delphine05

Flute LOL j avais oublie de mettre le rapport.... Ahhh ces blondes pas de cerveaux !!! Voila cést repare. Bonne journee

Bonsoir, Voici le rapport Hjckthis de lórdi dún collegue. J ai essaye de le nettoyer en suivant vos procedures mais il deconne quand meme a l ouverture ... Merci beaucoup Logfile of HijackThis v1.99.1 Scan saved at 17:31:26, on 12/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\hpzipm12.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\eMule\emule.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\JinHanZhang\My Documents\My Received Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ R3 - URLSearchHook: Traduction-online - {4F75DC45-5A92-4352-BEC4-4C32FB7DF2A8} - C:\Program Files\Traduction-online\install.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: XBTB00892 - {2CC514F5-5881-49c2-AD9E-6F7A89AB4F1B} - C:\PROGRA~1\TRADUC~1\install.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Traduction-online - {4F75DC45-5A92-4352-BEC4-4C32FB7DF2A8} - C:\Program Files\Traduction-online\install.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [NI.UWAS6V_0001_N91M2208] "C:\Documents and Settings\JinHanZhang\Desktop\WinAntiSpyware2006FreeInstall_fr.exe" -nag O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ? O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?66487cfa4d9949139ba0155a2d7d5621 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?66487cfa4d9949139ba0155a2d7d5621 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Traduction-online - {4F75DC45-5A92-4352-BEC4-4C32FB7DF2A8} - C:\Program Files\Traduction-online\install.dll O9 - Extra 'Tools' menuitem: Traduction-online - {4F75DC45-5A92-4352-BEC4-4C32FB7DF2A8} - C:\Program Files\Traduction-online\install.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Merci Mykerinos, je vais regarder ca. Apparement il me dit quíl y a des trojans qui apparaissent souvent et tjrs les memes. Un peu de soleil qatari en cette periode de froid chez vous Delphine

Merci bcp pour la procedure pour le norton Mykerinos. Si quelquún a 2mn pourriez vous analyser mon rapport Hijackthis SVP. Bonne soiree Delphine

Merci bcp pour la procedure pour le norton Mykerinos. Si quelquún a 2mn pourriez vous analyser mon rapport Hijackthis SVP. Bonne soiree Delphine

Bonjour, Apres le Liban, me voila expatriee au Qatar... Me voila donc dans un nouveau boulot et promue responsable de la desinfection des PC de mes collegues LOL... Voici donc un premier PC : Logfile of HijackThis v1.99.1 Scan saved at 19:43:06, on 04/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\HP\HP UT\bin\hppusg.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\tsnp2std.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Pavilion Webcam Tray Icon.lnk = ? O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?66487cfa4d9949139ba0155a2d7d5621 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?66487cfa4d9949139ba0155a2d7d5621 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Il y a un probleme avec java web qui declange toujours un warning de norton. Dáilleurs La periode déssai de norton etant finie mon collegue souhaiterai le desinstaller pour laisser le Antivir, pourriez vous me dire si je le supprime directement depuis Ajout et suppression des programmes ou síl y a autre chose a faire SVP... Merci beaucoup et BONNE ANNEE A TOUS du qATAR

VOILA, j'ai fait ce que tu m'avais conseille mais malheureusement easy cleaner ne demarre pas je ne comprend pas pourquoi. Sinon, la page de netcom (amazone.fr) apparait toujours. PAR CONTRE, il faudrait absolument que je remette l'ouverture automatique des fenettres de yahoo messenger et msn messenger car ma maman ne sera pas le faire manuellement !!! je vais continuer ta procedure avec le spywareterminator. a plus et merci

coucou Charles Ingals, Pas de gros probleme si ce n'est une page d'accueil Amazone.fr qui s'ouvre des que j'ai la connection internet et surtout un lenteur incroyable du PC en question. A plus tard et ùmerci encore de ton aide. cette fois ci, je surveille tous tes messages

ARGHHHHHHH je ne suis plus chez mon pere !!!!!! et moi qui croyai que tout etais OK mainteant... flute de flute, il faudra attendre ma prochaine venue en France pour faire tout, arkkk je me sents blonde de chez blonde la !!!! Bon je m'etais connectee de chez ma mere la, pour te donner son rapport Hijackthis, il faut que tu saches que chez ma mere c'est une connection par telephone et son PC est sous windows 98 (j'avais achete ca, car elle ne l'utilise pratiquement que pour etre en contact avec moi a l'etranger) Alors je ne sais pas si c'est moi ou si c'est normal mais c'est incroyable comme il rame ce truc... Voici son rapport : Logfile of HijackThis v1.99.1 Scan saved at 14:44:58, on 04/07/06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRAM FILES\IZARC\IZARC.EXE C:\WINDOWS\TEMP\ARCC360\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\PROGRAM FILES\REAL\REALJUKEBOX\tsystray.exe" O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE" /nosplash /minimized O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab Je dois egalement te dire que je suis connectee encore 1hr cet aprem et ensuite je ne viendrai que 1hr demai avant de reprendre l'avion pour le Liban. J'espere que je ne t'embete pas trop. gros bisous Delphine

merci Charles Ingals, le prochain message se fera du pc de ma maman car il ne me reste que 3 jours avant de repartir a l'etranger. a plus et encore merci delphine

Coucou, Alors cher Charles Ingals, je suis OK ou pas avec ce PC ? Je vais encore t embeter car j'ai encore le pc de ma maman a checKer.. merci bcp bonne jornee

le dernier rapport Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 17:17:26, on 27/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\APPS\OD2\OD2DLEngine.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\APPS\OD2\OD2State.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Yahoo!\Messenger\ypager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\DOCUME~1\NATH\LOCALS~1\Temp\Répertoire temporaire 5 pour hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\APPS\OD2\OD2DLEngine.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) J'espere que j'ai tout fait ccorrectement. Par contre, il audrait que je remette la mise en connection automatique de Yahoo messenger car ils ne savent pas le faire, peux tu me donner la marche a suivre SVP. J'ai egalement un probleme avec la web cam qui a l'air de fonctionner correctement mais des que je veux l'utilser sous yahoo messenger j'ai un message serveur busy !!!! tu as une idee du probleme ? Meci encore de ton aide et bonne fin d'aprem Delphine

bonjour Charles Ingals, J'ai donc suivi ta procedure, voici le premier rapport celui de spywareterminator {\rtf1\ansi\ansicpg1252\deff0\deflang1036{\fonttbl{\f0\fnil\fcharset238 MS Sans Serif;}{\f1\fnil\fcharset0 MS Sans Serif;}} {\colortbl ;\red52\green81\blue125;\red255\green0\blue0;} \viewkind4\uc1\pard\cf1\f0\fs16 \par \b\f1 \ul Scan Progress (Full Scan) \ulnone \par \b0 Start time: 27/06/2006 16:01:34 \par \par \b Processes Scanning\b0 \par PowerProfile : C:\\WINDOWS\\SYSTEM32\\POWRPROF.DLL \par Shdocvw : C:\\WINDOWS\\SYSTEM32\\SHDOCVW.DLL \par \b Startup Scanning\b0 \par MessengerService : HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ MSMSGS \par MessengerService : C:\\PROGRAM FILES\\MESSENGER\\MSMSGS.EXE \par YahooPager : HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ Yahoo! Pager \par YahooPager : C:\\PROGRAM FILES\\YAHOO!\\MESSENGER\\YPAGER.EXE \par Ctfmon : HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ ctfmon.exe \par Ctfmon : C:\\WINDOWS\\SYSTEM32\\CTFMON.EXE \par Configuration de la neuf Box : C:\\PROGRAM FILES\\NEUF TELECOM\\NEUF BOX\\WIZARD\\QUICKACCESS.EXE \par NvCplDaemon : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ NvCplDaemon \par NvCplDaemon : C:\\WINDOWS\\SYSTEM32\\NVCPL.DLL \par Nwiz : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ nwiz \par Nwiz : C:\\WINDOWS\\system32\\NWIZ.EXE \par NvMixerTray : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ NvMediaCenter \par NvMixerTray : C:\\WINDOWS\\SYSTEM32\\NVMCTRAY.DLL \par SoundMan : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ SoundMan \par SoundMan : C:\\WINDOWS\\SOUNDMAN.EXE \par SunJavaUpdateSched : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ SunJavaUpdateSched \par SunJavaUpdateSched : C:\\PROGRAM FILES\\JAVA\\J2RE1.4.2_04\\BIN\\JUSCHED.EXE \par PCMService : C:\\APPS\\POWERCINEMA\\PCMSERVICE.EXE \par Lexmark 2200 Series : C:\\PROGRAM FILES\\LEXMARK 2200 SERIES\\LXBVBMGR.EXE \par DOWNLOAD MANAGER : C:\\APPS\\OD2\\OD2DLENGINE.EXE \par RealSched : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ TkBellExe \par RealSched : C:\\PROGRAM FILES\\FICHIERS COMMUNS\\REAL\\UPDATE_OB\\REALSCHED.EXE \par BitDefender : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ BDMCon \par BitDefender : C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe \par BDOESRV : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ BDOESRV \par BDOESRV : C:\\PROGRAM FILES\\SOFTWIN\\BITDEFENDER9\\BDOESRV.EXE \par BDNewsAgent : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ BDNewsAgent \par BDNewsAgent : C:\\Program Files\\Softwin\\BitDefender9\\bdnagent.exe \par BitDefender : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ BDSwitchAgent \par BitDefender : C:\\Program Files\\Softwin\\BitDefender9\\bdswitch.exe \par QuickTimeTask : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ QuickTime Task \par QuickTimeTask : C:\\PROGRAM FILES\\QUICKTIME\\QTTASK.EXE \par LogitechVideoRepair : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ LogitechVideoRepair \par LogitechVideoRepair : C:\\PROGRAM FILES\\LOGITECH\\VIDEO\\ISSTART.EXE \par LogitechVideoTray : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ LogitechVideoTray \par LogitechVideoTray : C:\\PROGRAM FILES\\LOGITECH\\VIDEO\\LOGITRAY.EXE \par LVCOMSX : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ LVCOMSX \par LVCOMSX : C:\\WINDOWS\\SYSTEM32\\LVCOMSX.EXE \par Adobe Photo Downloader : C:\\PROGRAM FILES\\ADOBE\\PHOTOSHOP ALBUM EDITION D\'e9COUVERTE\\3.0\\APPS\\APDPROXY.EXE \par Spyware Terminator : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ SpywareTerminator \par Spyware Terminator : C:\\PROGRAM FILES\\SPYWARE TERMINATOR\\SPYWARETERMINATORSHIELD.EXE \par Explorer : HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\ Shell \par Explorer : C:\\WINDOWS\\EXPLORER.EXE \par \b Toolbars Scanning\b0 \par YahooToolbar : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar\\ \{EF99BD32-C1FB-11D2-892F-0090271D4F88\} \par YahooToolbar : C:\\PROGRAM FILES\\YAHOO!\\COMPANION\\INSTALLS\\CPN0\\YT.DLL \par Shdocvw : HKLM\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{4D5C8C25-D075-11d0-B416-00C04FB90376\}\\ \par Shdocvw : C:\\WINDOWS\\SYSTEM32\\SHDOCVW.DLL \par Shdocvw : explorer.exe PID: 756 \par Shdocvw : SpywareTerminator.Exe PID: 1612 \par Hotbar Toolbar : HKLM\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E\}\\ \par Shdocvw : HKLM\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE\}\\ \par Hotbar Toolbar : HKCU\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{66B90ADB-0BE3-40AE-8680-84A6F0577CA0\}\\ \par Hotbar Toolbar : HKCU\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E\}\\ \par Shdocvw : HKCU\\Software\\Microsoft\\Internet Explorer\\Explorer Bars\\\{EFA24E61-B078-11D0-89E4-00C04FC9E26E\}\\ \par \b Browser Helper Objects Scanning\b0 \par AcroIEHelper : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3\}\\ \par AcroIEHelper : C:\\PROGRAM FILES\\ADOBE\\ACROBAT 6.0\\READER\\ACTIVEX\\ACROIEHELPER.DLL \par \b IE Explorer Bars\b0 \par \b IE Extensions\b0 \par \b Services Scanning\b0 \par \b Protocol filters Scanning\b0 \par \b Protocol handlers Scanning\b0 \par \b WinSock2 Scanning\b0 \par \b Uninstallers Scanning\b0 \par \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\ADOBE\\ESD\\UNINST.EXE \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\AOLSHARE\\AOLUNINS_FR.EXE \par C:\\Program Files\\Fichiers communs\\AOL\\ACS\\ACSUNINSTALL.EXE \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\AOL\\SCREENSAVER\\UNINST_YGPSS.EXE \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\AOLSHARE\\COACH\\AOLCINUN.EXE \par C:\\PROGRAM FILES\\DYNAMIC TOOLBAR\\UNINS000.EXE \par C:\\PROGRAM FILES\\HBTOOLS\\BIN\\HBTUNINST.EXE \par Hotbar Toolbar : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HbToolsOutlookTools\\ \par C:\\DOCUME~1\\NATH\\LOCALS~1\\Temp\\R\'e9pertoire temporaire 1 pour hijackthis.zip\\HijackThis.exe \\uninstall \par C:\\WINDOWS\\$NTUNINSTALLKB873339$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB885250$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB885492$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB885835$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB885836$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB885884$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB886185$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB887472$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB887742$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB888113$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB888302$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB890046$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB890859$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB891781$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB893066$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB893756$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$MSI31UNINSTALL_KB893803V2$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB896358$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB896422$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB896423$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB896424$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB896428$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB898458$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB898461$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB899587$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB899591$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB900485$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB900725$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB901017$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB901214$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB902400$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB905414$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB905749$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB905915$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB908519$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB908531$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB910437$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911280$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911562$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911564$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911565$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911567$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB911927$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB912812$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB912919$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB913446$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB913580$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB914389$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB916281$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB917344$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB917734_WMP9$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB917953$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\$NTUNINSTALLKB918439$\\SPUNINST\\SPUNINST.EXE \par C:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\LXBVUN5C.EXE \par C:\\Program Files\\Logitech\\Print Service\\UNWISE.EXE \par C:\\WINDOWS\\MICROSOFT.NET\\FRAMEWORK\\V1.1.4322\\UPDATES\\HOTFIX.EXE \par C:\\WINDOWS\\system32\\MSIEXEC.EXE \par C:\\WINDOWS\\ISUN040C.EXE \par C:\\PROGRAM FILES\\NIKON\\FOTOSHARE\\UNINSTAL.EXE \par C:\\WINDOWS\\SYSTEM32\\NVUDISP.EXE \par C:\\WINDOWS\\system32\\SETUPAPI.DLL \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\LOGITECH\\QCDRV\\BIN\\SETUP.EXE \par C:\\WINDOWS\\UNVISE32QT.EXE \par C:\\PROGRAM FILES\\FICHIERS COMMUNS\\REAL\\UPDATE_OB\\RNUNINST.EXE \par C:\\PROGRAM FILES\\SAMSUNG\\SAMSUNG MOBILE USB MODEM\\SSM_UNINSTALL.EXE \par C:\\WINDOWS\\system32\\Macromed\\Shockwave 8\\UNWISE.EXE \par C:\\WINDOWS\\SYSTEM32\\MACROMED\\FLASH\\UNINSTFL.EXE \par C:\\WINDOWS\\MODIO\\SLAMR2KO\\SETUP.EXE \par C:\\PROGRAM FILES\\SPYWARE TERMINATOR\\UNINS000.EXE \par C:\\PROGRAM FILES\\LEARN2.COM\\STRUNNER\\STUNINST.EXE \par C:\\PROGRAM FILES\\VIEWPOINT\\VIEWPOINT EXPERIENCE TECHNOLOGY\\MTSAXINSTALLER.EXE \par C:\\Program Files\\Wanadoo Messager\\UNWISE.EXE \par C:\\WINDOWS\\$NTSERVICEPACKUNINSTALL$\\SPUNINST\\SPUNINST.EXE \par C:\\Program Files\\Yahoo!\\Common\\unyt.exe \par C:\\Program Files\\Yahoo!\\Common\\unyext.exe \par C:\\PROGRA~1\\YAHOO!\\COMMON\\YMMAPI~1.DLL \par C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE \par C:\\PROGRA~1\\YAHOO!\\COMMON\\YINSTH~1.DLL \par C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\ENGINE\\6\\INTEL3~1\\CTOR.DLL<UNINSTALL_CMD> \par C:\\Program Files\\Fichiers communs\\InstallShield\\Engine\\6\\Intel 32\\ctor.dll \par C:\\Program Files\\Fichiers communs\\InstallShield\\Professional\\RunTime\\09\\01\\Intel32\\ctor.dll \par C:\\Program Files\\Fichiers communs\\InstallShield\\Professional\\RunTime\\0701\\Intel32\\ctor.dll \par \b Start Menu Scanning\b0 \par RealTray : C:\\Documents and Settings\\NATH\\Menu D\'e9marrer\\Programmes\\Accessoires\\Divertissement\\RealOne Player.lnk \par Explorer : C:\\Documents and Settings\\NATH\\Menu D\'e9marrer\\Programmes\\Accessoires\\Explorateur Windows.lnk \par SynchronizationManager : C:\\Documents and Settings\\NATH\\Menu D\'e9marrer\\Programmes\\Accessoires\\Synchroniser.lnk \par BitDefender : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\BitDefender 9 Professional Plus.lnk \par Explorer : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Accessoires\\Communications\\Connexions r\'e9seau.lnk \par Explorer : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Accessoires\\Outils syst\'e8me\\T\'e2ches planifi\'e9es.lnk \par BitDefender : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\BitDefender 9\\BitDefender 9 Professional Plus.lnk \par Explorer : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Logitech\\Mes photos Logitech.lnk \par Spyware Terminator : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Spyware Terminator\\Spyware Terminator.lnk \par MessengerService : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Windows Messenger.lnk \par YahooPager : C:\\Documents and Settings\\All Users\\Menu D\'e9marrer\\Programmes\\Yahoo! Messenger\\Yahoo! Messenger.lnk \par \b Desktop Scanning\b0 \par Explorer : C:\\Documents and Settings\\NATH\\Bureau\\Raccourcis Bureau non utilis\'e9s\\Mes photos Logitech.lnk \par \b Favorites Scanning\b0 \par \b Cookies Scanning\b0 \par \b Registry Scanning\b0 \par Hotbar Toolbar : HKLM\\Software\\hbtools\\ \par Hotbar Toolbar : HKCU\\Software\\Hbtools\\ \par Hotbar Toolbar : HKCR\\CLSID\\\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94\}\\ \par Hotbar Toolbar : C:\\PROGRAM FILES\\HBTOOLS\\BIN\\4.7.7.0\\HBTCORESRV.DLL \par Hotbar Toolbar : HKCR\\CLSID\\\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6\}\\ \par Hotbar Toolbar : C:\\PROGRAM FILES\\HBTOOLS\\BIN\\4.7.7.0\\HBTSRV.EXE \par Hotbar Toolbar : HKCR\\Interface\\\{175816A5-219E-4079-B2F9-53C501C409BA\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{1C1793E0-1034-4CAC-837D-AA545F6961BF\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{27C4569F-8728-4958-A920-A607CAE8153C\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{397A208B-3D09-4B3E-93E8-CA171886612E\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{421745E9-16DF-4EE4-A758-D51F939C49CB\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{4331EC56-0AAB-499E-8757-DD2EE44AD671\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{54286C3A-E044-4E65-BD44-528D6AE28A18\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{5D16197A-1EAA-45AF-B29A-69F1AA055E87\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{5F2B9DE7-F878-4762-8CFE-E9C58F082F0E\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{8654592E-952A-4E7C-A960-304763B35FA6\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{8A61A950-C325-4F44-BA64-273180FF3464\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{8D5C4EC6-AF8E-4B85-BA27-64BABE410510\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{8E98FAF8-794F-47F9-AF90-15305564ED81\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{AF15975B-1498-4740-8E6C-90AF78E4198C\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{B53D4CD4-406D-43CC-8244-7893D72236DD\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{B671426C-5C1A-48AC-9652-BC9402B1C404\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{B9BB3219-F84C-4060-966B-4A1E73E24226\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{D082721F-4BD4-4B8B-BB82-06753EE6174F\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{D24F9D3C-5D4C-47F8-9AB7-632B44AD6A0D\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{F43EC88B-B6C8-4969-A763-E2BF55602CCE\}\\ \par Hotbar Toolbar : HKCR\\Interface\\\{F786CB18-3809-4E49-BC99-9A66DA47DB8B\}\\ \par Hotbar Toolbar : HKCR\\TypeLib\\\{45397063-D7D0-47C2-9508-26487608A298\}\\ \par Hotbar Toolbar : HKCR\\TypeLib\\\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6\}\\ \par Hotbar Toolbar : HKCR\\TypeLib\\\{71EFE583-62FE-4419-9918-CA3B683F7B36\}\\ \par Hotbar Toolbar : HKCR\\TypeLib\\\{9967A873-40F3-4C7E-9239-6C8760F19F61\}\\ \par Hotbar Toolbar : HKCR\\TypeLib\\\{B9F51D42-CCA0-4408-BB02-D433D1865A3A\}\\ \par AcroIEHelper : HKCR\\CLSID\\\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3\}\\ \par AcroIEHelper : C:\\PROGRAM FILES\\ADOBE\\ACROBAT 6.0\\READER\\ACTIVEX\\ACROIEHELPER.DLL \par YahooToolbar : HKCR\\CLSID\\\{EF99BD32-C1FB-11D2-892F-0090271D4F88\}\\ \par YahooToolbar : C:\\PROGRAM FILES\\YAHOO!\\COMPANION\\INSTALLS\\CPN0\\YT.DLL \par YahooToolbar : HKCR\\CLSID\\\{02478D38-C3F9-4efb-9B51-7695ECA05670\}\\ \par MSDXM : HKCR\\CLSID\\\{8E718888-423F-11D2-876E-00A0C9082467\}\\ \par MSDXM : C:\\WINDOWS\\SYSTEM32\\MSDXM.OCX \par \b Files Scanning\b0 \par 2020Search : C:\\Program Files\\dynamic toolbar\\ \par 2020Search : C:\\Program Files\\dynamic toolbar\\batch.bat \par 2020Search : C:\\Program Files\\dynamic toolbar\\unins000.dat \par 2020Search : C:\\Program Files\\dynamic toolbar\\unins000.exe \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\go.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\home.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\logo_pb.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\parent_off.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\parent_on.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\pbfrv2tb0200.cfg \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\popup_off.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\popup_on.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\search.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\services.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin1.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin2.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin3.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin4.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\skin5.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\store.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\style.css \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\support.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\Cache\\ticker.xml \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\ErrorLog.txt \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\go.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\home.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\logo_pb.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\parent_off.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\parent_on.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\PBFRV2TB0200.cfg \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\popup_off.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\popup_on.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\search.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\services.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin1.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin2.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin3.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin4.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\skin5.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\store.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\style.css \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\support.bmp \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\ticker.xml \par 2020Search : C:\\Program Files\\dynamic toolbar\\PBFRV2\\Cache\\_Ticker_ticker.txt \par Hotbar Toolbar : C:\\WINDOWS\\downloaded program files\\hbinstie.dll \par Hotbar Toolbar : C:\\Program Files\\hbtools_icons\\ \par Hotbar Toolbar : C:\\Program Files\\hbtools_icons\\Registryrepair.ico \par Hotbar Toolbar : C:\\Program Files\\HbTools\\Bin\\HbtUninst.exe \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\ \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\eskin\\empty_bg_st.htm \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\eskin\\FileManager.txt \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1024209.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1025364.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1042745.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1043399.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1049983.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1054344.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1056052.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1065385.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1066422.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1139319.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1272086.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1282552.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1292853.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1383387.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1386073.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1387223.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1387411.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1387569.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1390720.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1390909.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1391612.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1394575.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1395464.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1395850.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1396156.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1401883.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1402137.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1402657.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1404175.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1404358.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1416761.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1418656.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1489630.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1732609.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1853951.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1910683.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1910689.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1911168.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1911505.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\1951234.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2176707.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2190394.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2208944.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2208946.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2208948.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2257941.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2378372.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2387158.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2390706.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2391537.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2415038.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2460784.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2492150.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2502811.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\251320.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2561292.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2562854.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2570088.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2688722.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2697919.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2777657.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2785228.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2785253.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\283163.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2883904.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2885069.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2896152.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2899598.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\2899663.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3240760.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3251993.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3328600.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\333491.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3442551.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3693214.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3739673.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3739788.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3748308.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3749515.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\375784.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3781310.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3781353.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3781356.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3783087.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3786166.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\3786197.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\382527.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\387979.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\42875.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\432880.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\452736.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\459029.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\512217.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\522944.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\527853.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\549620.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\550843.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\558710.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\566217.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\590542.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\600583.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\63272.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\69144.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\70858.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\757916.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\805478.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\819382.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\838809.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\84406.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\854397.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\871071.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\890068.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\933625.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\934538.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\943999.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\984354.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\991767.sdf \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\ASPL1.dat \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\domains.txt \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000003674 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000013401 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000021726 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000023695 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000023749 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000023773 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000023894 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000023902 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024187 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024237 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024268 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024320 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024375 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024593 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024705 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024721 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024722 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\\v3.0\\HbTools\\dynamic\\TooltipXML\\1000024774 \par Hotbar Toolbar : C:\\Documents and Settings\\NATH\\Application Data\\HbTools\

Salut Charles Ingals, Quand tu me dis que tu as cafouille ca va dire quoi ??? je ne dois pas faire la procedure que tu m'a donne ???? C'est l'arrivee du dimande qui t'a fait ca ? Allez a plus et merci de ton aide. Delphine

et voici le scan de virustotal / STATUS: FINISHEDComplete scanning result of "ddcjqkmt.exe", received in VirusTotal at 06.24.2006, 14:14:29 (CET). Antivirus Version Update Result AntiVir 6.35.0.16 06.24.2006 ADSPY/Hotbar.BE.9.B Authentium 4.93.8 06.23.2006 no virus found Avast 4.7.844.0 06.23.2006 Win32:Adware-gen. AVG 386 06.23.2006 Adware Generic.NJR BitDefender 7.2 06.24.2006 Adware.Hotbar.BQ CAT-QuickHeal 8.00 06.24.2006 AdWare.HotBar.bq (Not a Virus) ClamAV devel-20060426 06.23.2006 no virus found DrWeb 4.33 06.24.2006 Adware.Hotbar eTrust-InoculateIT 23.72.48 06.24.2006 no virus found eTrust-Vet 12.6.2272 06.23.2006 no virus found Ewido 3.5 06.24.2006 Adware.HotBar Fortinet 2.77.0.0 06.24.2006 Adware/HotBar F-Prot 3.16f 06.23.2006 no virus found Ikarus 0.2.65.0 06.23.2006 AdWare.Win32.HotBar.bq Kaspersky 4.0.2.24 06.24.2006 not-a-virus:AdWare.Win32.HotBar.bq McAfee 4792 06.23.2006 potentially unwanted program Adware-HotBar Microsoft 1.1481 06.24.2006 Hotbar (threat-c) NOD32v2 1.1620 06.24.2006 probably a variant of Win32/Adware.HotBar Norman 5.90.21 06.23.2006 W32/HotBar.DY Panda 9.0.0.4 06.24.2006 no virus found Sophos 4.06.0 06.24.2006 no virus found Symantec 8.0 06.24.2006 no virus found TheHacker 5.9.8.164 06.23.2006 Adware/HotBar.bq UNA 1.83 06.23.2006 Adware.HotBar VBA32 3.11.0 06.23.2006 AdWare.Win32.HotBar.bq VirusBuster 4.3.7:9 06.23.2006 no virus found Aditional Information File size: 253952 bytes MD5: 4799f6e895aa7e14fff6488d0b808a50 SHA1: 5039f61161427f640c998509409c8c71f531e737

Bonjour, Voila Charles Ingals la petite Laura a ete verfier ce que tu lui avais demande et voila le resultat : File: ddcjqkmt.exe Status: INFECTED/MALWARE MD5 4799f6e895aa7e14fff6488d0b808a50 Packers detected: - Scanner results AntiVir Found Adware-Spyware/Hotbar.BE.9.B adware ArcaVir Found nothing Avast Found Win32:Adware-gen. AVG Antivirus Found Generic.NJR BitDefender Found nothing ClamAV Found nothing Dr.Web Found Adware.Hotbar F-Prot Antivirus Found nothing Fortinet Found Adware/HotBar Kaspersky Anti-Virus Found not-a-virus:AdWare.Win32.HotBar.bq NOD32 Found probably a variant of Win32/Adware.HotBar application (probable variant) Norman Virus Control Found W32/HotBar.DY UNA Found nothing VirusBuster Found nothing VBA32 Found AdWare.Win32.HotBar.bq J'attends donc tes instructions si tu n'es pas entrain de couper du bois...

Merci bcp charles ingals, je m'occupe de ca demain matin car la il y a de gros orages. merci encore Delphine

Bonjour, voici ci dessous le rapport Hijackthis du PC de mon pere, (il y a pour sure une infection car il recoit des PUBs de net offers toutes les 20 secondes) merci de m'aider, et bonne jurnee a tous. Logfile of HijackThis v1.99.1 Scan saved at 14:59:13, on 23/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe C:\APPS\OD2\OD2DLEngine.exe C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe C:\Program Files\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\HbTools\Bin\4.7.7.0\HbtWeatherOnTray.exe C:\Program Files\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe C:\APPS\OD2\OD2State.exe C:\Program Files\Yahoo!\Messenger\ypager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe C:\Program Files\HbTools\Bin\4.7.7.0\HbtSrv.exe C:\DOCUME~1\NATH\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Servi...omeLeftPane.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.7.0\HbtHostIE.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\APPS\OD2\OD2DLEngine.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.7.7.0\HbtWeatherOnTray.exe O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.7.7.0\HbtOEAddOn.exe O4 - HKLM\..\Run: [cnwwfkzj] C:\WINDOWS\system32\ddcjqkmt.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.od2.com O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

merci a tous , je vais voir ce que je peux faire. En fait, j'ai vraiment de gros doutes , mais je n'ose pas attraper la personne concernee directement... Allezje vous envoie un peu de soleil libanais quand meme

Bonsoir, Je viens a vous pour un sujet un peu delicat. Je me suis rendue compte depuis quelques temps que quelqu'un avait imite mon adresse e-mail et il avait contacte certains de mes amis et ma famille... en leurs envoyant des photos pornos !!! Bien sur, il s'est invite dans leur liste d'amis "yahoo messenger" car les gens pensaient que c'etait moi ! J'ai un gros doute sur l'identite de cet imposteur et je voudrais bien le coincer . Y a t il une possibilite que je saches par exemple depuis ou son adresse a ete creee. il me suffirait juste de savoir meme dans quel pays pour avoir la preuve que j'attends. Merci de voir si vous pouvez m'aider car je n'apprecie pas du tout ce detournement... Bon samedi soir Delphine05

bon ok pour le premier ordinateur... je retourne chez mon pere ce soir faire vos manipulations. merci Voici donc le deuxieme rapport Hijckthis pour le PC de ma mere. merci d'avance. Logfile of HijackThis v1.99.1 Scan saved at 10:57:30, on 07/02/06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRAM FILES\7-ZIP\7ZFM.EXE C:\WINDOWS\TEMP\7ZO9175.TMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\PROGRAM FILES\REAL\REALJUKEBOX\tsystray.exe" O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE" /nosplash /minimized O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

vooila enfin j y suis arrivee. Merci donc d'avoir la gentilesse de lire le rapport du premier ordnataur. il me reste seulement mardi pour verifier les 2 becannes vu que je repars pour le Liban mercredi matin. merci beaucoup d'avance Logfile of HijackThis v1.99.1 Scan saved at 20:02:07, on 06/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\APPS\OD2\OD2DLEngine.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [CamWizard] C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe O4 - HKLM\..\RunOnce: [installShieldSetup] C:\PROGRA~1\INSTAL~1\{C4304~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{C4304~1\reboot.ini -l0x40c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: *.od2.com O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

arghhhh flute et re flute je veins de me rendre compte que j,avais la aussi sauveragrder le programme hijackthis dans temp..... bon je recomence alors. Desolee ......... si cela peut escuser un peu ma betise.... je suis blonde !!! LOL

oops alors... bon il faut que je retourne chez mon pere faire ca alors. Bon en attendnt voici le rapport du deuxieme PC (celui de ma maman cherie) Merci encore Logfile of HijackThis v1.99.1 Scan saved at 12:16:17, on 05/02/06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\7-ZIP\7ZFM.EXE C:\WINDOWS\TEMP\7ZOF365.TMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tele2internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - fourni par Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\PROGRAM FILES\REAL\REALJUKEBOX\tsystray.exe" O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\fr\msnappau.exe" O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe" O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE" /nosplash /minimized O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tele2internet.fr O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab elle est sous windows 98 et son PC est tres tres lent, y a t il un moyen de le booster un peu ????

Vu que je suis en France pour une semaine, j'en profite pour verifier les PC de ma famille alors, voila je commence par l'ordi de mon pere et une fois que celui la sera nettoye .... on passera a celui de ma mere ... merci d'avance. Delphine Logfile of HijackThis v1.99.1 Scan saved at 19:08:43, on 02/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\NATH\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\APPS\OD2\OD2DLEngine.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [bDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: *.od2.com O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)