Analyse d'un scan hijackthis

luna -
luna - 3 sept. 2008 à 20:06

Bonjour,
j'ai désinfecté un fichier du virus win32 adan 156 adw que j'avais mis en quarantaine avec avast, il y a longtemps.
Puis j'ai téléchargé c cleaner et spybot suivant les conseils de différents forum.
J'ai fait une analyse avec spybot qui a détecté des éléments browser (que j'ai gardé car je crois qu'ils ne représentent aucun danger), et des adwares/trojans : zango, zlob goldcodec et win32 agent xv dont j'ai réglé les problèmes.

J'ai fait une analyse avec hijackthis.
J'ai recherché des informations et j'ai trouvé un tutorial pour comprendre hijackthis mais je ne suis pas sûre des lignes à corriger...il me semble que quelques lignes sont suspectes... Mais étant novice, je préfére demander l'avis de quelqu'un avant de les effacer.

Si quelqu'un peut m'aider et me dire si mon ordi est maintenant propre...
Ai-je suivi la bonne démarche? (car je vais tenter d'enlever des virus de l'ordi de ma soeur)
Je voulais aussi en profiter pour savoir si avast et spybot sont suffisant pour une bonne protection de mon ordi.

Merci beaucoup

(je suis sur windows XP SP2 et j'utilise internet explorer 7)

Voici mon scan :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:07, on 28/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\microsoft office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\BOUBOU\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.apple.com/kb/DL837?locale=en_US
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [HdReg] C:\APPS\HDREG\HDREGAPP.EXE -r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [.nvsvc] C:\cmdcons\system32\smss.exe /w
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Eurobarre.lnk = C:\Program Files\eurobarre\eb.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O20 - AppInit_DLLs: Alion.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Afficher la suite

A voir également:

Analyse d'un scan hijackthis
Hijackthis - Télécharger - Antivirus & Antimalwares
Scan qr code pc - Guide
Sfc scan - Guide
Analyse composant pc - Guide
Analyse disque dur - Télécharger - Informations & Diagnostic

17 réponses

Réponse 1 / 17

riki

ET VOILA L'ILLUSTRATION DE L'AMATEURISME de certain "helpers"

Allez on reprend à zéro

vire avast et spybot. Avest est nul, c'est comme si tu pensais te défendre d'un cambriolage avec "interdit aux voyous " sur ta porte... Mouarf... Sans compter les faux-postifs (false positives pour les (rares) initiés. Nettoie ton fichier temporaire avec outils/options internet/"historique de navigation/"supprimer"/"tout supprimer" (sous vista)

vire ensuite dans un premier temps nort*n avec leur propre outil de désinstallation qu'on trouve sur le ur site- les gens galéraient tellement pour désinsytaller leur nort*nqu'ils ont dû programmer un soft rien que pour virer ce machin qui ne sert pas à grand-chose et fait bien rigoler les hackers qui ne craignent que kaspersky. Tu pourras le réinstaller après si tu en as envie et que tu as plein de mémoire.

rescanne tout ton disque dur après avoir installé kaspersky et au redémarrage choisis "mode sans échec "(tapoter F8 dans les premières secondes du démarrage). Fais un scan complet avec Kaspersky Security Suite 2009 (version d'éval valable 30 jours sur leur site. Au pire il y a toujours leur scan en ligne mais bon c'est pas top pour différentes raisons.

Laisse tomber hijack et les trucsmachinfix ça emm... les gens, ça fait perdre du temps, c'est du bricolage et tu peuxs lanter ta machine si tu paumes untruc en tapes une instruction enligne de commande. Les gens qui conseillent les procédures hijackfix n'ont en général que ça à foutre deleurs journées et passent leur temps à copier coller, tu croyais vraiment qu'ils lisaient ligne parès ligne ton rapport hijack avec un crayon à lamain? Ils s'en balancent! Et moi aussi! Ils se disent juste, allez encore un-e, et hop je copie colle mon "remède" et hje redemande un rapport. Bravo l'expert! MDR

Si ta sécurité t'importe achète-toi les 4 ou 5 produits leaders du marché et adios les weekends hijack.

Antivirus: Kaspersky
Antipsywares: déjà indiqués
Firewall: outpost ou pourquoi pas zone alarm mais Kaspersky version 2009 est une suite qui intègre un pare-feu, à toi de voir
Enfin, un cerveau et un miinimum d'études sur la virologie informatique et le counter hacking, surtout beaucoup de bon sens et des mises à jour régulières.

Quant à malwarebytes, c marrant une conne d'ici me disait il ya quelques mois que c'était la "poudre de perlimpinpin" - c'est vrai que je critiquais beaucoup ces méthodes de bricolage dangereuses dont ils copient-collent les procédures à tout bout de champ sans même lire ton rapport (faut quand même être naïf pour croire qu'on va se pencher pour des prunes sur ton rapport de 10 pages!. ET c'est vrai que que ce je proposais, c'était radical comparé à ses dizaines de pages de fixs et de rapport qui faisaient mousser cette personne.

Maintenant je vois avec délice les mêmes qui se foutaient de mes conseils conseiller malware machin à tout le monde. Puisqu'apparemment ce sont des moutons, je leur suggère ma nouvelle trouvaille: SUPERANTISPYWARE. Avec malware, ça surclasse tous les trucs gratos à la con sans compter les ex-leaders genre lavas*ft ad-aware. RV dans quelques semaines pour voir conseiller ce soft par nos "experts" en malware/virologie!!

A bon entendeur
[PS/ pour redémarrer en mode sans échec, éteint ta mchine, a u besoin débranche-la carrément 10 secondes, puis rebranche, puis au démarrage TAPOTE F8 ou la touche ESC(ape)/Echap voire F2, en principe pour toutes les bécanes c'est F8, donc tapote ce qui signifie appuie légèrement dessus plusieurs fois de suite jusqu'à obtenir l'écran de choix]]

Réponse 2 / 17

riki

[<UPDATE] je me corrige:

"Laisse tomber hijack et les trucsmachinfix ça emm... les gens, ça fait perdre du temps, c'est du bricolage et tu peuxs lanter ta machine si tu paumes untruc en tapes une instruction enligne de commande."

Il faut lire
"Laisse tomber hijack et les trucsmachinfix ça emm... les gens, ça fait perdre du temps, c'est du bricolage et tu peux lpanter ta machine ( d'ailleurs regarde tu n'arrives même plus au mode sans échec!) et si tu paumes une seule lettre ou un espace en tapant une instruction en ligne de commande tu joutes encore de la merde en sauce à ton problème]. Les hijack/fix c'est en dernier ressort, parès avoir utilisé les meilleurs outils du marché, quand on s'y connaït VRAIMENT en info et qu'on a que ça à foutre, ou alors par plaisir de s'instruire. En bref, c'est à conseiller à des gens qui n'ont pas besoin qu'on leur dise qu'il faut essayer ça et qui en génral ont un "ghost" de leur dd sous la main ce qui règle leur problème logiciel quel qu'il soit en moins de deux heures, zero filling drive compris.

Réponse 3 / 17

Profil bloqué

slt alors fixe checekd sa :

-O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)

-O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)

-O4 - HKLM\..\Run: [.nvsvc] C:\cmdcons\system32\smss.exe /w

-O20 - AppInit_DLLs: Alion.dll

ensuite hijack supprime juste le dessus pas la racine don cpour cela tu doit faire

Télécharge et installe Malwarebyte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
- Lance Malwarebyte's Anti-Malware, laisse les Mises à jour se télécharger et referme le programme

Redémarre en "Mode sans échec" : redémarre ton ordinateur et tapote sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows, et sélectionne "Mode sans échec".
Choisis ta session habituelle

Lance Malwarebyte's Anti-Malware
- Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
- Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
- A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
- Suppression des éléments détectés --> clique sur Supprimer la sélection
- S'il t'es demandé de redémarrer, clique sur Yes

Poste le rapport de scan après la suppression ici

Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

--------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
!! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre ...

Tuto ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
---------------------------------------------------------------------------------------------------------------------------------

Ensuite :
double-clique sur C-Fix.exe ( = combofix.exe ) .

Appuie sur la touche Y (Yes) pour démarrer le scan .

Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi.
---> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

ensuite avant jutilisé avast maintenant kaspersky internet security 8 vraiment remarquable mé si tu veu resté dan du gratuit prend antivir + le firewall de zone alarm(le gratuit)

++

Réponse 4 / 17

luna

J'ai enlevé les éléments indiqués avec hijackthis et téléchargé Malwarebyte's Anti-Malware. Mais je n'arrive pas a redémarrer en mode sans échec. J'appuis sur F8 mais je n'ai pas de mode sans échec a sélectionner...ca vient peut etre du fait que j'arrive directement sur ma session...

Par contre pour les antivirus et autres a déconnecter je les enlève pour la deuxième partie seulement ?
Je les déconnecte en mettant arreter la protection résidente?
Par contre pour le pare feu je sais pas comment faire? je ne sais meme pas si j'en ai un... :S

en tout cas merci de ton aide :)

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 17

Profil bloqué

Moi j'ai Kaspersky internet security 8 ( ou dit KIS 8) j'en suis très fiere, je n'est pas d'antispyware, pas d'antimalware, pas de pare feu (tous sa pour moi c'est kaspersky) parceque si on mais plein de ce genre de chose sur l'ordinateur apres tu va sentir l'ordinateur ralentir, il pourrait meme planté pour cause de "conflit" avec ton antivirus

PS : c'est mon avis!

bonne continuation a tous!!

Réponse 6 / 17

luna

ca y est j'ai effectué le scan avec malwerbyte
Je vais lancer combo. Je posterai le scan tout a l'heure ou demain.
Merci

voici le scan déjà effectué :

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1093
Windows 5.1.2600 Service Pack 2

14:45:32 29/08/2008
mbam-log-08-29-2008 (14-45-32).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 130943
Temps écoulé: 3 hour(s), 53 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 43

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2 (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\pbfrv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
C:\Program Files\dynamic toolbar\PBFRV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.

luna

ca y est j'ai fait combofix
j'espère que maintenant tout est ok...
Parcontre je n'ai plus le logo avast dans ma barre d'outil en bas a coté de l'heure...je ne sais pas comment faire pour qu'elle revienne. en tout cas normalement avast fonctionne et le pare feu de windows aussi.

Merci beaucoup
et j'attends avec impatience qu'on me dise que tout va bien. J'aurai un grand sourire sur le visage... :)

voici le scan de combofix :

ComboFix 08-08-28.06 - BOUBOU 2008-08-29 15:31:19.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.599 [GMT 2:00]
Endroit: C:\Documents and Settings\BOUBOU\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINDOWS_LOG

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-28 to 2008-08-29 ))))))))))))))))))))))))))))))))))))
.

2008-08-28 23:51 . 2008-08-28 23:51 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-08-28 23:12 . 2008-08-28 23:12 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-28 23:12 . 2008-08-28 23:12 <REP> d-------- C:\Documents and Settings\BOUBOU\Application Data\Malwarebytes
2008-08-28 23:12 . 2008-08-28 23:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-28 23:12 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-28 23:12 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-28 20:55 . 2008-08-28 20:58 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-28 20:55 . 2008-08-28 23:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-27 12:45 . 2008-08-27 12:45 <REP> d-------- C:\Program Files\CCleaner
2008-08-22 12:48 . 2008-08-22 13:01 <REP> d-------- C:\Program Files\uTorrent
2008-08-22 12:47 . 2008-08-26 20:26 <REP> d-------- C:\Documents and Settings\BOUBOU\Application Data\uTorrent
2008-08-22 11:46 . 2008-05-01 16:31 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-28 10:58 --------- d-----w C:\Program Files\Winamp
2008-08-28 10:57 --------- d-----w C:\Documents and Settings\BOUBOU\Application Data\Winamp
2008-08-27 11:13 --------- d-----w C:\Program Files\Norton Utilities
2008-08-27 11:09 --------- d-----w C:\Program Files\DivX
2008-08-23 13:55 79,952 ----a-w C:\Documents and Settings\BOUBOU\Application Data\GDIPFONTCACHEV1.DAT
2008-07-27 09:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-27 09:46 --------- d-----w C:\Documents and Settings\BOUBOU\Application Data\DataCast
2008-07-27 09:41 --------- d-----w C:\Program Files\Lame MP3 Codec
2008-07-27 09:40 65,024 ----a-w C:\WINDOWS\IFinst26.exe
2008-07-27 09:40 --------- d-----w C:\Program Files\XviD
2008-07-27 09:38 --------- d-----w C:\Program Files\Samsung
2008-07-27 09:38 --------- d-----w C:\Program Files\MarkAny
2008-07-25 21:16 --------- d-----w C:\Program Files\eMule
2008-07-09 09:38 --------- d-----w C:\Program Files\Sun
2008-07-09 09:38 --------- d-----w C:\Program Files\Java
2007-11-22 14:24 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2007-11-22 14:24 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
2006-09-10 15:00 41,248 --sha-w C:\WINDOWS\fidbox.dat
2005-05-07 10:18 56 --sh--r C:\WINDOWS\system32\[u]0/uDC78CC7DF.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-25 19:11 94208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-13 13:40 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 14:00 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-12 16:50 4112384]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-07-12 16:50 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2006-04-12 11:30 53408]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 11:10 110740]
"HdReg"="C:\APPS\HDREG\HDREGAPP.EXE" [2004-08-09 18:45 24576]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-04-08 01:17 180269]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-02-23 15:45 278528]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-04-22 22:13 155648]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2005-09-25 19:11 155648]
"WMAAD"="C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe" [2007-02-16 18:41 110592]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-08-04 01:02 36352]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 08:23 132624]
"nwiz"="nwiz.exe" [2004-07-12 16:50 843776 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 16:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\system32\ir32_32.dll
"VIDC.dvsd"= C:\Program Files\Fichiers communs\Sony Shared\VideoLib\sonydv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\Inventime\\my.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\svchost.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
S3 IcVzMonLauncher;IcVzMonLauncher;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [2007-01-26 11:38]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

2008-08-28 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2005-09-09 14:21]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - (no file)
WebBrowser-{5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file)
HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\BOUBOU\Application Data\Mozilla\Firefox\Profiles\aty13qi7.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://home.neuf.fr/
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-29 15:35:21
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MysqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-nt MysqlInventime"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\APPS\HIDSERVICE\HidService.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Speed Disk\NOPDB.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\symwsc.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-29 15:40:02 - machine was rebooted [BOUBOU]
ComboFix-quarantined-files.txt 2008-08-29 13:39:57

Pre-Run: 78,520,336,384 octets libres
Post-Run: 78,499,213,312 octets libres

173 --- E O F --- 2008-08-23 13:40:46

Réponse 7 / 17

Profil bloqué

c tous bon alors pour ton icone fait clic droit sur la barre de tache puis propriété onglet barre des taches personalisé retrouve licon epuis cilc sur la fenetre pour faire defilé puis toujours afficher

luna

Merci

je suis contente d'en avoir fini avec mon ordi (pour le moment et pour longtemps j'espère)

Maintenant j'attaque celui de ma soeur.

J'ai déjà enlevé des virus avec avast et j'ai utilisé ccleaner. J'ai fait un scan avec spybot qui a détecté pas mal de malware, adware, trojan, hijacker et un dialer. Je les ai supprimé.

Est-ce que tu pourrais lire le scan que j'ai fait avec hijackthis pour me dire si il y a des lignes à supprimer et lesquelles, stp?

Après je suivrais la même méthode que tu m'as conseillé et qui a très bien fonctionné.

Merci

Voici le scan :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:12:39, on 29/08/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\MSTask.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eurobarre\eb.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HAMIDAOUI\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/de-de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\quicktime6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\eurobarre\eb.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Registration\SonnReg.exe
O4 - Global Startup: 3Deep.lnk = C:\Program Files\E-Color\3Deep\3Deepctl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT!http://d.dialer2004.com//paxan/main.chm::/load.exe
O16 - DPF: {11010101-1001-1111-1000-110164567732} - ms-its:mhtml:file://C:MAIN.MHT!http://www.008i.com//x//f//10213//inst.chm::/f10213.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u7-windows-i586-jc.cab&AuthParam=1580978829_3fac487ff39b191ded7866fc4973d48d&ext=.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nvohlp - NVIDIA Corporation - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Réponse 8 / 17

Profil bloqué

re fix checed les lignes :

-O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)

-O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

-O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT!http://d.dialer2004.com//paxan/main.chm::/load.e xe

- O16 - DPF: {11010101-1001-1111-1000-110164567732} - ms-its:mhtml:file://C:MAIN.MHT!http://www.008i.com//x//f//10213//inst.chm::/f102 13.exe

et tu a tou compris reprend mes etapes fait par amour ^^ merci de me suivre, merci detre poli é voili voulou ++

luna

Bonsoir,

J'ai fait le scan avec malwerbyte's. Parcontre pour combo fix je crois que je pourrais pas le faire je n'arrive pas a installer les disquettes de récupération comme inscrit dans le tuto. Ma soeur a windows 2000 pro et je ne trouve pas le cd ... Je crois que c'est mon frère qui l'a... enfin bref c'est un petit peu compliqué pour le récupérer.

Est-ce que cette étape est vraiment importante si le scan de malwerbyte's est nikel ? et sinon puis-je faire le scan sans disquette? (j'ai peur de pas pouvoir restaurer au cas où il y a un problème)
Et est-ce que le scan de malwerbyte's est bon ?
(J'espère pouvoir cocher résolu..;))

Pour ce qui est de la politesse c'est le minimum que je puisse faire. Tu me rends un grand service en m'aidant et en me donnant des conseils "fait par amour" ^_^

Merci pour ton aide et tes conseils

voici le scan malwerbyte's :

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1101
Windows 5.0.2195 Service Pack 4

20:47:41 31/08/2008
mbam-log-08-31-2008 (20-47-41).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 76663
Temps écoulé: 2 hour(s), 25 minute(s), 5 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 18

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.5.0 (Adware.Hotbar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Hotbar\bin\4.2.13.0\dBenderC.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\dbenderc.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\Hbinst.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\Install.scr (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\Hbinst.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbCoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbToolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbHostIE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbSrv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbHostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.2.13.0\HbHostOE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\Install.scr (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\Hbinst.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\HbCoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\HbHostIE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\HbHostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\Hbsrv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\4.3.1.0\HbHostOE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.

Réponse 9 / 17

Profil bloqué

poru combofix, tu te met en sans echec puis tou roule perso jlé fé plien de foi tj un PC nikel

luna

Ca y est j'ai fait le scan avec combo fix. Un petit stress quand le bureau a eu du mal a s'afficher... Mais finalement tout s'est allumé normalement.
J'espère que tout est ok maintenant.

Voici le scan de combofix :

ComboFix 08-08-30.03 - HAMIDAOUI 01/09/2008 11:50:18.1 - [color=red][b]FAT32[/b][/color]x86 MINIMAL
Microsoft Windows 2000 Professionnel 5.0.2195.4.1252.1.1036.18.176 [GMT 2:00]
Endroit: C:\Documents and Settings\HAMIDAOUI\Bureau\C-Fix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\IESkins\[u]0[/u]608LNora.bmp
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\IESkins\10160424nature5.bmp
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\IESkins\121002hotbar05.bmp
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\reports.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]11203flk_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]30203free_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]30203us_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102angry_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bad_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102band_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bebe_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102beer_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigangry_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigblink_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigkiss_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102biglove_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigluf_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigsad_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigscream_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigsmile_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102bigtong_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102biguhm_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102birthday_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102blink_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102cheers_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102clown_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102cry_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102fight_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102flo_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102good_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102jump_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102kiss_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102kite_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102lough_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102love_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102lovu_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102luf_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102mad_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102shamed_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102smile_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102sor_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102stupid_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102thanx_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102tongue_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]33102uu_1_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]40103ahh_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]40103bg_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]40103wow_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]50103crazicon4_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]62802pirat_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402call_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402cool_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402gudl_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402help_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402miss_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]80402uthere_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502btw_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502bye_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502hi_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502no_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502now_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\[u]0[/u]82502yes_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\110103_krasneet_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\110103_obliz_prv.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\blocked2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_add-but.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\business_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\css_cattree.css
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\css_flashpreview.css
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\css2_main.css
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\css2_pagingmodule.css
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\css2_topbuttons.css
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-people.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-tell.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-text.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-voice.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-def.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-premium-email-premium.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\email-t1-bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\flashpreview.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\fs3.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\hotbar_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_checked_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_preview.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_send.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_flash_preview.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_recently_used.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_sand-clock2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tree_null.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout4.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\img_corner_left.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\img_local_logo.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_basetemplate.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbgroups.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobject3.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobjectset3.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hotbarwrapper.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_texts3.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\js2_xmltree3nf.js
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\layout.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\linkpathlegal.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\n.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\nav_b_2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\nav_bb_2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\nav_f_2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\nav_ff_2.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\progress.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\submit.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bg.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bga.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bgia.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_l.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_la.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_lia.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_r.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ra.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ria.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tree_dots.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tree_minus.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\tree_plus.gif
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_animations.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_backgrounds.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_ecards.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_emoticons.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_notifiers.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_text.xml
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\business_promo.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\buttondir.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\code.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-def.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\images.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\layout.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\localcontent.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\progress.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\treexml.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1010302.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055531.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055547.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055563.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1057312.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1060233.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1063982.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1065003.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1065628.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1067625.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1070123.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1070500.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1096066.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\125287.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383456.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383529.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383597.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383609.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1385470.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1385600.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1386302.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387224.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387584.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387587.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387883.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388333.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388868.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1391926.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392283.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392454.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392509.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392593.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392669.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392936.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1396320.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1396731.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1396993.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1397460.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1397999.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1398044.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1398700.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1401967.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1403747.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1406999.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407226.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407231.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407240.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407423.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407571.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407662.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1407811.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1408081.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1408776.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1409115.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1418750.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\1420235.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\193230.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\237280.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\255915.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\267916.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\290204.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\442116.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\48657.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\496507.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\505411.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\513593.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\566217.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\609636.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\642059.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\737654.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\819382.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\877979.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\882036.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\931372.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\965476.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL.dat
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL1.dat
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\10582
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\11297
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\11431
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\11891
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\11940
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\12776
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\12994
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\13562
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1372
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1382
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1411
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1419
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1424
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\15541
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\15737
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\1590
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\16087
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\17025
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\18721
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\18909
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\20128
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\2021
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\20299
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\20549
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\20570
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\20970
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\21060
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\23147
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\23889
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\24996
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\25043
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\26082
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\26134
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\26340
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\26664
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\27503
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\27505
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\28147
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\29115
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\29135
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\29536
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\29642
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\30036
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\30458
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\32075
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\32137
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\32418
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\33137
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\3338
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\33697
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\33912
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\33915
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\33916
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34123
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34134
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34186
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34237
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34912
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\34952
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\35047
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\37122
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\39245
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\41215
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\42093
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\42208
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\42916
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\43907
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44271
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44293
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44300
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\4442
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44458
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44595
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\44878
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\45833
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\51166
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\51233
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\51287
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\51641
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\52335
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\53501
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\53923
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\54280
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\54473
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\54888
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\56815
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\59234
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\59297
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\59844
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\61207
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\61779
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\61837
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\63172
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\64515
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\64703
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\64961
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\65429
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\65933
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\66274
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\66345
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\67226
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\6745
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\67567
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\67733
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\68094
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\68257
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\68370
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\6873
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\69019
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\69045
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\69235
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\69626
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\70650
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\72882
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\72898
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\7521
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\7553
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\78942
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\79265
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\79805
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\79977
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\79989
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\80026
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\80193
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\80670
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\81721
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\82139
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\82145
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\82287
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\82292
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\82633
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\83706
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\8443
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\85062
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\85079
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\85365
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\86379
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\86423
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\87499
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\87510
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\87555
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\90358
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\91840
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\93899
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\93934
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\94778
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95666
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95678
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95704
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95740
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95774
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95803
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95825
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\95828
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\9672
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\97507
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\98325
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\9836
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\99008
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\Tooltip\99658
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat\30f3.dat
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles_Bubbles.bbl
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2_Bubbles2.bbl
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_2000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_3000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bar.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar1.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar10.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar11.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar12.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar13.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar14.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar2.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar3.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar4.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar5.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar6.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar7.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar8.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_bbar9.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_logos.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_other.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_x.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_weather.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hotbarcom.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Mails.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar-premium.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbarcom.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\icons2.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\linkpathlegal.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\progress.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\samplegroups2.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\t2_bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\1\tsd_bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar10.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar11.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar12.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar13.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar14.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar2.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar3.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar4.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar5.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar6.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar7.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar8.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar9.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_x.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_weather.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Mails.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtone.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\email-def-511724-9595.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium-hotbar-premium.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2reg.txt
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar11.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar12.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar13.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar14.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar3.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar4.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar6.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar7.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar8.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_x.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\HAMIDAOUI\Application Da

luna > luna

Il manque une partie du scan. Voici la fin :

C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
C:\Documents and Settings\HAMIDAOUI\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip
C:\WINDOWS\start.exe
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\scmt16.exe
C:\WINDOWS\Web\default.htt

.
((((((((((((((((((((((((((((( Fichiers créés 2008-08-01 to 2008-09-01 ))))))))))))))))))))))))))))))))))))
.

2008-09-01 11:50 . 08-09-01 11:50 16,384 --a----t- C:\WINDOWS\SYSTEM32\Perflib_Perfdata_178.dat
2008-08-31 23:05 . 08-09-01 11:43 642,040 ---h----- C:\WINDOWS\ShellIconCache
2008-08-31 22:17 . 08-08-31 22:17 <DIR> d-------- C:\Documents and Settings\HAMIDAOUI\Application Data\Snapfish
2008-08-31 22:13 . 08-08-31 22:13 16,384 --a------ C:\WINDOWS\SYSTEM32\Perflib_Perfdata_23c.dat
2008-08-31 18:14 . 08-08-31 18:14 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 18:14 . 08-08-31 18:14 <DIR> d-------- C:\Documents and Settings\HAMIDAOUI\Application Data\Malwarebytes
2008-08-31 18:14 . 08-08-31 18:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-31 18:14 . 08-08-17 15:01 38,472 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-08-31 18:14 . 08-08-17 15:01 17,144 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-08-30 10:57 . 07-07-30 19:19 271,224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2008-08-30 10:57 . 07-07-30 19:18 30,072 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll.mui
2008-08-29 20:44 . 08-08-29 20:44 93 --a------ C:\WINDOWS\wininit.ini
2008-08-29 19:42 . 08-08-29 19:42 <DIR> d-------- C:\Program Files\Sun
2008-08-29 19:42 . 08-06-10 02:32 73,728 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2008-08-29 19:31 . 08-08-29 19:31 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-29 19:31 . 08-08-29 19:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-29 18:41 . 08-08-29 18:41 <DIR> d-------- C:\Program Files\CCleaner
2008-08-29 16:53 . 08-08-29 16:53 16,384 --a------ C:\WINDOWS\SYSTEM32\Perflib_Perfdata_254.dat
2008-08-28 12:53 . 07-07-30 19:19 38,232 --a------ C:\WINDOWS\SYSTEM32\wucltui.dll.mui
2008-08-28 12:53 . 07-07-30 19:20 30,040 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl.mui
2008-08-28 12:53 . 07-07-30 19:19 30,040 --a------ C:\WINDOWS\SYSTEM32\wuapi.dll.mui
2008-08-28 12:53 . 07-07-30 19:18 21,336 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll.mui
2008-08-26 16:35 . 08-08-26 16:35 16,384 --a------ C:\WINDOWS\SYSTEM32\Perflib_Perfdata_250.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-11-22 09:56 48,976 ----a-w C:\Documents and Settings\HAMIDAOUI\Application Data\GDIPFONTCACHEV1.DAT
2006-07-03 16:33 0 ----a-w C:\Program Files\dmtdgng.exe
2006-07-03 16:31 0 ----a-w C:\Program Files\secure32.html
2002-08-21 14:30 305 ---h--w C:\Program Files\desktop.ini
2002-08-21 14:28 22,115 ---h--w C:\Program Files\folder.htt
1999-12-15 22:00 32,528 ----a-w C:\WINDOWS\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]
@="{7D688A77-C613-11D0-999B-00C04FD655E1}"
[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]
04-05-20 01:10 2389264 --a------ C:\WINDOWS\system32\SHELL32.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [05-09-25 19:11 94208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07-05-31 18:42 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [05-09-25 19:11 155648]
"QuickTime Task"="C:\quicktime6\qttask.exe" [04-04-10 17:50 98304]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [04-01-14 03:10 409600]
"vmtalk"="C:\Program Files\Fichiers communs\Talkway\vmtalk.exe" [03-07-24 17:21 61440]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [05-09-25 19:11 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [08-03-29 19:37 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [08-06-10 04:27 144784]
"SoundMan"="SOUNDMAN.EXE" [02-03-21 12:23 46592 C:\WINDOWS\SOUNDMAN.EXE]
"LoadQM"="loadqm.exe" [00-05-03 17:23 7536 C:\WINDOWS\loadqm.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [99-12-16 00:00 20752 C:\WINDOWS\SYSTEM32\internat.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [03-06-19 12:05 189712]

C:\Documents and Settings\HAMIDAOUI\Menu D‚marrer\Programmes\D‚marrage\
Eurobarre.lnk - C:\Program Files\eurobarre\eb.exe [2006-09-24 19:47:37 380928]
Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe [2007-12-26 14:17:06 5484544]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
E-Color.lnk - C:\Program Files\E-Color\Registration\SonnReg.exe [2002-07-27 16:02:23 118784]
3Deep.lnk - C:\Program Files\E-Color\3Deep\3Deepctl.exe [2002-07-27 16:02:22 49152]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
Docteur Club Internet.lnk - C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe [2007-09-05 12:54:17 217088]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VDOM"= vdowave.drv
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"aux"= mmdrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

R3 usbhub20;Prise en charge du concentrateur racine USB 2.0;C:\WINDOWS\system32\DRIVERS\usbhub20.sys [03-06-19 12:05 ]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [08-03-29 19:31 ]
S2 aswMon;avast! Standard Shield Support;C:\WINDOWS\system32\drivers\aswMon.sys [08-01-17 17:34 ]
S3 CA500AI;GSmart Mini Still Image Capture Version 1.00;C:\WINDOWS\system32\Drivers\2NFMin.sys [00-09-19 11:27 ]
S3 CA500AV;GSmart Mini WDM Video Capture;C:\WINDOWS\system32\DRIVERS\MinAV.SYS [02-04-22 15:06 ]

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{015C6F4B-F334-4F15-887B-CA8B9842D07F} - (no file)
WebBrowser-{944565D1-BFC2-4952-8B2B-E03AFF373795} - (no file)
WebBrowser-{4483AF21-9F7D-4185-8D55-1166E2C04331} - (no file)

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.club-internet.fr
R0 -: HKLM-Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R0 -: HKLM-Main,Start Page = hxxp://www.msn.de/
R0 -: HKLM-Main,Window Title = Microsoft Internet Explorer
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000

O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Internet Explorer Classes for Java - file://C:\WINDOWS\SYSTEM\iejava.cab
C:\WINDOWS\Downloaded Program Files\Internet Explorer Classes for Java.osd

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

O16 -: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} - hxxp://www.extrafilm.fr/ImageUploader4.cab
C:\WINDOWS\Downloaded Program Files\ImageUploader4.inf
C:\WINDOWS\system32\unicows.dll
C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 11:53:07
Windows 5.0.2195 Service Pack 4 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-09-01 11:53:44
ComboFix-quarantined-files.txt 2008-09-01 09:53:42

Pre-Run: 11,352,276,992 octets libres
Post-Run: 11,590,893,568 octets libres

746

Réponse 10 / 17

Profil bloqué

reposte un log hijack stp

luna

voici le scan hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:41, on 01/09/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Documents and Settings\HAMIDAOUI\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/de-de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\quicktime6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\eurobarre\eb.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Registration\SonnReg.exe
O4 - Global Startup: 3Deep.lnk = C:\Program Files\E-Color\3Deep\3Deepctl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u7-windows-i586-jc.cab&AuthParam=1580978829_3fac487ff39b191ded7866fc4973d48d&ext=.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nvohlp - NVIDIA Corporation - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

Réponse 11 / 17

Profil bloqué

aurai tu encore des probleme parceque d'apres hijack tu n'a plus rien

Réponse 12 / 17

luna

non il n'y a plus de problèmes

parcontre depuis que j'ai fait combofix le bureau met plus de temps a s'afficher (idem pour mon ordi) c'est normal ?

Réponse 13 / 17

Profil bloqué

euh ba en faites tous se que je té donné pour supprimé té virus tu desinstal tous + tu suppre combofix + smithfraudfix sinon sa crée des conflits donc desinstale tous les logiciels de mes etapes

Réponse 14 / 17

luna

ca y est j'ai fait les suppressions et maintenant mon ordi redémarre normalement.

Merci pour ton aide

Je vais marquer que le problème est résolu :)

Bonne soirée

Réponse 15 / 17

luna

ben en fait je ne sais pas comment faire pour le marquer résolu...
Je crois qu'il faut etre membre ou un truc comme ca...

donc si tu peux le faire pour moi stp....Merci

Réponse 16 / 17

Profil bloqué

slt dsl jpeu pas le faire
marque en gros PROBLEME RESOLUT sur ton prochain message

Réponse 17 / 17

luna

PROBLEME RESOLU

Discussions similaires

télécharger router scan v2.6 ou v3.6

Google Chrome " Échec de l'analyse antivirus "

comment lire des bd gratuitement en ligne sur internet ?

Huawei P8 Lite "nouveau tag ajouté"

Nouveau tag ajouté - Utilité

Analyse d'un scan hijackthis

17 réponses

Votre réponse

Discussions similaires

Newsletters