yazman
-
Compteur de contenus
12 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par yazman
-
Merci et grâce à toi, je suis tombé amoureux de ce site que je ne connaissais pas aupparavant.
-
Salut, est ce qu'on doit mettre le " browser.turbo.enabled" à true dans cette méthode ou non ? Si oui, est ce que cela aura un effet ? Car dans le tuto, tu n'as pas mentionné ce fait, d'où ma question .
-
Euh quel antivirus ? Ne t'en fais pas je l'ai laissé sinon je devrai refaire tout dès le début. Or cette expérience, je ne veux pas la revivre avec mon PC (des heures que pour les scans). Pour les 2 programmes, je les ai supprimé. Parmi les parefeu, je vais installer ZoneAlarm comme tu me l'as conseillé. Merci pour la liste des parefeu .
-
Bonjour, Lorsque j'ai redemarré le PC j'étais entrain d'attendre que tout se termine (le chargement) mais à ma surprise tout était chargé rapidement . Pour le démarrage, j'ai laissé seulement les fichiers correspondants à mon PC Toshiba. Danke
-
Le PC marche très bien . Merci beaucoup, très sympa de ta part de m'avoir accompagner tout au long de la bataille contre les troies. Ce sera cool, si on pourra l'optimiser plus (c'est vrai lors du démarrage je dois attendre un ptit bout) Voici le fichier uninstall_list.txt : Adobe Acrobat 7.0 Professional - English, Français, Deutsch Adobe Photoshop 7.0 Adobe Reader 7.0 - Français ALPS Touch Pad Driver ANPSEDIC Archiveur WinRAR ArcSoft VideoImpression 1.6 Assist TOSHIBA Assistant Publication de sites Web Microsoft 1.53 Atheros Wireless LAN MiniPCI card Driver AVG Free Edition Babylon Belltech Business Card Designer Pro 4.0 BitComet 0.71 C++test Camtasia Studio 3 Canon MultiPASS Suite 4.40 Commandes TOSHIBA Correctif Windows XP - KB834707 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB885855 Correctif Windows XP - KB885884 Correctif Windows XP - KB886185 Correctif Windows XP - KB887472 Correctif Windows XP - KB887742 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB889673 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Crystal FTP Free Cute FTP Pro v7.1 DAEMON Tools DHTML Menu Builder 4.9 DHTML Menu Builder 4.9 Digital Image DivX Codec DivX Player EasyPHP 1.8 Espace Wanadoo Tunisie ewido anti-spyware 4.0 Fiolex Home Studio Folder Lock Football Manager 2006 Formatage de carte mémoire SD TOSHIBA FTP 2000 Gestion d'énergie TOSHIBA GSmart Mini 3 GSmart Mini 3 WDM Video Capture GSview et Aladdin Ghostscript GTK+ 2.8.18-1 runtime environment HelpNDoc Version 1.7 Personal Edition HijackThis 1.99.1 Intel® Graphics Media Accelerator Driver for Mobile InterVideo WinDVD for TOSHIBA J2SE Development Kit 5.0 Update 6 J2SE Runtime Environment 5.0 Update 6 JCreator LE 3.50 KaraFun 1.10 Kazaa 3.2.2 Lecteur Windows Media 10 LFP Manager 06 Macromedia Dreamweaver 8 Macromedia Dreamweaver MX 2004 Macromedia Extension Manager Macromedia Extension Manager Macromedia Fireworks MX 2004 Macromedia Flash 8 Macromedia Flash 8 Video Encoder Macromedia Flash Player Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Macromedia Shockwave Player Manuels TOSHIBA Messenger Plus! 3 MetaProducts Offline Explorer Enterprise Microsoft .NET Framework (English) v1.0.3705 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 2.0 Microsoft ASP.NET Web Matrix Microsoft Office OneNote 2003 Microsoft Office XP Professional avec FrontPage Microsoft Project 2000 Microsoft SQL Server 2000 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Visual Studio .NET Enterprise Architect 2003 - Français Microsoft Visual Studio 6.0 Édition Entreprise (Français) Microsoft Windows Media Video 9 VCM Microsoft Works mIRC Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901190) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB905915) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB908531) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911567) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912812) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913446) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB916281) Mise à jour de sécurité pour Windows XP (KB917159) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918439) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour pour Windows XP (KB894391) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) MotionDV STUDIO 5.3E LE for DV Mozilla Firefox (1.5.0.7) MSN MSN Messenger 7.5 MyEclipse Enterprise Workbench v4.0.2 MySQL Query Browser 1.1 MySQL Server 4.1 Need2Find Bar Nero 7 Demo NuTCRACKER Operating Environment Outil de diagnostic PC TOSHIBA Paint.NET v2.72 Panda ActiveScan Passware Kit Enterprise 7.5 Picasa 2 QuickTime Rational Rose Enterprise Edition Readiris Pro 10 Realtek AC'97 Audio REALTEK Gigabit and Fast Ethernet NIC Driver Réducteur de bruit lect. CD/DVD SAGEM F@st 800-840 SD Secure Module Security Update pour Microsoft .NET Framework 2.0 (KB917283) SMSC IrCC V5.1.3600.5 SP2 Son virtuel TOSHIBA Sonic DLA Sonic RecordNow! SPSS pour Windows 10.0 Spybot - Search & Destroy 1.4 StuffPlug-NG (Messenger Plus! Plugins) Texas Instruments PCIxx21/x515 drivers. The Best Offers The GIMP 2.2.10 Together Workflow Editor TOSHIBA Accessibility TOSHIBA ConfigFree TOSHIBA Hardware Setup TOSHIBA Mot de passe responsable TOSHIBA Software Modem Touch and Launch Trojan Remover 6.5.2 Ulead GIF Animator 5 ESD Utilitaire de zoom TOSHIBA Utilitaire Hotkey TOSHIBA Utilitaire TouchPad ON/OFF Video Stream Driver for Panasonic DVC VideoLAN VLC media player 0.8.4a VirtualCloneDrive Visual J# .NET Redistributable 1.1- French Language Pack Windows Installer 3.1 (KB893803) Windows Media Format Runtime Yahoo! Extras Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Messenger Yahoo! Toolbar avec bloqueur de fenêtres pop-up ZipLine 1.5
-
Bonsoir, quel boulot ! ça ne finit jamais J'ai supprimé les fichiers que Panda a trouvé. Voici le rapport de HiJackThis : Logfile of HijackThis v1.99.1 Scan saved at 00:22:18, on 19/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe C:\WINDOWS\system32\nutsrv4.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Canon\MultiPASS4\MPTBox.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Digital Image\Monitor.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Yazman\Bureau\WinPFind\WinPFind\winpfind.exe C:\WINDOWS\notepad.exe C:\Program Files\hijackthis\yazman.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Image Monitor.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7B856455-4B25-4709-8077-7870CEF040CB}: NameServer = 193.95.122.40 193.95.93.77 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe Voici le rapport de WinPFind : WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Logfile created on: 19/09/2006 00:08:03 WinPFind v1.5.0 Folder = C:\Documents and Settings\Yazman\Bureau\WinPFind\WinPFind\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 6.0.2900.2180) »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»» Checking %SystemDrive% folder... WSUD 25/03/2006 12:51:46 108459237 C:\eclipse-SDK-3.1.2-win32.zip () Checking %ProgramFilesDir% folder... Checking %WinDir% folder... UPX! 22/08/2004 18:04:56 69120 C:\WINDOWS\daemon.dll () FSG! 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe () PEC2 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe () PECompact2 08/04/2005 19:10:40 7572683 C:\WINDOWS\dmbsetup.exe () qoologic 13/08/2006 20:05:46 89452544 C:\WINDOWS\MEMORY.DMP () WSUD 13/08/2006 20:05:46 89452544 C:\WINDOWS\MEMORY.DMP () Checking %System% folder... WSUD 27/10/2004 18:42:44 16179200 C:\WINDOWS\SYSTEM32\alsndmgr.cpl (Realtek Semiconductor Corp.) PEC2 19/03/2003 05:05:48 2052096 C:\WINDOWS\SYSTEM32\atl71.pdb () PEC2 14/02/2005 20:08:46 31232 C:\WINDOWS\SYSTEM32\ColorPicker.ocx (xFX JumpStart) PECompact2 14/02/2005 20:08:46 31232 C:\WINDOWS\SYSTEM32\ColorPicker.ocx (xFX JumpStart) PEC2 05/08/2004 13:00:00 41131 C:\WINDOWS\SYSTEM32\dfrg.msc () PEC2 22/03/2005 22:44:26 49664 C:\WINDOWS\SYSTEM32\DMBSampleControl.ocx ( ) PECompact2 22/03/2005 22:44:26 49664 C:\WINDOWS\SYSTEM32\DMBSampleControl.ocx ( ) PEC2 11/06/2002 04:35:20 12800 C:\WINDOWS\SYSTEM32\FormShaper.ocx (xFX JumpStart) PEC2 15/02/2005 00:40:20 21504 C:\WINDOWS\SYSTEM32\HREF.OCX (xFX JumpStart) PECompact2 15/02/2005 00:40:20 21504 C:\WINDOWS\SYSTEM32\HREF.OCX (xFX JumpStart) PEC2 27/06/2003 00:02:36 20480 C:\WINDOWS\SYSTEM32\ICONTAINER.OCX (xFX JumpStart) PEC2 07/05/2004 05:54:00 11776 C:\WINDOWS\SYSTEM32\LINE3D.OCX (xFX JumpStart) PEC2 18/06/1998 01:00:00 8015872 C:\WINDOWS\SYSTEM32\MFC42.PDB () PEC2 18/06/1998 01:00:00 3944448 C:\WINDOWS\SYSTEM32\MFC42D.PDB () PEC2 19/03/2003 07:20:00 10357760 C:\WINDOWS\SYSTEM32\mfc71.pdb () PEC2 19/03/2003 06:28:40 8252416 C:\WINDOWS\SYSTEM32\MFC71d.pdb () PEC2 19/03/2003 07:12:12 10333184 C:\WINDOWS\SYSTEM32\mfc71u.pdb () PEC2 19/03/2003 06:31:58 8293376 C:\WINDOWS\SYSTEM32\mfc71ud.pdb () PEC2 18/06/1998 01:00:00 2052096 C:\WINDOWS\SYSTEM32\MFCD42D.PDB () PEC2 18/06/1998 01:00:00 1454080 C:\WINDOWS\SYSTEM32\MFCN42D.PDB () PEC2 18/06/1998 01:00:00 4395008 C:\WINDOWS\SYSTEM32\MFCO42D.PDB () PECompact2 09/08/2006 21:03:04 8325544 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 09/08/2006 21:03:04 8325544 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 05/08/2004 13:00:00 733184 C:\WINDOWS\SYSTEM32\ntdll.dll (Microsoft Corporation) WSUD 05/08/2004 13:00:00 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) WSUD 02/09/2001 12:29:22 13107200 C:\WINDOWS\SYSTEM32\oembios.bin () Umonitor 05/08/2004 13:00:00 685056 C:\WINDOWS\SYSTEM32\rasdlg.dll (Microsoft Corporation) PEC2 11/02/2003 23:17:24 11776 C:\WINDOWS\SYSTEM32\SmartSubClass.dll (VBSmart) aspack 02/05/2006 23:55:10 53248 C:\WINDOWS\SYSTEM32\suppdll.dll () UPX! 29/08/2006 15:52:54 248832 C:\WINDOWS\SYSTEM32\trjscan.trb (Simply Super Software) aspack 17/06/2006 01:46:58 345088 C:\WINDOWS\SYSTEM32\trupd.trb (Simply Super Software) PEC2 14/04/2004 18:42:32 13312 C:\WINDOWS\SYSTEM32\tsys.dll (xFX JumpStart) winsync 05/08/2004 13:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu () PEC2 30/10/2002 02:02:04 17920 C:\WINDOWS\SYSTEM32\xfxbinimg.dll () PEC2 26/05/2004 00:24:12 35840 C:\WINDOWS\SYSTEM32\xFXSlider.ocx (xFX JumpStart) PECompact2 26/05/2004 00:24:12 35840 C:\WINDOWS\SYSTEM32\xFXSlider.ocx (xFX JumpStart) Checking %System%\Drivers folder and sub-folders... UPX! 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.) FSG! 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.) PEC2 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.) aspack 13/09/2006 15:16:46 777472 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys (GRISOFT, s.r.o.) Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts Checking the Windows folder and sub-folders for system and hidden files within the last 60 days... 18/09/2006 23:55:28 S 2048 C:\WINDOWS\bootstat.dat () 07/09/2006 15:10:36 RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index27.dat () 07/09/2006 15:10:36 RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index28.dat () 28/07/2006 22:21:24 H 626422 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1369c6d3d1e461b8f6eb4aab4a0a2c8a\download\BIT18.tmp () 02/08/2006 01:36:22 H 1079032 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\813393cacabba48c35f9d086fb3055ff\download\BIT1A.tmp () 28/07/2006 23:38:22 H 155879 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8a7f7c98df0a30ead57d10a0a13cfc46\download\BIT17.tmp () 28/07/2006 23:30:06 H 36246 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9d141fe443dceca575dc6e6f2f0eca89\download\BIT19.tmp () 28/07/2006 23:27:20 H 69744 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c40c0e3d7dcfb5be7fb7777a31340af0\download\BIT1C.tmp () 28/07/2006 23:54:10 H 24986 C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d8661e60d3aee3a77c6330f550a29252\download\BIT1D.tmp () 08/08/2006 07:11:34 H 560028 C:\WINDOWS\system32\mlfcache.dat () 18/09/2006 23:57:52 H 1024 C:\WINDOWS\system32\config\default.LOG () 18/09/2006 23:56:16 H 1024 C:\WINDOWS\system32\config\SAM.LOG () 18/09/2006 23:58:42 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG () 19/09/2006 00:19:04 H 1024 C:\WINDOWS\system32\config\software.LOG () 19/09/2006 00:02:56 H 1024 C:\WINDOWS\system32\config\system.LOG () 04/09/2006 12:53:30 H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG () 22/08/2006 01:14:18 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\960ebf89-073c-453b-a1fd-c2225581237b () 22/08/2006 01:14:18 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred () 18/09/2006 23:55:42 H 6 C:\WINDOWS\Tasks\SA.DAT () Checking for CPL files... 05/08/2004 13:00:00 71680 C:\WINDOWS\SYSTEM32\access.cpl (Microsoft Corporation) 27/10/2004 18:42:44 16179200 C:\WINDOWS\SYSTEM32\alsndmgr.cpl (Realtek Semiconductor Corp.) 05/08/2004 13:00:00 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl (Microsoft Corporation) 05/08/2004 13:00:00 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl (Microsoft Corporation) 05/08/2004 13:00:00 138240 C:\WINDOWS\SYSTEM32\desk.cpl (Microsoft Corporation) 05/08/2004 13:00:00 80384 C:\WINDOWS\SYSTEM32\firewall.cpl (Microsoft Corporation) 05/08/2004 13:00:00 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl (Microsoft Corporation) 25/02/2005 16:31:38 364544 C:\WINDOWS\SYSTEM32\HWSetup.cpl (TOSHIBA CO.,LTD.) 02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\igfxcpl.cpl (Intel Corporation) 05/08/2004 13:00:00 359936 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation) 05/08/2004 13:00:00 134144 C:\WINDOWS\SYSTEM32\intl.cpl (Microsoft Corporation) 05/08/2004 13:00:00 380928 C:\WINDOWS\SYSTEM32\irprops.cpl (Microsoft Corporation) 05/08/2004 13:00:00 70144 C:\WINDOWS\SYSTEM32\joy.cpl (Microsoft Corporation) 10/11/2005 13:03:50 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.) 05/08/2004 13:00:00 189952 C:\WINDOWS\SYSTEM32\main.cpl (Microsoft Corporation) 05/08/2004 13:00:00 626176 C:\WINDOWS\SYSTEM32\mmsys.cpl (Microsoft Corporation) 05/08/2004 13:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl (Microsoft Corporation) 05/08/2004 13:00:00 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl (Microsoft Corporation) 05/08/2004 13:00:00 261120 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) 27/05/1999 15:47:42 606720 C:\WINDOWS\SYSTEM32\NutCPApp.cpl (DataFocus, Inc.) 05/08/2004 13:00:00 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl (Microsoft Corporation) 05/08/2004 13:00:00 118272 C:\WINDOWS\SYSTEM32\powercfg.cpl (Microsoft Corporation) 30/09/2004 17:07:26 324608 C:\WINDOWS\SYSTEM32\QuickTime.cpl (Apple Computer, Inc.) 05/08/2004 13:00:00 305152 C:\WINDOWS\SYSTEM32\sysdm.cpl (Microsoft Corporation) 05/08/2004 13:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl (Microsoft Corporation) 05/08/2004 13:00:00 94208 C:\WINDOWS\SYSTEM32\timedate.cpl (Microsoft Corporation) 15/03/2005 18:39:32 495616 C:\WINDOWS\SYSTEM32\TOSCDSPD.cpl () 21/01/2005 11:28:28 1171456 C:\WINDOWS\SYSTEM32\TPwrSave.cpl (TOSHIBA Corporation) 05/08/2004 13:00:00 148480 C:\WINDOWS\SYSTEM32\wscui.cpl (Microsoft Corporation) 26/05/2005 05:16:32 175896 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation) 26/05/2005 05:16:32 175896 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl (Microsoft Corporation) 02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0013\DriverFiles\igfxcpl.cpl (Intel Corporation) 02/11/2004 10:01:34 94208 C:\WINDOWS\SYSTEM32\ReinstallBackups\0015\DriverFiles\igfxcpl.cpl (Intel Corporation) Checking for Downloaded Program Files... {00000055-9980-0010-8000-00AA00389B71} - - CodeBase = http://codecs.microsoft.com/codecs/i386/fhg.CAB {166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/shockwa...director/sw.cab {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - YInstStarter Class - CodeBase = C:\Program Files\Yahoo!\Common\yinsthelper.dll {33564D57-9980-0010-8000-00AA00389B71} - - CodeBase = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} - - CodeBase = http://download.macromedia.com/pub/shockwa...ash/swflash.cab {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - MSN Chat Control 4.5 - CodeBase = http://chat.msn.com/controls/msnchat45.cab Microsoft XML Parser for Java - - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»» Checking files in %ALLUSERSPROFILE%\Startup folder... 06/12/2005 22:14:28 1014 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk () 17/03/2005 09:21:28 HS 84 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini () 23/12/2005 11:20:22 483 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Image Monitor.lnk () 01/04/2006 10:58:32 836 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk () 18/09/2006 23:57:20 2335 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk () 06/12/2005 22:03:26 1757 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk () 25/11/2005 19:31:00 1740 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk () Checking files in %ALLUSERSPROFILE%\Application Data folder... 15/09/2006 00:47:46 305 C:\Documents and Settings\All Users\Application Data\addr_file.html () 17/03/2005 10:13:24 HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini () Checking files in %USERPROFILE%\Startup folder... 17/03/2005 09:21:28 HS 84 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\desktop.ini () 23/03/2006 11:08:14 813 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\DKMessenger.lnk () 24/11/2005 22:29:46 899 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk () 25/11/2005 21:52:18 950 C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK () Checking files in %USERPROFILE%\Application Data folder... 17/03/2005 10:13:24 HS 62 C:\Documents and Settings\Yazman\Application Data\desktop.ini () 01/06/2006 10:49:08 553256 C:\Documents and Settings\Yazman\Application Data\GDIPFONTCACHEV1.DAT () 25/11/2005 21:53:26 0 C:\Documents and Settings\Yazman\Application Data\wklnhst.dat () »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»» >>> Internet Explorer Settings <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home \\Search Page - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch \\Default_Page_URL - http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome \\Default_Search_URL - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch \\Local Page - %SystemRoot%\system32\blank.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.wanadoo.tn/ \\Search Bar - \\Search Page - http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch \\Local Page - C:\WINDOWS\system32\blank.htm [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] \\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm \\SearchAssistant - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] \\{08C06D61-F1F3-4799-86F8-BE1A89362C85} - Search Class = C:\PROGRA~1\Wanadoo\SEARCH~1.DLL () \\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) >>> BHO's <<< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] \{02478D38-C3F9-4EFB-9B51-7695ECA05670} - Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) \{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) \{53707962-6F74-2D53-2644-206D7942484F} - = C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) \{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) \{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) \{AE7CD045-E861-484f-8273-0445EE161910} - AcroIEToolbarHelper Class = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) >>> Internet Explorer Bars, Toolbars and Extensions <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] \{182EC0BE-5110-49C8-A062-BEB1D02A220B} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) \{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll (Yahoo! Inc.) \{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Astuce du jour = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars] \{4528BBE0-4E08-11D5-AD55-00010333D0AD} - &Yahoo! Messenger = C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll (Yahoo! Inc.) \{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - Bandeau de recherche de l'Explorateur = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \{EFA24E62-B078-11D0-89E4-00C04FC9E26E} - History Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) \{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] \\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) \\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] \ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Adresse = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \ShellBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Liens = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Adresse = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Liens = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - = () \WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - = () \WebBrowser\\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - = () \WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) \WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping] \\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8192 = Console Java (Sun) \\NEXTID - 8195 \\{4528BBE0-4E08-11D5-AD55-00010333D0AD} - 8193 = Yahoo! Messenger \\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - 8194 = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] \-{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) \{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Console Java (Sun) = C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.) \{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Console Java (Sun) = C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)(HKCU CLSID) \{4528BBE0-4E08-11D5-AD55-00010333D0AD} - ButtonText: Messenger = \{92780B25-18CC-41C8-B9BE-3C9C571A8263} - ButtonText: Recherche = >>> Approved Shell Extensions (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] \\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Extension Affichage Panorama du Panneau de configuration = deskpan.dll () \\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Extensions de l'environnement de compression de fichiers = () \\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Menu contextuel de cryptage = () \\{88895560-9AA2-1069-930E-00AA0030EBC8} - Extension icône HyperTerminal = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.) \\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Barre des tâches et menu Démarrer = () \\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = () \\{7A9D77BD-5403-11d2-8785-2E0420524153} - Comptes d'utilisateurs = () \\{9ED66769-A198-41FE-8615-601691C68846} - TouchPad Property Sheet = C:\WINDOWS\system32\TPprop.dll (COMPAL ELECTRONIC INC.) \\{DEE12703-6333-4D4E-8F34-738C4DCC2E04} - RecordNow! SendToExt = C:\Program Files\Sonic\RecordNow!\shlext.dll () \\{5CA3D70E-1895-11CF-8E15-001234567890} - DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) \\{32020A01-506E-484D-A2A8-BE3CF17601C3} - AlcoholShellEx = () \\{B41DB860-8EE4-11D2-9906-E49FADC173CA} - WinRAR shell extension = C:\Program Files\WinRAR\rarext.dll () \\{4B4604E0-8961-11D4-A0EC-009099164712} - Mon MultiPASS = C:\Program Files\Canon\MultiPASS4\DTM4.DLL (Canon Inc.) \\{B7056B8E-4F99-44f8-8CBD-282390FE5428} - VirtualCloneDrive = C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll (Elaborate Bytes AG) \\{B327765E-D724-4347-8B16-78AE18552FC3} - NeroDigitalIconHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG) \\{7F1CF152-04F8-453A-B34C-E609530A9DC8} - NeroDigitalPropSheetHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG) \\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - Adobe.Acrobat.ContextMenu = C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc.) \\{5464D816-CF16-4784-B9F3-75C0DB52B499} - Yahoo! Mail = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.) \\{52B87208-9CCF-42C9-B88E-069281105805} - Trojan Remover Shell Extension = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software) \\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} - AVG7 Shell Extension = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.) \\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} - AVG7 Find Extension = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.) \\{45AC2688-0253-4ED8-97DE-B5370FA7D48A} - Shell Extension for Malware scanning = () [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] >>> Context Menu Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers] \Adobe.Acrobat.ContextMenu - {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll (Adobe Systems Inc.) \AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.) \ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.) \Trojan Remover - {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software) \WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll () \Yahoo! Mail - {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll (Yahoo! Inc.) \{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} - = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll (Nero AG) [HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers] \ewido anti-spyware - {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll (Anti-Malware Development a.s.) \WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll () [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers] \igfxcui - {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = C:\WINDOWS\system32\igfxpph.dll (Intel Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers] \AVG7 Shell Extension - {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\PROGRA~1\Grisoft\AVGFRE~1\avgse.dll (GRISOFT, s.r.o.) \Trojan Remover - {52B87208-9CCF-42C9-B88E-069281105805} = C:\PROGRA~1\TROJAN~1\Trshlex.dll (Simply Super Software) \WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll () \{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} - = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll (Nero AG) >>> Column Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers] \{7D4D6379-F301-4311-BEBA-E26EB0561882} - NeroDigitalExt.NeroDigitalColumnHandler = C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll (Nero AG) \{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) >>> Registry Run Keys <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Apoint - C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) PadTouch - C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA) LtMoh - C:\Program Files\ltmoh\Ltmoh.exe (Agere Systems) AGRSMMSG - C:\WINDOWS\AGRSMMSG.exe (Agere Systems) CeEKEY - C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.) - Reg Data missing or invalid () TPNF - C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.) TOSHIBA Accessibility - C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA) HWSetup - C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.) SVPWUTIL - C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA) Zooming - C:\WINDOWS\SYSTEM32\ZoomingHook.exe (TOSHIBA) TCtryIOHook - C:\WINDOWS\SYSTEM32\TCtrlIOHook.exe (TOSHIBA) TPSMain - C:\WINDOWS\SYSTEM32\TPSMain.exe (TOSHIBA Corporation) SmoothView - C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation) Tvs - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation) NDSTray.exe - NDSTray.exe () dla - C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions) IgfxTray - C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) HotKeysCmds - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) TFncKy - TFncKy.exe () CFSServ.exe - CFSServ.exe () NuTCSetupEnviron - C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe () DAEMON Tools-1033 - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) WOOWATCH - C:\PROGRA~1\Wanadoo\Watch.exe (France Télécom R&D) WOOTASKBARICON - C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe () MessengerPlus3 - C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou) MPTBox - C:\Program Files\Canon\MultiPASS4\MPTBox.exe (Canon Inc.) SunJavaUpdateSched - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) VirtualCloneDrive - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) Babylon Client - C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.) NeroFilterCheck - C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG) Acrobat Assistant 7.0 - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) AVG7_CC - C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe (GRISOFT, s.r.o.) !ewido - C:\Program Files\ewido anti-spyware 4.0\ewido.exe (Anti-Malware Development a.s.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] IMAIL Installed = 1 MAPI Installed = 1 MSFS Installed = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] CTFMON.EXE - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) TOSCDSPD - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe (TOSHIBA) Eyeball Chat - C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe () MSMSGS - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MessengerPlus3 - C:\Program Files\MessengerPlus! 3\MsgPlus.exe (Patchou) BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe (Nero AG) Yahoo! Pager - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run] >>> Startup Links <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Image Monitor.lnk - C:\Program Files\Digital Image\Monitor.exe () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup] C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\desktop.ini () C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\DKMessenger.lnk - C:\Program Files\DKware\DKMessenger\DKMessenger.exe () C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation) C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage\WkCalRem.LNK - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) >>> MSConfig Disabled Items <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] [All Users Startup Folder Disabled Items] [Current User Startup Folder Disabled Items] >>> User Agent Post Platform <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] \\SV1 - >>> AppInit Dll's <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs] >>> Image File Execution Options <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] \Your Image File Name Here without a path - Debugger = ntsd -d >>> Shell Service Object Delay Load <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] \\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll (Microsoft Corporation) \\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) \\UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation) >>> Shell Execute Hooks <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] \\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation) \\{57B86673-276A-48B2-BAE7-C6DBB3020EB8} - CShellExecuteHookImpl Object = C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll (Anti-Malware Development a.s.) >>> Shared Task Scheduler <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] \\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) >>> Winlogon <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] \\UserInit = C:\WINDOWS\system32\userinit.exe, \\Shell = Explorer.exe \\System = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] \crypt32chain - crypt32.dll = (Microsoft Corporation) \cryptnet - cryptnet.dll = (Microsoft Corporation) \cscdll - cscdll.dll = (Microsoft Corporation) \igfxcui - igfxsrvc.dll = (Intel Corporation) \ScCertProp - wlnotify.dll = (Microsoft Corporation) \Schedule - wlnotify.dll = (Microsoft Corporation) \sclgntfy - sclgntfy.dll = (Microsoft Corporation) \SensLogn - WlNotify.dll = (Microsoft Corporation) \termsrv - wlnotify.dll = (Microsoft Corporation) \wlballoon - wlnotify.dll = (Microsoft Corporation) >>> DNS Name Servers <<< {01E58180-65A3-4DB5-B76D-F2711A038FFC} - () {28B1FF32-8123-4D7E-AE95-86CC5336B5A9} - (SMC ADSL2 Barricade)
-
Salut, merci pour ton aide . J'ai pas trouvé ce que tu voulais que je supprimer (donc peut être déjà supprimés): (tant mieux peut être ) Voici le rapport de HiJackThis comme tu le voulais : StartupList report, 18/09/2006, 18:07:07 StartupList version: 1.52.2 Started from : C:\Program Files\hijackthis\yazman.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe C:\WINDOWS\system32\nutsrv4.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Canon\MultiPASS4\MPTBox.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Digital Image\Monitor.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\notepad.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\hijackthis\yazman.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Yazman\Menu Démarrer\Programmes\Démarrage] DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe Digital Image Monitor.lnk = ? DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe Lancement rapide d'Adobe Acrobat.lnk = ? Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Apoint = C:\Program Files\Apoint2K\Apoint.exe PadTouch = C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe LtMoh = C:\Program Files\ltmoh\Ltmoh.exe AGRSMMSG = AGRSMMSG.exe CeEKEY = C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (Default) = TPNF = C:\Program Files\TOSHIBA\TouchPad\TPTray.exe TOSHIBA Accessibility = C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe HWSetup = C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP SVPWUTIL = C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL Zooming = ZoomingHook.exe TCtryIOHook = TCtrlIOHook.exe TPSMain = TPSMain.exe SmoothView = C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe Tvs = C:\Program Files\TOSHIBA\Tvs\TvsTray.exe NDSTray.exe = NDSTray.exe dla = C:\WINDOWS\system32\dla\tfswctrl.exe IgfxTray = C:\WINDOWS\system32\igfxtray.exe HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe TFncKy = TFncKy.exe CFSServ.exe = CFSServ.exe -NoClient NuTCSetupEnviron = C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe DAEMON Tools-1033 = "C:\Program Files\D-Tools\daemon.exe" -lang 1033 QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime WOOWATCH = C:\PROGRA~1\Wanadoo\Watch.exe WOOTASKBARICON = C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe MessengerPlus3 = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" MPTBox = C:\Program Files\Canon\MultiPASS4\MPTBox.exe SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe VirtualCloneDrive = "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s Babylon Client = C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart NeroFilterCheck = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe Acrobat Assistant 7.0 = "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP !ewido = "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe TOSCDSPD = C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe Eyeball Chat = "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background MessengerPlus3 = "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" Yahoo! Pager = "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\PROGRA~1\Picasa2\Picasa2.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4EFB-9B51-7695ECA05670} (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\WINDOWS\system32\dla\tfswshx.dll - {5CA3D70E-1895-11CF-8E15-001234567890} (no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910} -------------------------------------------------- Enumerating Task Scheduler jobs: Rappel d'enregistrement 2.job Rappel d'enregistrement 3.job -------------------------------------------------- Enumerating Download Program Files: [shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab [YInstStarter Class] InProcServer32 = C:\Program Files\Yahoo!\Common\yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll [{33564D57-9980-0010-8000-00AA00389B71}] CODEBASE = http://download.microsoft.com/download/D/0...D0C/wmv9dmo.cab [shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab [MSN Chat Control 4.5] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSNChat45.ocx CODEBASE = http://chat.msn.com/controls/msnchat45.cab -------------------------------------------------- Enumerating Winsock LSP files: Protocol #7: C:\WINDOWS\system32\nutafun4.dll Protocol #8: C:\WINDOWS\system32\nutafun4.dll -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll UPnPMonitor: C:\WINDOWS\system32\upnpui.dll -------------------------------------------------- End of report, 10 519 bytes Report generated in 1,641 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only Voici le rapport de Panda : Incident Statut Analyse Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.xiti.com/] Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.advertising.com/] Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.com.com/] Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.atdmt.com/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[as1.falkag.de/] Spyware:Cookie/Casalemedia No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt[.mediaplex.com/] Adware:Adware/nCase No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\EZ-Emoticons.exe[saap.exe] Spyware:Spyware/New.net No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[sHNT288.exe] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whAgent.inf] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whAgent.exe] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whInstaller.exe] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whSurvey.exe] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][webhdll.dll] Adware:Adware/WebHancer No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[wh.exe][whiehlpr.dll] Adware:Adware/WinAD No Désinfecté C:\Documents and Settings\Yazman\Bureau\New QoS\Install-Animated-Emoticons.exe[MGW_SH.exe] Pour l'autre (DiagHelp), j'ai pas pu de nouveau de le télécharger mais je vais réessayer. Merci.
-
Bonjour, voici le rapport d'Ewido : --------------------------------------------------------- ewido anti-spyware - Scan-Bericht --------------------------------------------------------- + Erstellt um: 23:32:16 15/09/2006 + Scan-Ergebnis: C:\Documents and Settings\Yazman\Mes documents\cherif.medjeljeli\kazaa_setup.exe -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Documents and Settings\Yazman\Mes documents\cherif.medjeljeli\kazaa_setup2.exe -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\ceva_vfs.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\html.xmd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\jpeg.xmd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\nelf.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.cvd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\unpack.ivd.cab -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Events\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_1_0_449200.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_1_0_449600.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_1_0_454300.gif -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_0\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4492 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4496 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_1\Level_0\Seqn_4543 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_2\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_3\Level_0\Seqn_1068 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1116 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1524 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1553 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Loct_4\Level_0\Seqn_1641 -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Queue -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Kazaa\Promotions\Cydoor\Adwr_329\Services\Status -> Adware.Cydoor : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\AppInfo -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\CMEII -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106 -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106\Trickler -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\TRICKLER_6106\Trickler\trickle.gator.com:80/download/trickler6.cfg -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread\cmeii -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Gator.com\trickles\Trickle Thread\cmeii\gatorcme.gator.com:80/gatorcme/appsenc/gotsmiley_appver2105_libver2101.zip -> Adware.Gator : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\instafink.INSTAFINK -> Adware.InstaFinder : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\instafink.INSTAFINK\Clsid -> Adware.InstaFinder : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). [1148] C:\WINDOWS\NDNUNI~1.EXE -> Adware.NewDotNet : Fehler während der Säuberung. [1232] C:\WINDOWS\NDNUNI~1.EXE -> Adware.NewDotNet : Fehler während der Säuberung. HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Adware.P2PNetworking : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\system32\WebP2PInstaller.dl$ -> Adware.PeerNet : Mit Backup gesäubert (unter Quarantäne gestellt). HKU\S-1-5-21-2302908614-540667360-2728830427-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\whInstall -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\whInstall\whAgent.inf -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Program Files\whInstall\whInstaller.ini -> Adware.Webhancer : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\webHancer -> Adware.WebHancer : Mit Backup gesäubert (unter Quarantäne gestellt). HKLM\SOFTWARE\webHancer\CC -> Adware.WebHancer : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.863:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.89:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.934:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.2o7 : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.188:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adbrite : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.189:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adbrite : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.771:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adjuggler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.772:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adjuggler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.161:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adtech : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.162:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Adtech : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.103:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Atdmt : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.100:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Bluestreak : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.19:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Doubleclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.196:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Estat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.428:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Etracker : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.76:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.77:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.78:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.79:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.80:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.81:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Falkag : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.185:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Fastclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.186:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Fastclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.881:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Hitbox : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.18:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Ivwbox : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.761:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Liveperson : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.112:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Mediaplex : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.962:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Need2find : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.662:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.665:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.666:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.667:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.668:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.669:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Onestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.145:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.146:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.147:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Overture : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.115:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Popularix : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.816:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Qksrv : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.817:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Qksrv : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.822:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Questionmarket : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.823:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Questionmarket : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.767:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Revenue : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.116:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.117:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.118:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.119:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.120:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Serving-sys : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.633:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.639:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.763:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Sitestat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.164:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.165:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.166:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.167:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.168:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Smartadserver : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.648:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Spylog : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.211:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Starware : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.634:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.635:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.636:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.637:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.638:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.640:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.641:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.644:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.645:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.646:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.652:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.656:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.657:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.658:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.679:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.680:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.681:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.682:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.683:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.696:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Statcounter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.642:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tacoda : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.643:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tacoda : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.711:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Targetnet : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.39:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.40:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.41:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.42:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.43:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tradedoubler : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.580:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.581:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.582:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.583:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.584:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafficcenter : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.569:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Trafic : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.599:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Tribalfusion : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.557:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.592:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.718:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.753:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Valueclick : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.558:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.559:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.577:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.578:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.579:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Web-stat : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.124:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.125:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.126:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.127:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.128:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Weborama : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.632:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Webtrendslive : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.226:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Yadro : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.230:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Yadro : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.239:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.240:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.246:C:\Documents and Settings\Yazman\Application Data\Mozilla\Firefox\Profiles\wqwibska.default\cookies.txt -> TrackingCookie.Zedo : Mit Backup gesäubert (unter Quarantäne gestellt). ::Berichtende Voici le rapport de HiJackThis (je l'ai renommé en yazman): Logfile of HijackThis v1.99.1 Scan saved at 23:45:25, on 15/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe C:\WINDOWS\system32\nutsrv4.exe C:\WINDOWS\system32\tcpsvcs.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Canon\MultiPASS4\MPTBox.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Digital Image\Monitor.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\hijackthis\yazman.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Image Monitor.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7B856455-4B25-4709-8077-7870CEF040CB}: NameServer = 193.95.122.40 193.95.93.77 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing) Concernant le rapport de DiagHelp, le site ne voulait pas s'ouvrir pas chez moi. Si c'est nécessaire je t'envoyerai par un mp mon mail et tu pourras si tu as le temps et l'envis de m'envoyer le zip . Merci en tout cas pour l'aide.
-
Merci, très sympa.
-
Salut, j'ai effectué les 4 phases que vous avez conseillé et voilà le rapport que j'ai obtenu de la part de Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 14:36:39, on 15/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE C:\WINDOWS\system32\nutsrv4.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe C:\WINDOWS\system32\ZoomingHook.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\webHancer\Programs\whAgent.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\TBONBin\tbon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.tn/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [instaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [semanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - Startup: DKMessenger.lnk = C:\Program Files\DKware\DKMessenger\DKMessenger.exe O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Image Monitor.lnk = ? O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by WebHancer O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe J'espère que vous pouvez m'aider . Merci.
-
Merci, je vais faire les 4 phases
-
Salut, Depuis ce matin, j'ai des problèmes avec la vitesse de ma connexion. En effet, normalement la vitesse est de 262 Kb/s or cette vitesse n'est jamais atteinte (max jusqu'à 104 Kb/o). Malgré qu'elle fonctionnait tout le temps normal. Notons que depuis hier, j'ai eu la visite de trojans download.zobler et un autre generic2.(qlq chose). AVG me l'a signalé et il les a effacé mais à chaque fois que je me connactais, ils réapparaissent. Ce problème a été résolu (je le crois), j'ai désinstallé beaucoup de programmes (peers to peers) et j'ai installé Trojan Remover. En tout cas, je crains que ces 2 actions ont une relation. J'espère que vous avez compris mon problème : débit très bas et que vous pouvez m'aider. Merci.