Qui peut regarder mon log hijackis, merci

salut a toi green day et merci de m'avoir repondu.

j'ai fais comme tu ma dis et encore merci.

je t'envoye un dernier log au ka ou

a+

tu le voila

merci

Logfile of HijackThis v1.99.1
Scan saved at 10:43:28, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [CAKETYPEMAPISAFE] C:\Documents and Settings\All Users\Application Data\DvdCompCakeType\GreyBrowse.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\PRESAR~1\Presario\XPHWWRP4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Felix] C:\Program Files\ScreenMates\felix.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BashWma] C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\TimeChic.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: A3Cab1 - http://www.globalcashsolutions.com/kithtml/A3Cab1.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

merci a toi green day

j'ai bien supprimer comme tu me la demande (sauf pour le mode sans echec) mais pour l'instant je croise les doigt , tou va bien.

il est super ce petit lgiciel.

et le scan en ligne (bitdefender) ma supprimee plein de trojans , donc je pense que mon probleme est resolu.

sinon je te renvoye un dernier log en mode sans echec.

j'attend ta reponse et merci encore, bye.

bonjours et merci

tiens je te donne se que tu ma demander

merci et tiens moi au courant si y'a un truc louche


Rapport fait à 23:34:33,65 le 05/02/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

02/02/2007 09:57 <REP> .
02/02/2007 09:57 <REP> ..
02/02/2007 09:57 <REP> HbTools
02/02/2007 09:57 <REP> Help
02/02/2007 09:57 <REP> Identities
02/02/2007 09:57 <REP> Macromedia
02/02/2007 09:57 <REP> Microsoft
02/02/2007 09:57 <REP> MSN6
02/02/2007 09:57 <REP> SampleView
02/02/2007 09:57 <REP> ShopperReports
02/02/2007 09:57 <REP> Sonic
02/02/2007 09:57 <REP> Sun
02/02/2007 09:57 <REP> Symantec
02/02/2007 09:58 62 desktop.ini
1 fichier(s) 62 octets
13 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data

02/02/2007 09:57 <REP> .
02/02/2007 09:57 <REP> ..
02/02/2007 09:57 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
02/02/2007 09:57 <REP> ApplicationHistory
02/02/2007 09:57 <REP> Help
02/02/2007 09:57 <REP> Microsoft
02/02/2007 09:57 135 fusioncache.dat
1 fichier(s) 135 octets
6 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\All Users\Application Data

23/10/2005 00:19 <REP> .
23/10/2005 00:19 <REP> ..
10/01/2006 18:13 <REP> Adobe
25/10/2005 10:19 <REP> Apple Computer
26/10/2006 15:26 <REP> ArcSoft
26/10/2005 01:19 <REP> BOONTY
29/09/2006 10:26 <REP> CyberLink
08/12/2006 17:17 <REP> DvdCompCakeType
21/08/2006 15:13 <REP> HP
02/01/2003 00:01 <REP> InterVideo
28/10/2005 00:42 <REP> Macrovision
29/11/2005 18:34 <REP> Messenger Plus!
01/01/2003 22:04 <REP> Microsoft
02/01/2003 00:28 <REP> Motive
22/10/2005 17:13 <REP> MSN6
14/02/2006 23:44 <REP> OD2
14/11/2005 21:49 <REP> pixelStorm
01/01/2003 22:14 <REP> SBSI
19/12/2005 18:52 <REP> Spybot - Search & Destroy
01/01/2003 22:10 <REP> Symantec
28/09/2006 22:49 <REP> Trymedia
23/10/2005 01:18 <REP> TuneUp Software
24/05/2006 20:30 <REP> WhiteCap (Holiday Edition)
28/10/2005 18:21 <REP> Windows Genuine Advantage
02/10/2006 20:49 <REP> Windows Live Toolbar
26/11/2006 12:26 <REP> Yahoo!
02/11/2005 16:18 <REP> Yahoo! Companion
27/11/2005 01:15 <REP> Zylom
01/01/2003 22:04 62 desktop.ini
01/01/2003 23:22 5ÿ749 hpzinstall.log
25/11/2005 22:17 1ÿ763 QTSBandwidthCache
3 fichier(s) 7ÿ574 octets
28 R‚p(s) 26ÿ690ÿ363ÿ392 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Default User\Application Data

23/10/2005 00:19 <REP> .
23/10/2005 00:19 <REP> ..
22/10/2005 20:57 <REP> HbTools
22/10/2005 20:57 <REP> Help
01/01/2003 22:11 <REP> Identities
22/10/2005 20:57 <REP> Macromedia
01/01/2003 22:04 <REP> Microsoft
22/10/2005 20:57 <REP> MSN6
22/10/2005 16:48 <REP> SampleView
22/10/2005 20:57 <REP> ShopperReports
22/10/2005 16:48 <REP> Sonic
22/10/2005 16:48 <REP> Sun
22/10/2005 16:48 <REP> Symantec
01/01/2003 22:04 62 desktop.ini
1 fichier(s) 62 octets
13 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

01/01/2003 22:04 <REP> .
01/01/2003 22:04 <REP> ..
22/10/2005 16:48 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
22/10/2005 16:48 <REP> ApplicationHistory
22/10/2005 20:57 <REP> Help
22/10/2005 16:48 <REP> Microsoft
22/10/2005 16:48 135 fusioncache.dat
1 fichier(s) 135 octets
6 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

01/01/2003 22:13 <REP> .
01/01/2003 22:13 <REP> ..
01/01/2003 22:13 <REP> Microsoft
27/06/2006 11:33 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

01/01/2003 22:13 <REP> .
01/01/2003 22:13 <REP> ..
01/01/2003 22:13 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

01/01/2003 22:13 <REP> .
01/01/2003 22:13 <REP> ..
01/01/2003 22:13 <REP> Microsoft
27/11/2006 13:21 <REP> Mozilla
0 fichier(s) 0 octets
4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

01/01/2003 22:13 <REP> .
01/01/2003 22:13 <REP> ..
01/01/2003 22:13 <REP> Microsoft
27/11/2006 13:21 <REP> Mozilla
0 fichier(s) 0 octets
4 R‚p(s) 26ÿ690ÿ359ÿ296 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Propri‚taire\Application Data

23/10/2005 00:19 <REP> .
23/10/2005 00:19 <REP> ..
30/10/2006 01:20 <REP> .ZMatrix
23/10/2005 01:58 <REP> Adobe
10/02/2006 01:47 <REP> AdobeAUM
23/10/2005 01:58 <REP> AdobeUM
16/11/2005 14:27 <REP> Ahead
25/10/2005 10:22 <REP> Apple Computer
21/02/2006 00:24 <REP> ArcSoft
03/01/2006 10:10 <REP> Azureus
16/11/2006 08:47 <REP> BitRoll
17/11/2006 10:35 <REP> BitTorrent
25/04/2006 12:54 <REP> BSplayer Pro
28/04/2006 17:10 <REP> Common Files
13/09/2006 11:38 <REP> COWON
15/02/2006 00:04 <REP> Creative
29/09/2006 10:26 <REP> CyberLink
11/11/2005 15:52 <REP> DMCache
15/02/2006 15:22 <REP> dvdcss
27/06/2006 14:57 <REP> Encyclopedie Hachette
20/12/2005 00:44 <REP> EoRezo
04/01/2006 15:43 <REP> Google
22/10/2005 16:29 <REP> Help
28/04/2006 17:08 <REP> HP
01/01/2003 22:13 <REP> Identities
21/08/2006 23:48 <REP> Image Zone Express
06/11/2005 03:25 <REP> InterVideo
19/12/2005 18:57 <REP> Lavasoft
18/11/2005 17:47 <REP> Leadertech
22/10/2005 16:39 <REP> Macromedia
09/12/2005 00:39 <REP> Magic Match
23/08/2006 23:49 <REP> Media Player Classic
23/01/2007 21:28 <REP> MessengerSkinner
02/10/2006 15:49 <REP> Micro Application
01/01/2003 22:13 <REP> Microsoft
27/10/2005 11:16 <REP> Motive
18/06/2006 12:31 <REP> Mozilla
22/10/2005 17:13 <REP> MSN6
15/02/2006 00:03 <REP> OD2
03/02/2006 00:04 <REP> OpenOffice.org2
31/10/2006 21:29 <REP> Preclick
08/12/2006 17:17 <REP> Program Support
23/08/2006 15:34 <REP> Real
02/01/2003 02:02 <REP> SampleView
04/11/2005 15:21 <REP> Shareaza
25/08/2006 12:13 <REP> Skype
01/01/2003 23:58 <REP> Sonic
01/01/2003 22:51 <REP> Sun
01/01/2003 22:11 <REP> Symantec
19/06/2006 08:58 <REP> Talkback
19/06/2006 08:57 <REP> Thunderbird
30/03/2006 21:00 <REP> Trend Micro
23/10/2005 01:19 <REP> TuneUp Software
16/11/2006 19:31 <REP> Uniblue
25/07/2006 22:45 <REP> vlc
13/02/2006 16:53 <REP> VoipBuster
22/12/2005 14:17 <REP> WhenU
10/12/2005 20:02 <REP> Wildfire
27/11/2006 13:03 <REP> Winamp
27/11/2005 01:18 <REP> Zylom
01/01/2003 22:13 62 desktop.ini
13/12/2005 18:52 99ÿ288 GDIPFONTCACHEV1.DAT
28/04/2006 16:52 14ÿ817 GdiplusUpgrade_MSIApproach_Wrapper.log
26/08/2006 15:22 114 Hewlett-PackardHP PSC 1500 series1156170074_API.log
26/08/2006 15:22 3ÿ077 Hewlett-PackardHP PSC 1500 series1156170074_PROTOCOL.log
26/08/2006 15:22 621 Hewlett-PackardHP PSC 1500 series1156170074_UI.log
27/08/2006 23:24 2ÿ173 HPSU_48BitScanUpdate.log
27/08/2006 23:24 359ÿ222 PatchUpdate_HP_CounterReport_Update_HPSU.log
23/06/2006 09:29 739 QuickZip45.ini
27/08/2006 23:21 69ÿ132 Update_HP_RedboxHprblog_HPSU.log
10 fichier(s) 549ÿ245 octets
60 R‚p(s) 26ÿ690ÿ355ÿ200 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Documents and Settings\Propri‚taire\Local Settings\Application Data

01/01/2003 22:13 <REP> .
01/01/2003 22:13 <REP> ..
01/01/2003 22:51 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
23/10/2005 01:58 <REP> Adobe
16/11/2005 14:33 <REP> Ahead
25/10/2005 10:22 <REP> Apple Computer
02/01/2003 00:27 <REP> ApplicationHistory
03/11/2005 13:19 <REP> Google
22/10/2005 16:29 <REP> Help
28/04/2006 17:15 <REP> HP
22/10/2005 22:46 <REP> Identities
28/04/2006 17:15 <REP> IsolatedStorage
22/08/2006 18:54 <REP> K-Meleon
01/01/2003 22:13 <REP> Microsoft
18/06/2006 12:31 <REP> Mozilla
05/07/2006 20:10 <REP> PCHealth
04/11/2005 15:21 <REP> Shareaza
11/09/2006 10:17 <REP> Stardock
19/06/2006 08:57 <REP> Thunderbird
04/11/2006 18:21 <REP> WMTools Downloaded Files
23/10/2005 16:41 69ÿ632 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
02/01/2003 00:27 135 fusioncache.dat
28/10/2005 19:16 100ÿ608 GDIPFONTCACHEV1.DAT
28/12/2006 00:04 4ÿ773ÿ066 IconCache.db
4 fichier(s) 4ÿ943ÿ441 octets
20 R‚p(s) 26ÿ690ÿ355ÿ200 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

23/10/2005 04:35 <REP> .
23/10/2005 04:35 <REP> ..
22/10/2005 21:00 <REP> Help
01/01/2003 22:12 <REP> Identities
22/10/2005 21:00 <REP> Macromedia
01/01/2003 22:12 <REP> Microsoft
22/10/2005 21:00 <REP> MSN6
22/10/2005 21:00 <REP> SampleView
22/10/2005 21:00 <REP> Sonic
22/10/2005 21:00 <REP> Sun
22/10/2005 21:00 <REP> Symantec
01/01/2003 22:12 62 desktop.ini
1 fichier(s) 62 octets
11 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres
Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

01/01/2003 22:12 <REP> .
01/01/2003 22:12 <REP> ..
22/10/2005 21:00 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
22/10/2005 21:00 <REP> ApplicationHistory
22/10/2005 21:00 <REP> Help
22/10/2005 20:51 <REP> Microsoft
22/10/2005 21:00 135 fusioncache.dat
22/10/2005 21:00 1ÿ677ÿ934 IconCache.db
2 fichier(s) 1ÿ678ÿ069 octets
6 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\WINDOWS\Tasks

08/12/2006 17:17 284 A7A0E48591AF9DCD.job
23/10/2005 01:19 422 Maintenance en 1 clic.job
02/01/2003 06:01 65 desktop.ini
01/01/2003 22:12 426 Symantec NetDetect.job
01/01/2003 22:11 6 SA.DAT
01/01/2003 22:09 <REP> ..
01/01/2003 22:09 <REP> .
5 fichier(s) 1ÿ203 octets
2 R‚p(s) 26ÿ690ÿ351ÿ104 octets libres

******************************************
## Répertoires de Program files

Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\Program Files

02/02/2007 14:36 <REP> .
02/02/2007 14:36 <REP> ..
20/12/2006 00:11 22ÿ845ÿ992 AdbeRdr80_fr_FR.exe
23/12/2006 16:18 <REP> Adobe
04/02/2007 12:47 <REP> Adverts
31/10/2006 15:53 <REP> Ahead
14/11/2006 16:24 <REP> Alcohol Soft
23/12/2006 20:40 <REP> AlienGUIse
15/12/2005 22:16 <REP> Alwil Software
05/05/2006 13:39 <REP> ArcSoft
22/10/2005 16:50 <REP> ATI Technologies
25/11/2006 02:09 <REP> BitComet
04/05/2006 15:30 <REP> BootVisfr
11/12/2006 09:24 <REP> CCleaner
11/09/2006 09:13 <REP> Common Files
29/11/2006 23:00 <REP> CursorXP
03/10/2006 17:37 <REP> DAEMON Tools
26/01/2006 14:04 <REP> Datel
24/01/2007 09:50 <REP> Dictionnaire
19/02/2006 21:17 <REP> Easy Internet signup
23/11/2006 21:49 <REP> Eidos
23/12/2006 18:53 <REP> Electronic Arts
22/10/2006 22:57 <REP> Empire Interactive
13/12/2006 23:18 <REP> eMule
27/06/2006 11:16 <REP> Felix Screenmate
14/12/2006 09:17 <REP> Fichiers communs
25/11/2006 15:16 <REP> Google
15/12/2006 09:41 <REP> HardwareDetection
13/11/2006 19:08 <REP> Hercules
20/08/2006 20:18 <REP> Hewlett-Packard
05/10/2006 17:28 <REP> HP
05/02/2007 17:37 <REP> Internet Explorer
02/01/2003 00:01 <REP> InterVideo
19/12/2006 19:29 <REP> Java
24/11/2006 11:49 <REP> K-Lite Codec Pack
14/11/2006 16:40 <REP> KONAMI
15/09/2006 13:35 <REP> Lavasoft
04/12/2006 22:02 <REP> LimeWire
05/12/2006 22:33 <REP> Media Player Classic
22/02/2006 16:56 <REP> Messenger
08/12/2006 17:16 <REP> Messenger Plus! Live
11/07/2006 11:02 <REP> MessengerPlus! 3
04/02/2007 13:13 <REP> MessengerSkinner
01/01/2003 22:11 <REP> microsoft frontpage
20/02/2006 15:14 <REP> Microsoft Office
28/10/2005 18:57 <REP> Movie Maker
05/02/2007 22:10 <REP> Mozilla Firefox
22/10/2005 23:51 <REP> MSN
04/09/2006 21:46 <REP> MSN Games
01/01/2003 22:08 <REP> MSN Gaming Zone
02/02/2007 08:15 <REP> MSN Messenger
14/02/2006 23:44 <REP> Music Manager
03/10/2006 17:43 <REP> Nero
31/10/2005 23:09 <REP> NetMeeting
30/11/2006 14:03 <REP> OO Software
15/12/2006 08:38 <REP> Outlook Express
23/12/2006 20:26 <REP> Postal2
02/01/2003 00:28 <REP> Presario PC Help
08/12/2006 17:17 <REP> Program Support
03/01/2007 23:29 <REP> Prolific Publishing, Inc
20/12/2006 00:10 7ÿ218ÿ088 psa30se_fr_fr.exe
05/12/2006 12:25 <REP> QuickTime
05/12/2006 22:34 <REP> QuickTime Alternative
21/11/2006 12:32 <REP> Radio Fr Solo
05/02/2007 18:20 <REP> RamBoost XP
14/12/2006 09:16 <REP> Real
12/09/2006 09:20 <REP> RegCleaner
05/12/2006 10:24 <REP> RegistrySmart
13/11/2006 00:11 <REP> Rockstar Games
24/11/2006 10:59 <REP> Satsuki Decoder Pack
27/06/2006 11:20 <REP> ScreenMates
03/01/2007 23:33 <REP> SereneScreen
28/04/2006 18:44 <REP> Services en ligne
21/01/2007 22:41 <REP> Shareaza
25/08/2006 12:13 <REP> Skype
08/10/2006 22:28 <REP> SlySoft
03/02/2007 01:39 <REP> SpeedFan
06/07/2006 16:01 <REP> Spybot - Search & Destroy
10/12/2006 18:43 <REP> Stardock
02/02/2007 14:36 <REP> Sunbelt Software
15/12/2005 22:16 <REP> Symantec
03/05/2006 16:12 <REP> TGTSoft
02/12/2005 19:31 <REP> Tsunami_Filter_Pack_Mini
07/01/2007 19:10 <REP> Ubisoft
08/06/2006 11:24 <REP> VideoLAN
27/11/2006 13:05 <REP> Winamp
10/12/2006 18:44 <REP> WinCustomize
02/02/2007 08:15 <REP> Windows Live Safety Center
02/10/2006 20:56 <REP> Windows Live Toolbar
17/12/2006 01:10 <REP> Windows Media Connect 2
29/11/2006 01:18 <REP> Windows Media Player
28/10/2005 18:54 <REP> Windows NT
27/03/2006 09:08 <REP> WinDriver Ghost
24/11/2006 11:28 <REP> WinRAR
30/10/2006 17:36 <REP> WinZip
01/01/2003 22:11 <REP> xerox
28/11/2006 09:25 <REP> Yahoo!
2 fichier(s) 30ÿ064ÿ080 octets
95 R‚p(s) 26ÿ690ÿ347ÿ008 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
*.hotmail.msn.com REG_BINARY
player.skyrock.com REG_BINARY
www.skyrock.com REG_BINARY
014728400.badoo.com REG_BINARY
*.mysearchnow.com REG_BINARY
www.mistergooddeal.com REG_BINARY
www.cannaweed.com REG_BINARY
www.01net.com REG_BINARY
www.commentcamarche.net REG_BINARY
www.vulnerabilite.com REG_BINARY
www.maeva.com REG_BINARY
www.pierreetvacances.com REG_BINARY
*.mail.yahoo.com REG_BINARY
www.surcouf.com REG_BINARY
blog.entrevue.fr REG_BINARY
www.entrevue-web.fr REG_BINARY
telecharger.gsiteg.com REG_BINARY

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\PROPRITAIRE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X7B7BZBB.DEFAULT\HOSTPERM.1
host popup 1 www.infos-du-net.com
host popup 2 www.humour1.com
host popup 1 www.torrentazos.com
host popup 1 www.universalmobile.fr
host popup 1 pointroute.france2.fr
host popup 1 www.01net.com
host popup 1 www.3suisses.fr
host popup 1 www.c-rigolo.com
host popup 1 www.disney.fr
host popup 1 scheme:file
host popup 1 www.sony.fr

******************************************
## Registre

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CAKETYPEMAPISAFE REG_SZ C:\Documents and Settings\All Users\Application Data\DvdCompCakeType\GreyBrowse.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
BashWma REG_SZ C:\DOCUME~1\PROPRI~1\APPLIC~1\PROGRA~1\TimeChic.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\WINDOWS

Le volume dans le lecteur C s'appelle PRESARIO
Le num‚ro de s‚rie du volume est 449E-1604

R‚pertoire de C:\WINDOWS


*************** Fin du rapport ****************

salut boulepate62

merci d'avoir fais attention a mon log car effectivement il en reste.

tiens le rapprort blacklight

au faite sa correspond a quoi ALCXMNTR.EXE ,merci.


02/06/07 18:03:15 [Info]: BlackLight Engine 1.0.55 initialized
02/06/07 18:03:15 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/06/07 18:03:15 [Note]: 7019 4
02/06/07 18:03:15 [Note]: 7005 0
02/06/07 18:03:21 [Note]: 7006 0
02/06/07 18:03:21 [Note]: 7011 2464
02/06/07 18:03:21 [Note]: 7026 0
02/06/07 18:03:21 [Note]: 7026 0
02/06/07 18:03:34 [Note]: FSRAW library version 1.7.1021
02/06/07 18:21:32 [Note]: 7007 0