> Sun
      22/10/2005 21:00 <REP> Symantec
      01/01/2003 22:12 62 desktop.ini
      1 fichier(s) 62 octets
      11 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres
      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

      01/01/2003 22:12 <REP> .
      01/01/2003 22:12 <REP> ..
      22/10/2005 21:00 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
      22/10/2005 21:00 <REP> ApplicationHistory
      22/10/2005 21:00 <REP> Help
      22/10/2005 20:51 <REP> Microsoft
      22/10/2005 21:00 135 fusioncache.dat
      22/10/2005 21:00 1ÿ677ÿ934 IconCache.db
      2 fichier(s) 1ÿ678ÿ069 octets
      6 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres

      ******************************************
      Recherche des taches planifiées dans C:\WINDOWS\tasks

      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\WINDOWS\Tasks

      08/12/2006 17:17 284 A7A0E48591AF9DCD.job
      23/10/2005 01:19 422 Maintenance en 1 clic.job
      02/01/2003 06:01 65 desktop.ini
      01/01/2003 22:12 426 Symantec NetDetect.job
      01/01/2003 22:11 6 SA.DAT
      01/01/2003 22:09 <REP> ..
      01/01/2003 22:09 <REP> .
      5 fichier(s) 1ÿ203 octets
      2 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres

      ******************************************
      ## Répertoires de Program files

      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\Program Files

      02/02/2007 14:36 <REP> .
      02/02/2007 14:36 <REP> ..
      20/12/2006 00:11 22ÿ845ÿ992 AdbeRdr80_fr_FR.exe
      23/12/2006 16:18 <REP> Adobe
      04/02/2007 12:47 <REP> Adverts
      31/10/2006 15:53 <REP> Ahead
      14/11/2006 16:24 <REP> Alcohol Soft
      23/12/2006 20:40 <REP> AlienGUIse
      15/12/2005 22:16 <REP> Alwil Software
      05/05/2006 13:39 <REP> ArcSoft
      22/10/2005 16:50 <REP> ATI Technologies
      25/11/2006 02:09 <REP> BitComet
      04/05/2006 15:30 <REP> BootVisfr
      11/12/2006 09:24 <REP> CCleaner
      11/09/2006 09:13 <REP> Common Files
      29/11/2006 23:00 <REP> CursorXP
      03/10/2006 17:37 <REP> DAEMON Tools
      26/01/2006 14:04 <REP> Datel
      24/01/2007 09:50 <REP> Dictionnaire
      19/02/2006 21:17 <REP> Easy Internet signup
      23/11/2006 21:49 <REP> Eidos
      23/12/2006 18:53 <REP> Electronic Arts
      22/10/2006 22:57 <REP> Empire Interactive
      13/12/2006 23:18 <REP> eMule
      27/06/2006 11:16 <REP> Felix Screenmate
      14/12/2006 09:17 <REP> Fichiers communs
      25/11/2006 15:16 <REP> Google
      15/12/2006 09:41 <REP> HardwareDetection
      13/11/2006 19:08 <REP> Hercules
      20/08/2006 20:18 <REP> Hewlett-Packard
      05/10/2006 17:28 <REP> HP
      05/02/2007 17:37 <REP> Internet Explorer
      02/01/2003 00:01 <REP> InterVideo
      19/12/2006 19:29 <REP> Java
      24/11/2006 11:49 <REP> K-Lite Codec Pack
      14/11/2006 16:40 <REP> KONAMI
      15/09/2006 13:35 <REP> Lavasoft
      04/12/2006 22:02 <REP> LimeWire
      05/12/2006 22:33 <REP> Media Player Classic
      22/02/2006 16:56 <REP> Messenger
      08/12/2006 17:16 <REP> Messenger Plus! Live
      11/07/2006 11:02 <REP> MessengerPlus! 3
      04/02/2007 13:13 <REP> MessengerSkinner
      01/01/2003 22:11 <REP> microsoft frontpage
      20/02/2006 15:14 <REP> Microsoft Office
      28/10/2005 18:57 <REP> Movie Maker
      05/02/2007 22:10 <REP> Mozilla Firefox
      22/10/2005 23:51 <REP> MSN
      04/09/2006 21:46 <REP> MSN Games
      01/01/2003 22:08 <REP> MSN Gaming Zone
      02/02/2007 08:15 <REP> MSN Messenger
      14/02/2006 23:44 <REP> Music Manager
      03/10/2006 17:43 <REP> Nero
      31/10/2005 23:09 <REP> NetMeeting
      30/11/2006 14:03 <REP> OO Software
      15/12/2006 08:38 <REP> Outlook Express
      23/12/2006 20:26 <REP> Postal2
      02/01/2003 00:28 <REP> Presario PC Help
      08/12/2006 17:17 <REP> Program Support
      03/01/2007 23:29 <REP> Prolific Publishing, Inc
      20/12/2006 00:10 7ÿ218ÿ088 psa30se_fr_fr.exe
      05/12/2006 12:25 <REP> QuickTime
      05/12/2006 22:34 <REP> QuickTime Alternative
      21/11/2006 12:32 <REP> Radio Fr Solo
      05/02/2007 18:20 <REP> RamBoost XP
      14/12/2006 09:16 <REP> Real
      12/09/2006 09:20 <REP> RegCleaner
      05/12/2006 10:24 <REP> RegistrySmart
      13/11/2006 00:11 <REP> Rockstar Games
      24/11/2006 10:59 <REP> Satsuki Decoder Pack
      27/06/2006 11:20 <REP> ScreenMates
      03/01/2007 23:33 <REP> SereneScreen
      28/04/2006 18:44 <REP> Services en ligne
      21/01/2007 22:41 <REP> Shareaza
      25/08/2006 12:13 <REP> Skype
      08/10/2006 22:28 <REP> SlySoft
      03/02/2007 01:39 <REP> SpeedFan
      06/07/2006 16:01 <REP> Spybot - Search & Destroy
      10/12/2006 18:43 <REP> Stardock
      02/02/2007 14:36 <REP> Sunbelt Software
      15/12/2005 22:16 <REP> Symantec
      03/05/2006 16:12 <REP> TGTSoft
      02/12/2005 19:31 <REP> Tsunami_Filter_Pack_Mini
      07/01/2007 19:10 <REP> Ubisoft
      08/06/2006 11:24 <REP> VideoLAN
      27/11/2006 13:05 <REP> Winamp
      10/12/2006 18:44 <REP> WinCustomize
      02/02/2007 08:15 <REP> Windows Live Safety Center
      02/10/2006 20:56 <REP> Windows Live Toolbar
      17/12/2006 01:10 <REP> Windows Media Connect 2
      29/11/2006 01:18 <REP> Windows Media Player
      28/10/2005 18:54 <REP> Windows NT
      27/03/2006 09:08 <REP> WinDriver Ghost
      24/11/2006 11:28 <REP> WinRAR
      30/10/2006 17:36 <REP> WinZip
      01/01/2003 22:11 <REP> xerox
      28/11/2006 09:25 <REP> Yahoo!
      2 fichier(s) 30ÿ064ÿ080 octets
      95 R‚p(s) 26ÿ690ÿ347ÿ008 octets libres

      ******************************************
      ## Popups autorisées

      * Internet Explorer

      ! REG.EXE VERSION 3.0

      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
      *.hotmail.msn.com REG_BINARY
      player.skyrock.com REG_BINARY
      www.skyrock.com REG_BINARY
      014728400.badoo.com REG_BINARY
      *.mysearchnow.com REG_BINARY
      www.mistergooddeal.com REG_BINARY
      www.cannaweed.com REG_BINARY
      www.01net.com REG_BINARY
      www.commentcamarche.net REG_BINARY
      www.vulnerabilite.com REG_BINARY
      www.maeva.com REG_BINARY
      www.pierreetvacances.com REG_BINARY
      *.mail.yahoo.com REG_BINARY
      www.surcouf.com REG_BINARY
      blog.entrevue.fr REG_BINARY
      www.entrevue-web.fr REG_BINARY
      telecharger.gsiteg.com REG_BINARY

      * Mozilla Firefox (1 autorisé 2 interdit)

      ---------- C:\DOCUMENTS AND SETTINGS\PROPRITAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X7B7BZBB.DEFAULT\HOSTPERM.1
      host popup 1 www.infos-du-net.com
      host popup 2 www.humour1.com
      host popup 1 www.torrentazos.com
      host popup 1 www.universalmobile.fr
      host popup 1 pointroute.france2.fr
      host popup 1 www.01net.com
      host popup 1 www.3suisses.fr
      host popup 1 www.c-rigolo.com
      host popup 1 www.disney.fr
      host popup 1 scheme:file
      host popup 1 www.sony.fr

      ******************************************
      ## Registre

      * [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      CAKETYPEMAPISAFE REG_SZ C:\Documents and Settings\All Users\Application Data\DvdCompCakeType\GreyBrowse.exe

      * [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      BashWma REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\TimeChic.exe

      ******************************************
      ## Zones de sécurité

      * HKCU Domains (4)

      * P3P History (5)

      ******************************************
      ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\WINDOWS

      Le volume dans le lecteur C s'appelle PRESARIO
      Le num‚ro de s‚rie du volume est 449E-1604

      R‚pertoire de C:\WINDOWS


      *************** Fin du rapport ****************
      0
  3. Utilisateur anonyme
     
    Ola !

    Green day n'a pas l'air là mais ne part pas comme ça ton PC n'est pas encore propre

    Télécharges Blacklight et sauvegarde le sur ton bureau.
    https://www.f-secure.com/en
    Double cliques sur " blbeta.exe " et acceptes la licence; clic sur "Scan" puis "Next"

    Un rapport, va se créer sur ton bureau "fslb-....."
    Copies et colles le contenu de ce rapport ici.

    Ne touche à rien d'autre!
    0
    1. marvin92 Messages postés 44 Statut Membre 1
       
      salut boulepate62

      merci d'avoir fais attention a mon log car effectivement il en reste.

      tiens le rapprort blacklight

      au faite sa correspond a quoi ALCXMNTR.EXE ,merci.


      02/06/07 18:03:15 [Info]: BlackLight Engine 1.0.55 initialized
      02/06/07 18:03:15 [Info]: OS: 5.1 build 2600 (Service Pack 2)
      02/06/07 18:03:15 [Note]: 7019 4
      02/06/07 18:03:15 [Note]: 7005 0
      02/06/07 18:03:21 [Note]: 7006 0
      02/06/07 18:03:21 [Note]: 7011 2464
      02/06/07 18:03:21 [Note]: 7026 0
      02/06/07 18:03:21 [Note]: 7026 0
      02/06/07 18:03:34 [Note]: FSRAW library version 1.7.1021
      02/06/07 18:21:32 [Note]: 7007 0
      0
  4. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut vous !

    desolée mais je ne te vois pas dans mes contrib :-S

    ++

    ps : je suis en cours ;-))
    0