Votre question

Redemarrages recurents du pc, virus ?

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Mai 2009 10:53:33

Bonjour, depuis peu mon pc redémarre obstinément, le net s'est mis à ramer sévère, certaines applications plante et ni avast, spybot ou adaware ne trouve rien de méchant... VOici mon log hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:49:28, on 06/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\VisualTaskTips.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\VPro500.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 86.64.145.141 84.103.237.141
O17 - HKLM\System\CS1\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9674 bytes


MErci de votre aide future!

Autres pages sur : redemarrages recurents virus

a b 8 Sécurité
6 Mai 2009 18:50:42

Un bonjour ?

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    6 Mai 2009 18:59:29

    Merci de ta réponse !


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : Default System BIOS
    USER : Administrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090505-0] 4.8.1335 (Activated)
    Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:6 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 06/05/2009|18:53 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\temp
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\global_scripts.js
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\logo.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\logo_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\scripts.js
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\scroller.js
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\separator.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\settings.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\settings_over.gif
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\index.76.35
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
    C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\temp\installtype.ini
    C:\Program Files\Dealio
    C:\Program Files\Dealio\DealioAU.exe
    C:\Program Files\Dealio\kb127
    C:\Program Files\Dealio\SearchSettingsKit.exe
    C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
    C:\Program Files\Dealio\kb127\Dealio.dll
    C:\Program Files\Dealio\kb127\DealioRes409.dll
    C:\Program Files\Dealio\kb127\res
    C:\Program Files\Dealio\kb127\resDN
    C:\Program Files\Dealio\kb127\rules
    C:\Program Files\Dealio\kb127\temp
    C:\Program Files\Dealio\kb127\res\alerts.gif
    C:\Program Files\Dealio\kb127\res\alerts_over.gif
    C:\Program Files\Dealio\kb127\res\alerts_rec.gif
    C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
    C:\Program Files\Dealio\kb127\res\chevron-small.gif
    C:\Program Files\Dealio\kb127\res\DealioSearch.html
    C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
    C:\Program Files\Dealio\kb127\res\deal_report.jpg
    C:\Program Files\Dealio\kb127\res\ebay_login.jpg
    C:\Program Files\Dealio\kb127\res\err_mainwindow.html
    C:\Program Files\Dealio\kb127\res\err_toolbar.html
    C:\Program Files\Dealio\kb127\res\global_scripts.js
    C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
    C:\Program Files\Dealio\kb127\res\highlight-bg.png
    C:\Program Files\Dealio\kb127\res\logo.gif
    C:\Program Files\Dealio\kb127\res\logo_over.gif
    C:\Program Files\Dealio\kb127\res\man_toolbar.css
    C:\Program Files\Dealio\kb127\res\man_toolbar.html
    C:\Program Files\Dealio\kb127\res\man_toolbar.js
    C:\Program Files\Dealio\kb127\res\man_toolbarl.js
    C:\Program Files\Dealio\kb127\res\post-this-deal.gif
    C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
    C:\Program Files\Dealio\kb127\res\scripts.js
    C:\Program Files\Dealio\kb127\res\scroller.js
    C:\Program Files\Dealio\kb127\res\search-chevron.gif
    C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
    C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
    C:\Program Files\Dealio\kb127\res\separator.gif
    C:\Program Files\Dealio\kb127\res\settings.gif
    C:\Program Files\Dealio\kb127\res\settings_over.gif
    C:\Program Files\Dealio\kb127\res\yahoo-search.png
    C:\Program Files\Dealio\kb127\resDN\bottom.gif
    C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
    C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
    C:\Program Files\Dealio\kb127\resDN\close.gif
    C:\Program Files\Dealio\kb127\resDN\deskbar.css
    C:\Program Files\Dealio\kb127\resDN\deskbar.js
    C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
    C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
    C:\Program Files\Dealio\kb127\resDN\logo.gif
    C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
    C:\Program Files\Dealio\kb127\resDN\losing.gif
    C:\Program Files\Dealio\kb127\resDN\lost.gif
    C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
    C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
    C:\Program Files\Dealio\kb127\resDN\menu_check.gif
    C:\Program Files\Dealio\kb127\resDN\no_image.gif
    C:\Program Files\Dealio\kb127\resDN\prod_img.gif
    C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
    C:\Program Files\Dealio\kb127\resDN\spacer.gif
    C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
    C:\Program Files\Dealio\kb127\resDN\top.gif
    C:\Program Files\Dealio\kb127\resDN\unknown.gif
    C:\Program Files\Dealio\kb127\resDN\winning.gif
    C:\Program Files\Dealio\kb127\resDN\won.gif
    C:\Program Files\Dealio\kb127\rules\index.76.35
    C:\Program Files\Dealio\kb127\rules\rules.1.10.76
    C:\Program Files\Dealio\kb127\rules\rules.1.109.43
    C:\Program Files\Dealio\kb127\rules\rules.1.110.43
    C:\Program Files\Dealio\kb127\rules\rules.1.12.52
    C:\Program Files\Dealio\kb127\rules\rules.1.13.58
    C:\Program Files\Dealio\kb127\rules\rules.1.130.58
    C:\Program Files\Dealio\kb127\rules\rules.1.135.50
    C:\Program Files\Dealio\kb127\rules\rules.1.153.44
    C:\Program Files\Dealio\kb127\rules\rules.1.155.43
    C:\Program Files\Dealio\kb127\rules\rules.1.156.49
    C:\Program Files\Dealio\kb127\rules\rules.1.16.60
    C:\Program Files\Dealio\kb127\rules\rules.1.161.52
    C:\Program Files\Dealio\kb127\rules\rules.1.178.66
    C:\Program Files\Dealio\kb127\rules\rules.1.184.55
    C:\Program Files\Dealio\kb127\rules\rules.1.188.52
    C:\Program Files\Dealio\kb127\rules\rules.1.189.45
    C:\Program Files\Dealio\kb127\rules\rules.1.196.43
    C:\Program Files\Dealio\kb127\rules\rules.1.198.56
    C:\Program Files\Dealio\kb127\rules\rules.1.199.43
    C:\Program Files\Dealio\kb127\rules\rules.1.200.53
    C:\Program Files\Dealio\kb127\rules\rules.1.201.43
    C:\Program Files\Dealio\kb127\rules\rules.1.202.43
    C:\Program Files\Dealio\kb127\rules\rules.1.203.71
    C:\Program Files\Dealio\kb127\rules\rules.1.205.62
    C:\Program Files\Dealio\kb127\rules\rules.1.213.71
    C:\Program Files\Dealio\kb127\rules\rules.1.214.49
    C:\Program Files\Dealio\kb127\rules\rules.1.215.43
    C:\Program Files\Dealio\kb127\rules\rules.1.216.67
    C:\Program Files\Dealio\kb127\rules\rules.1.217.67
    C:\Program Files\Dealio\kb127\rules\rules.1.218.52
    C:\Program Files\Dealio\kb127\rules\rules.1.219.43
    C:\Program Files\Dealio\kb127\rules\rules.1.220.43
    C:\Program Files\Dealio\kb127\rules\rules.1.221.57
    C:\Program Files\Dealio\kb127\rules\rules.1.222.43
    C:\Program Files\Dealio\kb127\rules\rules.1.223.68
    C:\Program Files\Dealio\kb127\rules\rules.1.226.68
    C:\Program Files\Dealio\kb127\rules\rules.1.227.43
    C:\Program Files\Dealio\kb127\rules\rules.1.228.62
    C:\Program Files\Dealio\kb127\rules\rules.1.229.76
    C:\Program Files\Dealio\kb127\rules\rules.1.23.63
    C:\Program Files\Dealio\kb127\rules\rules.1.239.43
    C:\Program Files\Dealio\kb127\rules\rules.1.24.43
    C:\Program Files\Dealio\kb127\rules\rules.1.240.43
    C:\Program Files\Dealio\kb127\rules\rules.1.241.43
    C:\Program Files\Dealio\kb127\rules\rules.1.242.43
    C:\Program Files\Dealio\kb127\rules\rules.1.243.43
    C:\Program Files\Dealio\kb127\rules\rules.1.244.63
    C:\Program Files\Dealio\kb127\rules\rules.1.245.43
    C:\Program Files\Dealio\kb127\rules\rules.1.247.43
    C:\Program Files\Dealio\kb127\rules\rules.1.248.43
    C:\Program Files\Dealio\kb127\rules\rules.1.249.43
    C:\Program Files\Dealio\kb127\rules\rules.1.250.43
    C:\Program Files\Dealio\kb127\rules\rules.1.251.43
    C:\Program Files\Dealio\kb127\rules\rules.1.252.43
    C:\Program Files\Dealio\kb127\rules\rules.1.253.43
    C:\Program Files\Dealio\kb127\rules\rules.1.254.43
    C:\Program Files\Dealio\kb127\rules\rules.1.255.43
    C:\Program Files\Dealio\kb127\rules\rules.1.256.43
    C:\Program Files\Dealio\kb127\rules\rules.1.257.43
    C:\Program Files\Dealio\kb127\rules\rules.1.279.43
    C:\Program Files\Dealio\kb127\rules\rules.1.28.58
    C:\Program Files\Dealio\kb127\rules\rules.1.282.75
    C:\Program Files\Dealio\kb127\rules\rules.1.283.43
    C:\Program Files\Dealio\kb127\rules\rules.1.284.43
    C:\Program Files\Dealio\kb127\rules\rules.1.289.67
    C:\Program Files\Dealio\kb127\rules\rules.1.290.62
    C:\Program Files\Dealio\kb127\rules\rules.1.291.61
    C:\Program Files\Dealio\kb127\rules\rules.1.296.43
    C:\Program Files\Dealio\kb127\rules\rules.1.297.43
    C:\Program Files\Dealio\kb127\rules\rules.1.304.43
    C:\Program Files\Dealio\kb127\rules\rules.1.307.43
    C:\Program Files\Dealio\kb127\rules\rules.1.308.75
    C:\Program Files\Dealio\kb127\rules\rules.1.31.47
    C:\Program Files\Dealio\kb127\rules\rules.1.310.46
    C:\Program Files\Dealio\kb127\rules\rules.1.311.43
    C:\Program Files\Dealio\kb127\rules\rules.1.315.43
    C:\Program Files\Dealio\kb127\rules\rules.1.316.43
    C:\Program Files\Dealio\kb127\rules\rules.1.317.43
    C:\Program Files\Dealio\kb127\rules\rules.1.318.43
    C:\Program Files\Dealio\kb127\rules\rules.1.319.49
    C:\Program Files\Dealio\kb127\rules\rules.1.32.48
    C:\Program Files\Dealio\kb127\rules\rules.1.334.44
    C:\Program Files\Dealio\kb127\rules\rules.1.335.60
    C:\Program Files\Dealio\kb127\rules\rules.1.336.44
    C:\Program Files\Dealio\kb127\rules\rules.1.337.44
    C:\Program Files\Dealio\kb127\rules\rules.1.338.75
    C:\Program Files\Dealio\kb127\rules\rules.1.339.47
    C:\Program Files\Dealio\kb127\rules\rules.1.34.43
    C:\Program Files\Dealio\kb127\rules\rules.1.340.47
    C:\Program Files\Dealio\kb127\rules\rules.1.341.47
    C:\Program Files\Dealio\kb127\rules\rules.1.349.50
    C:\Program Files\Dealio\kb127\rules\rules.1.35.48
    C:\Program Files\Dealio\kb127\rules\rules.1.350.50
    C:\Program Files\Dealio\kb127\rules\rules.1.351.51
    C:\Program Files\Dealio\kb127\rules\rules.1.352.54
    C:\Program Files\Dealio\kb127\rules\rules.1.353.51
    C:\Program Files\Dealio\kb127\rules\rules.1.354.51
    C:\Program Files\Dealio\kb127\rules\rules.1.357.62
    C:\Program Files\Dealio\kb127\rules\rules.1.358.52
    C:\Program Files\Dealio\kb127\rules\rules.1.359.52
    C:\Program Files\Dealio\kb127\rules\rules.1.360.53
    C:\Program Files\Dealio\kb127\rules\rules.1.361.54
    C:\Program Files\Dealio\kb127\rules\rules.1.362.68
    C:\Program Files\Dealio\kb127\rules\rules.1.363.58
    C:\Program Files\Dealio\kb127\rules\rules.1.364.54
    C:\Program Files\Dealio\kb127\rules\rules.1.365.53
    C:\Program Files\Dealio\kb127\rules\rules.1.367.56
    C:\Program Files\Dealio\kb127\rules\rules.1.368.58
    C:\Program Files\Dealio\kb127\rules\rules.1.369.55
    C:\Program Files\Dealio\kb127\rules\rules.1.370.56
    C:\Program Files\Dealio\kb127\rules\rules.1.371.56
    C:\Program Files\Dealio\kb127\rules\rules.1.372.57
    C:\Program Files\Dealio\kb127\rules\rules.1.373.55
    C:\Program Files\Dealio\kb127\rules\rules.1.375.56
    C:\Program Files\Dealio\kb127\rules\rules.1.376.57
    C:\Program Files\Dealio\kb127\rules\rules.1.377.55
    C:\Program Files\Dealio\kb127\rules\rules.1.378.65
    C:\Program Files\Dealio\kb127\rules\rules.1.384.58
    C:\Program Files\Dealio\kb127\rules\rules.1.386.71
    C:\Program Files\Dealio\kb127\rules\rules.1.387.59
    C:\Program Files\Dealio\kb127\rules\rules.1.388.59
    C:\Program Files\Dealio\kb127\rules\rules.1.389.59
    C:\Program Files\Dealio\kb127\rules\rules.1.390.60
    C:\Program Files\Dealio\kb127\rules\rules.1.391.60
    C:\Program Files\Dealio\kb127\rules\rules.1.392.60
    C:\Program Files\Dealio\kb127\rules\rules.1.393.60
    C:\Program Files\Dealio\kb127\rules\rules.1.394.60
    C:\Program Files\Dealio\kb127\rules\rules.1.396.61
    C:\Program Files\Dealio\kb127\rules\rules.1.397.61
    C:\Program Files\Dealio\kb127\rules\rules.1.398.60
    C:\Program Files\Dealio\kb127\rules\rules.1.399.60
    C:\Program Files\Dealio\kb127\rules\rules.1.403.61
    C:\Program Files\Dealio\kb127\rules\rules.1.404.63
    C:\Program Files\Dealio\kb127\rules\rules.1.405.61
    C:\Program Files\Dealio\kb127\rules\rules.1.406.61
    C:\Program Files\Dealio\kb127\rules\rules.1.407.76
    C:\Program Files\Dealio\kb127\rules\rules.1.408.63
    C:\Program Files\Dealio\kb127\rules\rules.1.409.61
    C:\Program Files\Dealio\kb127\rules\rules.1.412.62
    C:\Program Files\Dealio\kb127\rules\rules.1.413.62
    C:\Program Files\Dealio\kb127\rules\rules.1.414.62
    C:\Program Files\Dealio\kb127\rules\rules.1.415.62
    C:\Program Files\Dealio\kb127\rules\rules.1.416.62
    C:\Program Files\Dealio\kb127\rules\rules.1.417.62
    C:\Program Files\Dealio\kb127\rules\rules.1.418.62
    C:\Program Files\Dealio\kb127\rules\rules.1.419.62
    C:\Program Files\Dealio\kb127\rules\rules.1.420.62
    C:\Program Files\Dealio\kb127\rules\rules.1.421.62
    C:\Program Files\Dealio\kb127\rules\rules.1.423.63
    C:\Program Files\Dealio\kb127\rules\rules.1.424.63
    C:\Program Files\Dealio\kb127\rules\rules.1.425.63
    C:\Program Files\Dealio\kb127\rules\rules.1.426.63
    C:\Program Files\Dealio\kb127\rules\rules.1.427.63
    C:\Program Files\Dealio\kb127\rules\rules.1.428.65
    C:\Program Files\Dealio\kb127\rules\rules.1.429.63
    C:\Program Files\Dealio\kb127\rules\rules.1.430.63
    C:\Program Files\Dealio\kb127\rules\rules.1.432.65
    C:\Program Files\Dealio\kb127\rules\rules.1.433.64
    C:\Program Files\Dealio\kb127\rules\rules.1.434.65
    C:\Program Files\Dealio\kb127\rules\rules.1.435.64
    C:\Program Files\Dealio\kb127\rules\rules.1.436.76
    C:\Program Files\Dealio\kb127\rules\rules.1.437.64
    C:\Program Files\Dealio\kb127\rules\rules.1.438.71
    C:\Program Files\Dealio\kb127\rules\rules.1.439.71
    C:\Program Files\Dealio\kb127\rules\rules.1.440.75
    C:\Program Files\Dealio\kb127\rules\rules.1.442.73
    C:\Program Files\Dealio\kb127\rules\rules.1.443.73
    C:\Program Files\Dealio\kb127\rules\rules.1.444.73
    C:\Program Files\Dealio\kb127\rules\rules.1.445.68
    C:\Program Files\Dealio\kb127\rules\rules.1.446.69
    C:\Program Files\Dealio\kb127\rules\rules.1.450.67
    C:\Program Files\Dealio\kb127\rules\rules.1.451.67
    C:\Program Files\Dealio\kb127\rules\rules.1.452.68
    C:\Program Files\Dealio\kb127\rules\rules.1.453.68
    C:\Program Files\Dealio\kb127\rules\rules.1.454.69
    C:\Program Files\Dealio\kb127\rules\rules.1.456.69
    C:\Program Files\Dealio\kb127\rules\rules.1.457.75
    C:\Program Files\Dealio\kb127\rules\rules.1.458.70
    C:\Program Files\Dealio\kb127\rules\rules.1.459.70
    C:\Program Files\Dealio\kb127\rules\rules.1.460.69
    C:\Program Files\Dealio\kb127\rules\rules.1.462.74
    C:\Program Files\Dealio\kb127\rules\rules.1.463.69
    C:\Program Files\Dealio\kb127\rules\rules.1.464.70
    C:\Program Files\Dealio\kb127\rules\rules.1.465.68
    C:\Program Files\Dealio\kb127\rules\rules.1.468.70
    C:\Program Files\Dealio\kb127\rules\rules.1.469.70
    C:\Program Files\Dealio\kb127\rules\rules.1.470.70
    C:\Program Files\Dealio\kb127\rules\rules.1.471.73
    C:\Program Files\Dealio\kb127\rules\rules.1.472.70
    C:\Program Files\Dealio\kb127\rules\rules.1.478.74
    C:\Program Files\Dealio\kb127\rules\rules.1.479.73
    C:\Program Files\Dealio\kb127\rules\rules.1.480.68
    C:\Program Files\Dealio\kb127\rules\rules.1.481.71
    C:\Program Files\Dealio\kb127\rules\rules.1.482.74
    C:\Program Files\Dealio\kb127\rules\rules.1.49.67
    C:\Program Files\Dealio\kb127\rules\rules.1.50.43
    C:\Program Files\Dealio\kb127\rules\rules.1.500.71
    C:\Program Files\Dealio\kb127\rules\rules.1.501.74
    C:\Program Files\Dealio\kb127\rules\rules.1.502.71
    C:\Program Files\Dealio\kb127\rules\rules.1.51.69
    C:\Program Files\Dealio\kb127\rules\rules.1.52.72
    C:\Program Files\Dealio\kb127\rules\rules.1.520.76
    C:\Program Files\Dealio\kb127\rules\rules.1.521.76
    C:\Program Files\Dealio\kb127\rules\rules.1.522.76
    C:\Program Files\Dealio\kb127\rules\rules.1.53.51
    C:\Program Files\Dealio\kb127\rules\rules.1.531.76
    C:\Program Files\Dealio\kb127\rules\rules.1.532.75
    C:\Program Files\Dealio\kb127\rules\rules.1.534.75
    C:\Program Files\Dealio\kb127\rules\rules.1.54.47
    C:\Program Files\Dealio\kb127\rules\rules.1.55.45
    C:\Program Files\Dealio\kb127\rules\rules.1.56.69
    C:\Program Files\Dealio\kb127\rules\rules.1.57.43
    C:\Program Files\Dealio\kb127\rules\rules.1.58.47
    C:\Program Files\Dealio\kb127\rules\rules.1.593.76
    C:\Program Files\Dealio\kb127\rules\rules.1.595.76
    C:\Program Files\Dealio\kb127\rules\rules.1.63.57
    C:\Program Files\Dealio\kb127\rules\rules.1.66.47
    C:\Program Files\Dealio\kb127\rules\rules.1.70.75
    C:\Program Files\Dealio\kb127\rules\rules.1.71.43
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
    C:\Program Files\Search Settings
    C:\Program Files\Search Settings\kb127
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Search Settings\kb127\res
    C:\Program Files\Search Settings\kb127\SearchSettings.dll
    C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
    C:\Program Files\Search Settings\kb127\temp

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.google.fr"
    "Search Bar"="http://www.google.fr/ie"
    "Start Page"="http://www.cegetel.net"
    "Default_Search_URL"="http://www.google.fr/keyword/%s"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.google.fr"
    "Default_Search_URL"="http://www.google.fr"
    "Search Page"="http://www.google.fr"
    "Start Page"="http://www.google.fr"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Methode Sims 2 mode construction par Kurtspirit.htm
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool\daemon347.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original\Sims2.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s\keygen.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir\Sims2_1.mir
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚\bm.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer\Sims 2 +2 trainer fixed.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Death To The Pixies\Death To The Pixies (Disc 2)\14 Crackity Jones.mp3
    C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Doolittle\09 - Crackity Jones.mp3



    1 - "C:\ToolBar SD\TB_1.txt" - 06/05/2009|18:55 - Option : [1]

    -----------\\ Fin du rapport a 18:55:27,68
    Contenus similaires
    a b 8 Sécurité
    7 Mai 2009 19:27:08

    Re,

    Relance Lop S&D.

  • Choisis cette fois ci l'Option 2 (Suppression)
    [#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Poste le rapport généré (C:\lopR.txt)
    8 Mai 2009 17:20:26

    Merci voici le rapport, mais toujours pas d'amélioration...


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : Default System BIOS
    USER : Administrateur ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090507-0] 4.8.1335 (Activated)
    Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:10 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 08/05/2009|17:16 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\Search Settings\kb127
    Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
    Supprime! - C:\Program Files\Search Settings

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.google.fr"
    "Search Bar"="http://www.google.fr/ie"
    "Start Page"="http://www.cegetel.net"
    "Default_Search_URL"="http://www.google.fr/keyword/%s"
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.google.fr"
    "Default_Search_URL"="http://www.google.fr"
    "Search Page"="http://www.google.fr"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Methode Sims 2 mode construction par Kurtspirit.htm
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool\daemon347.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original\Sims2.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s\keygen.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir\Sims2_1.mir
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚\bm.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer\Sims 2 +2 trainer fixed.exe
    C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Death To The Pixies\Death To The Pixies (Disc 2)\14 Crackity Jones.mp3
    C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Doolittle\09 - Crackity Jones.mp3



    1 - "C:\ToolBar SD\TB_1.txt" - 06/05/2009|18:55 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 08/05/2009|17:18 - Option : [2]

    -----------\\ Fin du rapport a 17:18:25,57
    a b 8 Sécurité
    9 Mai 2009 12:37:59

    Merci de supprimer tous tes cracks, reposte un rapport Hijackthis.
    9 Mai 2009 15:21:12

    Ok c'est fait je savais même pas qu'il trainait encore.
    Voici le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:19:20, on 09/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\System32\VisualTaskTips.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
    C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Startup: Azureus Ultra Accelerator.lnk = C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
    O17 - HKLM\System\CS1\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9148 bytes
    a b 8 Sécurité
    10 Mai 2009 16:28:10

    Ton pc se comporte mieux ?

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute le Désinstalleur d'Avast!.
    Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    &

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Protection Locale, choisis Contrôler.
  • Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
  • Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    18 Mai 2009 11:15:15

    Bonjour, désolé pour le temps de réponse j'ai du m'absenter pour un moment. Voici le scan antivir... Il a trouvé plusieurs choses que j'ai mise en quarantaine



    Avira AntiVir Personal
    Date de création du fichier de rapport : lundi 18 mai 2009 09:44

    La recherche porte sur 1396800 souches de virus.

    Détenteur de la licence :Avira AntiVir PersonalEdition Classic
    Numéro de série : 0000149996-ADJIE-0001
    Plateforme : Windows XP
    Version de Windows :( Service Pack 2) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur :382598EDA7D34A7

    Informations de version :
    BUILD.DAT : 8.2.0.53 17752 Bytes 23/03/2009 13:45:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00
    AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16
    LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 12:40:11
    ANTIVIR2.VDF : 7.1.3.185 2010112 Bytes 12/05/2009 12:39:18
    ANTIVIR3.VDF : 7.1.3.216 129536 Bytes 16/05/2009 12:39:17
    Version du moteur: 8.2.0.168
    AEVDF.DLL : 8.1.1.1 106868 Bytes 11/05/2009 12:40:21
    AESCRIPT.DLL : 8.1.2.0 389497 Bytes 16/05/2009 12:39:22
    AESCN.DLL : 8.1.2.3 127347 Bytes 16/05/2009 12:39:20
    AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38
    AEPACK.DLL : 8.1.3.16 397686 Bytes 11/05/2009 12:40:19
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 11/05/2009 12:40:18
    AEHEUR.DLL : 8.1.0.129 1761655 Bytes 16/05/2009 12:39:20
    AEHELP.DLL : 8.1.2.2 119158 Bytes 11/05/2009 12:40:16
    AEGEN.DLL : 8.1.1.44 348532 Bytes 16/05/2009 12:39:18
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56
    AECORE.DLL : 8.1.6.9 176500 Bytes 11/05/2009 12:40:15
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58
    AVREP.DLL : 8.0.0.3 155688 Bytes 11/05/2009 12:40:15
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16
    RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43

    Configuration pour la recherche actuelle :
    Nom de la tâche..................: Contrôle intégral du système
    Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Documentation....................: bas
    Action principale................: interactif
    Action secondaire................: ignorer
    Recherche sur les secteurs d'amorçage maître: marche
    Recherche sur les secteurs d'amorçage: marche
    Secteurs d'amorçage..............: C:,
    Recherche dans les programmes actifs: marche
    Recherche en cours sur l'enregistrement: marche
    Recherche de Rootkits............: arrêt
    Fichier mode de recherche........: Sélection de fichiers intelligente
    Recherche sur les archives.......: marche
    Limiter la profondeur de récursivité: 20
    Archive Smart Extensions.........: marche
    Heuristique de macrovirus........: marche
    Heuristique fichier..............: moyen

    Début de la recherche : lundi 18 mai 2009 09:44

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Azureus Ultra Accelerator.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'VPro500.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'dslmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Eraser.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'zlclient.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'VisualTaskTips.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'PAStiSvc.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'vsmon.exe' - '0' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '34' processus ont été contrôlés avec '34' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence.
    Le registre a été contrôlé ( '50' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\'
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    C:\Documents and Settings\Administrateur\Bureau\Install\Nouveau dossier\install_ccsetup211.exe.exe
    [RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Small.fxa
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a8412ed.qua' !
    C:\System Volume Information\_restore{8A712722-2AAA-481C-B180-F279239DB17D}\RP330\A0163368.exe
    [RESULTAT] Contient le cheval de Troie TR/Agent.6905.A
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a4224e3.qua' !
    C:\System Volume Information\_restore{8A712722-2AAA-481C-B180-F279239DB17D}\RP339\A0168227.exe
    [RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Small.fxa
    [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a422516.qua' !


    Fin de la recherche : lundi 18 mai 2009 11:14
    Temps nécessaire: 1:29:41 Heure(s)

    La recherche a été effectuée intégralement

    6881 Les répertoires ont été contrôlés
    524902 Des fichiers ont été contrôlés
    3 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    3 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    1 Impossible de contrôler des fichiers
    524898 Fichiers non infectés
    6483 Les archives ont été contrôlées
    1 Avertissements
    3 Consignes
    a b 8 Sécurité
    18 Mai 2009 17:16:07

    Reposte un rapport Hijackthis.
    18 Mai 2009 18:33:15

    Le voici:

    ogfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:32:34, on 18/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Windows\System32\VisualTaskTips.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Eraser\Eraser.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\VPro500.exe
    C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Startup: Azureus Ultra Accelerator.lnk = C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 86.64.145.142 84.103.237.142
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9046 bytes
    a b 8 Sécurité
    19 Mai 2009 17:31:31

    Même soucis ?
    19 Mai 2009 19:51:06

    Oui toujours peut-être est-ce matériel, mais en tout cas merci pour ton aide.
    a b 8 Sécurité
    19 Mai 2009 20:11:27

    Autant demander dans Hardware ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS