Se connecter avec
S'enregistrer | Connectez-vous
Votre question

Probleme - PUB

Tags :
Dernière réponse : dans Sécurité et virus
Partagez
28 Mars 2009 14:39:43

Bonjour a tous ,

Je rencontre depuis peu un probleme de pub , j'ai genéré un rapport HJT , si quelqu'un pouvais m'aidé a le comprendre je vous en serais trés reconnaissant ,

merci d'avance

PS : j'attend l'autorisation pour posté le rapport

merci a vous :) 

Autres pages sur : probleme pub

28 Mars 2009 16:10:45

:hello:  Bonjour,

***Désactive tes protections résidentes pour télécharger et exécuter EDT***

Télécharge Egwene's Diagnostic Tool (EDT) et enregistre-le sur ton bureau.

  • Double-clique sur l'icône du fichier pour le lancer.
  • Un premier écran de choix va apparaître choisis "Français" puis valide par entrée.
  • Un deuxième écran de choix va apparaître : choisis "Listes blanches : on" puis valide par entrée.
  • Un troisième écran de choix va apparaître : choisis "Tout scanner" puis valide par entrée.
  • Un quatrième écran de choix va apparaître : choisis "30 jours" puis valide par entrée.
    *** Laisse le programme travailler et ne fais rien d'autre pendant ce temps ***
  • Il se peut qu'un message d'erreur apparaisse une fois rendu à "Infos OS" : clique sur annuler.
  • Un rapport va s'ouvrir : poste-le sur le forum. Veille bien à ce qu'il soit complet.
    *** Poste-le en plusieurs fois si nécessaire ***

    N.B : Il se peut que ton antivirus détecte le composant Xproc.exe de EDT comme néfaste, rassure-toi c'est un processus légitime qu'utilise EDT. Ignore les éventuelles alertes de ton antivirus à son propos.

    ;) 
    28 Mars 2009 17:46:47

    Daccord merci je fais sa et je le post

    Une petite precision , les pubs apparaissent en fonctions des sites que je visite :

    exemple : un forum de jeuxvideo = un site d'achat genre priceminster ou je ne sais plus quoi , il m'est aussi arrivé d'avoir des pubs X par apport a des mots sur dailymotions , exemple un chanson avec "charme" m'a mis des pubs X :( 

    Je genere le rapport et je le post

    merci
    Contenus similaires
    Pas de réponse à votre question ? Demandez !
    28 Mars 2009 18:00:05

    ======================================= Egwene's Diagnostic Tool =======================================

    ALIX
    Scan lancé le sam. 03/28/2009 à 17:55:32.37
    Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
    Internet Explorer: 7.0.5730.11

    C:\ [Fixed] - NTFS - (Total:147628 Mo/Free:536 Mo)
    D:\ [Fixed] - NTFS - (Total:19461 Mo/Free:621 Mo)
    E:\ [Removable] (Total:0 Mo/Free:0 Mo)
    F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
    G:\ [Removable] (Total:0 Mo/Free:0 Mo)
    H:\ [Removable] (Total:0 Mo/Free:0 Mo)
    I:\ [Removable] (Total:0 Mo/Free:0 Mo)
    J:\ [Fixed] - FAT32 - (Total:953634 Mo/Free:1608 Mo)

    ====== Processus (by Eric_71) ======

    --Locked-- [System Process] [ ]
    ---------- System [ ]
    ---------- C:\WINDOWS\System32\smss.exe [04/14/2008 03:34 50688]
    ---------- C:\WINDOWS\system32\csrss.exe [04/14/2008 03:33 6144]
    ---------- C:\WINDOWS\system32\winlogon.exe [04/14/2008 03:34 512000]
    ---------- C:\WINDOWS\system32\services.exe [04/14/2008 03:34 109056]
    ---------- C:\WINDOWS\system32\lsass.exe [04/14/2008 03:34 13312]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\System32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [01/30/2009 13:18 611664]
    ---------- C:\WINDOWS\Explorer.EXE [04/14/2008 03:34 1037824]
    ---------- C:\WINDOWS\system32\spoolsv.exe [04/14/2008 03:34 57856]
    ---------- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [07/26/2008 08:25 150040]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [09/21/2005 13:46 438272]
    ---------- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [08/15/2007 19:43 106496]
    ---------- C:\WINDOWS\System32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [02/16/2005 16:15 81920]
    ---------- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [07/01/2008 09:02 468224]
    ---------- C:\WINDOWS\system32\RUNDLL32.EXE [04/14/2008 03:34 33792]
    ---------- C:\Program Files\ESET\ESET Smart Security\egui.exe [07/01/2008 09:01 1447168]
    ---------- C:\Program Files\Java\jre6\bin\jusched.exe [03/15/2009 13:48 148888]
    ---------- C:\Program Files\Java\jre6\bin\jqs.exe [03/15/2009 13:48 152984]
    ---------- C:\WINDOWS\system32\ctfmon.exe [04/14/2008 03:33 15360]
    ---------- C:\Program Files\SuperCopier2\SuperCopier2.exe [07/07/2006 18:45 1052672]
    ---------- C:\WINDOWS\runservice.exe [01/04/2007 17:27 2560]
    ---------- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [06/20/2006 21:08 49152]
    ---------- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [07/26/2008 08:23 186904]
    ---------- C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe [08/26/2008 17:48 2019624]
    ---------- C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe [06/17/2001 16:15 869888]
    ---------- C:\WINDOWS\system32\nvsvc32.exe [10/07/2008 12:33 163908]
    ---------- C:\WINDOWS\system32\oodag.exe [06/28/2007 23:02 1049856]
    ---------- C:\WINDOWS\system32\PnkBstrA.exe [10/23/2008 11:19 66872]
    ---------- C:\WINDOWS\system32\PnkBstrB.exe [10/23/2008 11:19 107832]
    ---------- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [01/14/2009 17:53 226656]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\wbem\wmiapsrv.exe [04/14/2008 03:34 126464]
    ---------- C:\WINDOWS\system32\wbem\wmiprvse.exe [04/14/2008 03:34 218112]
    ---------- C:\WINDOWS\System32\alg.exe [04/14/2008 03:33 44544]
    ---------- c:\documents and settings\ali\local settings\application data\ewcuksi.exe [03/27/2009 13:44 240128]
    ---------- C:\WINDOWS\system32\taskmgr.exe [04/14/2008 03:34 143360]
    ---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [02/06/2009 18:51 3885408]
    ---------- C:\Program Files\Windows Live\Contacts\wlcomm.exe [02/06/2009 17:07 27512]
    ---------- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [06/30/2007 16:21 185896]
    ---------- C:\PROGRA~1\Free Download Manager\fdm.exe [01/31/2009 02:45 3399727]
    ---------- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [03/26/2009 16:49 1277584]
    ---------- C:\Program Files\Mozilla Firefox\firefox.exe [03/05/2009 17:36 307704]
    ---------- C:\WINDOWS\system32\NOTEPAD.EXE [04/14/2008 03:34 70656]
    ---------- C:\WINDOWS\system32\wscntfy.exe [04/14/2008 03:34 13824]
    ---------- C:\WINDOWS\system32\cmd.exe [04/14/2008 03:33 401408]
    ---------- C:\WINDOWS\system32\cmd.exe [04/14/2008 03:33 401408]
    ---------- C:\EDT$\Xproc.exe [03/07/2009 16:52 22829]
    ---------- [ ]


    ====== Internet Explorer ======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://www.yahoo.com
    "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Extensions Off Page"=about:NoAdd-ons
    "Security Risk Page"=about:SecurityRisk
    "Enable_Disk_Cache"=yes
    "Local Page"=%SystemRoot%\system32\blank.htm

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"=http://www.google.com/ie
    "Search Page"=http://www.google.com
    "Local Page"=C:\WINDOWS\system32\blank.htm

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    "CustomizeSearch"=http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable"=0 (0x0)
    "User Agent"=Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    "ProxyOverride"=<local>
    "AutoConfigURL"=file://C:/Documents and Settings/Ali/Bureau/Streamy/proxy.pac

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ActiveXCache"=C:\WINDOWS\Downloaded Program Files

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll - SearchSettings Class [06/12/2008 16:57 1111904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll - &Google Toolbar [03/15/2009 14:01 251504]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
    Compare Prices withDealio: @=C:\Documents and Settings\Ali\Application Data\Dealio\kb127\res\DealioSearch.html
    Download all links using BitComet: @=res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    Download link usingBitComet: @=res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}]
    {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - %windir%\bdoscandel.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}]
    {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}]
    {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}]
    {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - %windir%\Network Diagnostic\xpnetdiag.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}]
    {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - {9F038672-0425-4792-BC9C-36DE3308E8AA} - C:\Program Files\Dealio\kb127\Dealio.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}]
    {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} - C:\Program Files\Messenger\msmsgs.exe

    ====== BHOs ======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo Toolbar Helper - C:\Program Files\Yahoo28 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
    Winamp Toolbar BHO - C:\Program Files\Winamp Toolbar\winamptb.dll [10/04/2007 22:06 1135968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
    VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [08/21/2007 18:57 1895896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [09/15/2008 14:25 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    (no-file)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
    DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [05/26/2008 19:50 3170144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [01/14/2009 17:49 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [03/15/2009 14:01 251504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [03/15/2009 14:01 522224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
    FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [12/30/2008 01:03 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [02/06/2009 18:17 1068904]

    ====== RUN keys ======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    "nwiz"=nwiz.exe /install
    "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [08/14/2008 17:11 565008]
    "au"=C:\Program Files\Dealio\DealioAU.exe [05/26/2008 19:50 595296]
    "OODefragTray"=C:\WINDOWS\system32\oodtray.exe [06/28/2007 23:01 2512128]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [03/15/2009 13:48 148888]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [03/09/2009 16:49 37888]
    "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [10/07/2008 12:33 13574144]
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [10/07/2008 12:33 86016]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot [06/30/2007 16:21 185896]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime [06/29/2007 06:24 286720]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start [02/16/2005 16:15 81920]
    "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [07/01/2008 09:01 1447168]
    "Memeo AutoBackup"=C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent [11/07/2008 20:38 144608]
    "Memeo AutoSync"=C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent [11/06/2008 19:20 144608]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [03/26/2009 16:49 401040]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [04/14/2008 03:33 15360]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [07/07/2006 18:45 1052672]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [05/10/2008 18:31 36864]
    "wuwesck"="c:\documents and settings\ali\local settings\application data\wuwesck.exe" wuwesck [ ]
    "ewcuksi"="c:\documents and settings\ali\local settings\application data\ewcuksi.exe" ewcuksi [ ]
    "Steam"="c:\program files\valve\steam\steam.exe" -silent [10/08/2008 17:41 1410296]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background [04/14/2008 03:34 1695232]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background [02/06/2009 18:51 3885408]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 [09/18/2007 16:16 171464]
    "EPSON Stylus DX8400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S5BC.tmp" /EF "HKCU" [ ]
    "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 [03/30/2006 16:45 313472]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [09/16/2008 12:16 1833296]
    "Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S [08/26/2008 17:48 2019624]
    "STYLEXP"=C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE [04/14/2008 03:33 15360]

    ====== LSP (010) ======

    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004]
    "LibraryPath"=C:\WINDOWS\system32\wshbth.dll [04/14/2008 03:33 108032]

    ====== Policies ======

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=144 (0x90)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "AllowLegacyWebView"=1 (0x1)
    "AllowUnhashedWebView"=1 (0x1)
    "HonorAutoRunSetting"=1 (0x1)

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145 (0x91)

    ====== ContextMenuHandlers ======

    [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\EPPShellEx]
    {509fe1af-add5-49ec-bc55-7cf81fd16e78}: C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll -

    [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Eset Smart Security - Context Menu Shell Extension]
    {b089fe88-fb52-11d3-bdf1-0050da34150d}: Eset Smart Security - Context Menu Shell Extension - C:\Program Files\ESET\ESET Smart Security\shellExt.dll [07/01/2008 09:11 169216]

    [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\VIDEOTRANS]
    {548773ba-874e-4c02-9dc7-b7a096772c7d}: CountLines Class - SrcCount.CountLines.1

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Eset Smart Security - Context Menu Shell Extension]
    {b089fe88-fb52-11d3-bdf1-0050da34150d}: Eset Smart Security - Context Menu Shell Extension - C:\Program Files\ESET\ESET Smart Security\shellExt.dll [07/01/2008 09:11 169216]

    ====== ColumnHandlers ======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}]
    {24f14f01-7b1c-11d1-838f-0000f80461cf}: C:\WINDOWS\system32\SHELL32.dll -

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882}]
    {7d4d6379-f301-4311-beba-e26eb0561882}: NeroDigitalColumnHandler Class - NeroDigitalExt.NeroDigitalColumnHandl.1

    ====== 018 : Protocols & Filters ======

    [HKEY_CLASSES_ROOT\protocols\Handler\bw+0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw+0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw-0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw-0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw00]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw00s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw10]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw10s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw20]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw20s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw30]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw30s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw40]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw40s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw50]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw50s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw60]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw60s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw70]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw70s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw80]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw80s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw90]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bw90s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwa0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwa0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwb0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwb0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwc0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwc0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwd0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwd0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwe0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwe0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwf0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwf0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwfile-8876480]
    {9462A756-7B47-47BC-8C80-C34B9B80B32B}: BackWeb GA Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwg0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwg0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwh0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwh0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwi0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwi0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwj0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwj0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwk0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwk0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwl0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwl0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwm0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwm0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwn0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwn0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwo0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwo0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwp0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwp0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwq0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwq0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwr0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwr0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bws0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bws0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwt0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwt0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwu0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwu0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwv0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwv0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bww0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bww0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwx0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwx0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwy0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwy0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwz0]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\bwz0s]
    {caea0c1e-d10c-4d20-a1dc-55163481b87c}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    [HKEY_CLASSES_ROOT\protocols\Handler\offline-8876480]
    {CAEA0C1E-D10C-4D20-A1DC-55163481B87C}: BackWeb Proactive Portal Pluggable Protocol - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll [05/10/2008 18:31 40999]

    ====== TCPIP (DNS Hijacked) ======

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
    "DataBasePath"=%SystemRoot%\System32\drivers\etc
    "DhcpNameServer"=212.27.40.241 212.27.40.240

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{60F80162-7EBB-4252-82F8-340FFAACD102}]
    "DhcpNameServer"=212.27.40.241 212.27.40.240

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CC694637-AB81-46AE-B60D-7EC66B8241AB}]
    "DhcpNameServer"=212.27.40.241 212.27.40.240

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D7E09D66-ADC4-467E-A6E1-4E915B982057}]
    "DhcpNameServer"=212.27.40.241 212.27.40.240

    ====== Drivers 32 ======

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.trspch"=tssoft32.acm [08/05/2004 8192]
    "VIDC.I420"=lvcodec2.dll [07/26/2008 416280]
    "vidc.iv31"=ir32_32.dll [08/05/2004 199168]
    "vidc.iv32"=ir32_32.dll [08/05/2004 199168]
    "vidc.iv41"=ir41_32.ax [04/14/2008 848384]
    "msacm.msg723"=msg723.acm [08/05/2004 118784]
    "vidc.M263"=msh263.drv [04/14/2008 294912]
    "vidc.M261"=msh261.drv [04/14/2008 188416]
    "msacm.msaudio1"=msaud32.acm [04/14/2008 294912]
    "msacm.sl_anet"=sl_anet.acm [04/14/2008 86016]
    "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax [04/14/2008 199680]
    "vidc.iv50"=ir50_32.dll [04/14/2008 755200]
    "MSVideo8"=VfWWDM32.dll [04/14/2008 54784]
    "msacm.lameacm"=LameACM.acm [02/01/2004 393216]
    "MSVideo"=vfwwdm32.dll [04/14/2008 54784]
    "vidc.yv12"=yv12vfw.dll [01/25/2004 70656]
    "vidc.XVID"=xvidvfw.dll [11/01/2006 180224]

    ====== Clés SafeBoot ======

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    ====== DPF (016) ======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\CabBuilder]
    CabBuilder - hoop://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}]
    hoop://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2250C29C-C5E9-4F55-BE4E-01E45A40FCF1}]
    hoop://musicmix.messenger.msn.com/Medialogic.CAB

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D6F45B3-9043-443D-A792-115447494D24}]
    hoop://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B8BE5E93-A60C-4D26-A2DC-220313175592}]
    hoop://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}]
    hoop://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
    Java Runtime Environment 1.5.0 - hoop://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
    Java Runtime Environment 1.5.0 - hoop://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
    Java Runtime Environment 1.5.0 - hoop://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
    Java Runtime Environment 1.5.0 - hoop://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
    Java Runtime Environment 1.6.0 - hoop://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
    Java Runtime Environment 1.6.0 - hoop://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
    hoop://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}]
    hoop://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

    ---Downloaded Program Files---
    C:\WINDOWS\Downloaded Program Files\OSD608.OSD [12/01/2008 12:54 507]
    C:\WINDOWS\Downloaded Program Files\Medialogic.INF [02/11/2007 22:27 490]
    C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF [01/17/2007 15:44 316]
    C:\WINDOWS\Downloaded Program Files\swflash.inf [11/09/2006 14:36 5019]
    C:\WINDOWS\Downloaded Program Files\InstallerControl.dll [12/01/2008 12:54 921600]
    C:\WINDOWS\Downloaded Program Files\msgrchkr.dll [02/28/2007 14:21 131472]
    C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll [04/13/2007 02:14 382344]
    C:\WINDOWS\Downloaded Program Files\ZIntro.ocx [02/19/2007 11:26 159128]
    C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll [02/22/2007 23:41 304544]
    C:\WINDOWS\Downloaded Program Files\MineSweeper.dll [02/28/2007 14:21 130472]

    ====== Disques amovibles (MountPoint2) ======

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{531fdf68-0fba-11de-80ad-0007cb0000ff}]
    shell\AutoRun\command: setup.exe

    ---Contenu de J:\autorun.inf---
    [autorun]
    open=setup.exe
    ICON=AUTORUN\WDLOGO.ICO

    ====== HKLM\..\App Paths ======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HomePlayer1.5.6b.exe]
    @=C:\\Program Files\\HomePlayer\\HomePlayer.exe [11/06/2007 21:58 294912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WebcamSnapshot.exe]
    @=C:\\Program Files\\Logitech\\QuickCam\\QuickCam.exe [08/14/2008 17:15 2407184]
    "Path"=C:\\Program Files\\Logitech\\QuickCam\\ [12/22/2008 12:28 0]

    ====== \..\Image File Execution Options ======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
    "Debugger"=ntsd -d


    ====== \..\Installed Components ======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    "StubPath"=C:\WINDOWS\system32\ieudinit.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{8E78C26E-2138-4383-9317-8B8616E2B98E}]
    "StubPath"=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
    "StubPath"=


    ====== Security Center ======

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\WINDOWS\system32\sessmgr.exe"=C:\WINDOWS\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer
    "C:\Program Files\Acer\Acer eConsole\eConsole.exe"=C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole
    "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"=C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server
    "F:\Football Manager 2006\fm.exe"=F:\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006
    "C:\Program Files\eMule\emule.exe"=C:\Program Files\eMule\emule.exe:*:D isabled:eMule
    "C:\Documents and Settings\Invité\Bureau\emule.exe"=C:\Documents and Settings\Invité\Bureau\emule.exe:*:Enabled:eMule
    "C:\Documents and Settings\Ali\Mes documents\emule\emule.exe"=C:\Documents and Settings\Ali\Mes documents\emule\emule.exe:*:Enabled:eMule
    "C:\Program Files\BitComet\BitComet.exe"=C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client
    "C:\Program Files\Sports Interactive\Football Manager 2007\Fm 07\fm.exe"=C:\Program Files\Sports Interactive\Football Manager 2007\Fm 07\fm.exe:*:Enabled:Football Manager 2007
    "C:\Program Files\Valve\Steam\steamapps\melabib\counter-strike\hl.exe"=C:\Program Files\Valve\Steam\steamapps\melabib\counter-strike\hl.exe:*:Enabled:Half-Life Launcher
    "C:\Documents and Settings\Ali\Bureau\Fm 07\fm.exe"=C:\Documents and Settings\Ali\Bureau\Fm 07\fm.exe:*:Enabled:Football Manager 2007
    "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"=C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    "C:\Program Files\Messenger\MSMSGS.EXE"=C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger
    "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"=C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:Bluetooth Application
    "E:\Football Manager 2006\fm.exe"=E:\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006
    "C:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE"=C:\Program Files\Microsoft Games\Age of Empires II\empires2.EXE:*:Enabled:Age of Empires II
    "C:\Program Files\Microsoft Games\Age of Empires II\AGE2_X1.EXE"=C:\Program Files\Microsoft Games\Age of Empires II\AGE2_X1.EXE:*:Enabled:Age of Empires II Expansion
    "C:\WINDOWS\System32\FXSCLNT.exe"=C:\WINDOWS\System32\FXSCLNT.exe:*:D isabled:Microsoft Fax Console
    "C:\Program Files\Triggersoft\Rose Online\TRose.exe"=C:\Program Files\Triggersoft\Rose Online\TRose.exe:*:Enabled:Client
    "C:\WINDOWS\System32\dplaysvr.exe"=C:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper
    "C:\Program Files\VideoLAN\VLC\vlc.exe"=C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
    "C:\Program Files\Mozilla Firefox\firefox.exe"=C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
    "C:\Program Files\iTunes\iTunes.exe"=C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
    "C:\Program Files\Valve\Steam\Steam.exe"=C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam
    "C:\Program Files\Winamp Remote\bin\Orb.exe"=C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:o rb
    "C:\Program Files\Winamp Remote\bin\OrbTray.exe"=C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:o rbTray
    "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"=C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:o rb Stream Client
    "C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe"=C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Enabled:Football Manager 2008
    "C:\Program Files\SopCast\SopCast.exe"=C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application
    "C:\Documents and Settings\Ali\Application Data\SopCast\adv\SopAdver.exe"=C:\Documents and Settings\Ali\Application Data\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
    "C:\Program Files\TVAnts\Tvants.exe"=C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts
    "C:\Program Files\SopCast\adv\SopAdver.exe"=C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver
    "C:\Program Files\Real\RealPlayer\RealPlay.exe"=C:\Program Files\Real\RealPlayer\RealPlay.exe:*:Enabled:RealPlayer
    "C:\Program Files\adslTV\adslTV.exe"=C:\Program Files\adslTV\adslTV.exe:*:Enabled:adslTV
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"=C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008
    "C:\Program Files\Pando Networks\Pando\pando.exe"=C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:p ando Application
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"=C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
    "C:\Program Files\ma-config.com\maconfservice.exe"=C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice
    "C:\Program Files\eMule 2\eMule.exe"=C:\Program Files\eMule 2\eMule.exe:*:Enabled:eMule Plus
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"=C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter
    "C:\Documents and Settings\Ali\Bureau\Freeplayer\vlc\vlc.exe"=C:\Documents and Settings\Ali\Bureau\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player
    "C:\Program Files\TVUPlayer\TVUPlayer.exe"=C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
    "C:\Program Files\uTorrent\uTorrent.exe"=C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent
    "C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"=C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:p ro Evolution Soccer 2009
    "C:\WINDOWS\system32\PnkBstrA.exe"=C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA
    "C:\WINDOWS\system32\PnkBstrB.exe"=C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB
    "C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"=C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009
    "C:\Documents and Settings\Ali\eMule\eMule.exe"=C:\Documents and Settings\Ali\eMule\eMule.exe:*:Enabled:eMule Plus
    "C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe"=C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.1
    "C:\Documents and Settings\Ali\Bureau\CryptLoad_1.1.4\RouterClient.exe"=C:\Documents and Settings\Ali\Bureau\CryptLoad_1.1.4\RouterClient.exe:*:D isabled:RouterClient
    "C:\Program Files\HomePlayer\HomePlayer.exe"=C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer
    "C:\Program Files\HomePlayer\VLC\vlc.exe"=C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer
    "C:\Program Files\Skype\Phone\Skype.exe"=C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"=C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "C:\WINDOWS\system32\sessmgr.exe"=C:\WINDOWS\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"=C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"=C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger


    =============== HKLM\..\Svchost ===============

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
    "NetSvcs" => Messenger

    ====== HKLM\..\AeDebug ======

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug]
    "Auto"=1
    "Debugger"=drwtsn32 -p %ld -e %ld -g


    ====== Services/Drivers ======

    aawservice - 2 - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [01/30/2009 13:18 611664]
    Acer Media Server - 2 - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [09/21/2005 13:46 438272]
    Ad-Watch Connect Filter - 3 - C:\WINDOWS\system32\drivers\NSDriver.sys [04/29/2008 11:20 15648]
    Adobe LM Service - 3 - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [01/10/2008 21:37 72704]
    Afc - 3 - C:\WINDOWS\System32\drivers\Afc.sys [02/23/2005 14:58 11776]
    ALCXWDM - 3 - C:\WINDOWS\System32\drivers\ALCXWDM.SYS [09/22/2005 16:34 3727680]
    Apple Mobile Device - 2 - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [08/15/2007 19:43 106496]
    BlueletAudio - 3 - C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [05/31/2005 15:40 20480]
    BT - 3 - C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [04/30/2005 14:48 10804]
    btaudio - 3 -
    BTDriver - 3 -
    BthEnum - 3 - C:\WINDOWS\System32\DRIVERS\BthEnum.sys [04/13/2008 19:46 17024]
    BTHidEnum - 3 - C:\WINDOWS\System32\DRIVERS\vbtenum.sys [04/30/2005 14:50 11860]
    BTHidMgr - 0 - C:\WINDOWS\System32\Drivers\BTHidMgr.sys [04/30/2005 14:50 28271]
    BTHPORT - 3 - C:\WINDOWS\System32\Drivers\BTHport.sys [06/14/2008 18:33 272768]
    BthServ - 3 - C:\WINDOWS\System32\bthserv.dll [04/14/2008 03:33 30208]
    BTKRNL - 3 -
    BTNetFilter - 3 - C:\WINDOWS\system32\drivers\BTNetFilter.sys [12/16/2004 16:32 13304]
    eamon - 2 - C:\WINDOWS\System32\DRIVERS\eamon.sys [07/01/2008 08:56 39944]
    easdrv - 1 - C:\WINDOWS\System32\DRIVERS\easdrv.sys [07/01/2008 08:57 53256]
    ekrn - 2 - C:\Program Files\ESET\ESET Smart Security\ekrn.exe [07/01/2008 09:02 468224]
    epfw - 2 - C:\WINDOWS\System32\DRIVERS\epfw.sys [07/01/2008 09:04 71688]
    epfwtdi - 1 - C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [07/01/2008 09:04 54280]
    GEARAspiWDM - 3 - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [09/19/2006 14:44 15664]
    gusvc - 3 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [03/15/2009 14:06 137200]
    iPod Service - 3 - C:\Program Files\iPod\bin\iPodService.exe [08/15/2007 20:15 501048]
    irda - 2 - C:\WINDOWS\System32\DRIVERS\irda.sys [04/13/2008 19:54 88192]
    Irmon - 2 - C:\WINDOWS\System32\irmon.dll [04/14/2008 03:33 29184]
    irsir - 3 - C:\WINDOWS\System32\DRIVERS\irsir.sys [08/17/2001 21:51 18688]
    LicCtrlService - 2 - C:\WINDOWS\runservice.exe [01/04/2007 17:27 2560]
    LVcKap - 3 -
    LVCOMSer - 2 - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [07/26/2008 08:23 186904]
    LVMVDrv - 3 -
    LVPr2Mon - 3 - C:\WINDOWS\System32\Drivers\LVPr2Mon.sys [07/26/2008 08:25 25624]
    LVUSBSta - 3 - C:\WINDOWS\System32\drivers\LVUSBSta.sys [07/26/2008 16:26 41752]
    MBAMSwissArmy - 3 - C:\WINDOWS\system32\drivers\mbamswissarmy.sys [03/26/2009 16:49 38496]
    mchInjDrv - 4 -
    MemeoBackgroundService - 2 - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [11/07/2008 20:38 25824]
    NABTSFEC - 3 - C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [04/13/2008 19:46 85248]
    NdisIP - 3 - C:\WINDOWS\System32\DRIVERS\NdisIP.sys [04/13/2008 19:46 10880]
    nv - 3 - C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [10/07/2008 12:33 6133856]
    NVENETFD - 3 - C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [07/29/2005 17:11 34048]
    nvnetbus - 3 - C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [07/29/2005 17:11 12928]
    NVSvc - 2 - C:\WINDOWS\system32\nvsvc32.exe [10/07/2008 12:33 163908]
    O&O Defrag - 2 - C:\WINDOWS\system32\oodag.exe [06/28/2007 23:02 1049856]
    Outlook - C:\PROGRA~1\MICROS~3\Office12\OLMAPI32.DLL [05/09/2008 19:09 2954800] -
    PID_0928 - 3 - C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [02/01/2008 10:43 489624]
    PnkBstrA - 2 - C:\WINDOWS\system32\PnkBstrA.exe [10/23/2008 11:19 66872]
    PnkBstrB - 2 - C:\WINDOWS\system32\PnkBstrB.exe [10/23/2008 11:19 107832]
    PQNTDrv - 1 -
    Rasirda - 3 - C:\WINDOWS\System32\DRIVERS\rasirda.sys [08/17/2001 21:51 19584]
    RFCOMM - 3 - C:\WINDOWS\System32\DRIVERS\rfcomm.sys [04/13/2008 19:46 59136]
    SCREAMINGBDRIVER - 3 -
    SeaPort - 2 - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [01/14/2009 17:53 226656]
    SilverLink - 3 - C:\WINDOWS\System32\Drivers\SilvrLnk.sys [01/28/2004 14:03 21456]
    SLIP - 3 - C:\WINDOWS\System32\DRIVERS\SLIP.sys [04/13/2008 19:46 11136]
    sptd - 0 - C:\WINDOWS\System32\Drivers\sptd.sys [10/18/2007 11:21 685816]
    SRS_SSCFilter - 3 - C:\WINDOWS\System32\drivers\srs_sscfilter_i386.sys [07/26/2007 09:25 39808]
    ss_bus - 3 - C:\WINDOWS\System32\DRIVERS\ss_bus.sys [05/02/2007 11:11 83592]
    ss_mdfl - 3 - C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [05/02/2007 11:11 15112]
    ss_mdm - 3 - C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [05/02/2007 11:11 109704]
    StarOpen - 1 -
    VComm - 3 - C:\WINDOWS\System32\DRIVERS\VComm.sys [10/19/2004 13:37 61312]
    VcommMgr - 3 - C:\WINDOWS\System32\Drivers\VcommMgr.sys [03/25/2005 17:18 82148]
    windrvNT - 2 -
    WSTCODEC - 3 - C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [04/13/2008 19:46 19200]
    a73u1ntw - 3 -


    ====== FireFox ======

    Version: 3.0.7 (fr)
    Dossier: C:\Program Files\Mozilla Firefox\
    Profil path: C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\

    [.....Pref.js.....]

    "browser.search.defaulturl" = "http://search.live.com/results.aspx?FORM=IEFM1&q="
    "browser.search.defaultenginename" = "Live Search"
    "browser.startup.homepage" = "http://www.accueilinternet.com/mapage.php"
    "browser.startup.homepage_override.mstone" = "rv:1.9.0.7"
    "keyword.URL" = "http://search.live.com/results.aspx?FORM=IEFM1&q="
    "network.proxy.type" = 2

    [.....Extensions.....]

    Nom = Move Media Player [01/11/2008 22:38 927]
    Path = C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\extensions\moveplayer@movenetworks.com\install.rdf

    Nom = Get jetable mail [06/01/2008 10:24 1866]
    Path = C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\extensions\{26af1522-982e-c0c4-f54a-7e69fb6432f5}\install.rdf

    Nom = JeuxVideo.Fox [06/13/2008 00:36 1920]
    Path = C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}\install.rdf

    Nom = DownloadHelper [03/02/2009 22:49 2706]
    Path = C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\install.rdf

    Nom = <?xml version="1.0"?><RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#"><Description about="urn:mozilla:install-manifest"><em:id>{e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}</em:id>megauploadnotimeautodownloadmubu<em:version>1.0Final</em:version><em:D escription>Don't waste your time to wait before download MU link</em:D escription><em:creator>Avindra+Descriptor+Goolcharan+#avg+LESENUS</em:creator><em:contributor>Greasemonkey Compiler by Anthony Lieuallen;</em:contributor><em:contributor>http://arantius.com/&lt;/em:contributor><em:homepageURL></em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><em:minVersion>2.0</em:minVersion><em:maxVersion>3.0.*</em:maxVersion></Description></em:targetApplication></Description></RDF> [11/30/1979 00:00 842]
    Path = C:\DOCUME~1\Ali\APPLIC~1\Mozilla\Firefox\profiles\32dyct9v.default\extensions\{e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}\install.rdf

    Nom = Java Console [03/15/2009 13:49 671]
    Path = C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\install.rdf

    [.....Plugins.....]

    C:\Program Files\Mozilla Firefox\Plugins\npganymedenet.dll [12/16/2008 16:48 120296]
    C:\Program Files\Mozilla Firefox\Plugins\npitunes.dll [08/15/2007 20:15 69632]
    C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll [06/30/2007 16:21 24576]
    C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll [06/30/2007 16:21 81920]
    C:\Program Files\Mozilla Firefox\Plugins\npyaxmpb.dll [03/10/2007 01:16 189496]
    C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll [09/26/2006 12:03 98304]

    [.....Plugins Registre.....]

    [HKLM\software\mozillaplugins\@microsoft.com/OfficeLive,version=1.3]
    "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [11/13/2008 09:33 65896]
    "Vendor"=Microsoft
    "Description"=Office Live Update v1.3

    [HKLM\software\mozillaplugins\@movenetworks.com/Quantum Media Player]

    [HKLM\software\mozillaplugins\@real.com/nppl3260;version=6.0.11.2768]
    "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [06/30/2007 16:21 144984]
    "Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
    "Vendor"=RealNetworks

    [HKLM\software\mozillaplugins\@real.com/nprjplug;version=1.0.2.2826]
    "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [06/30/2007 16:21 24576]
    "Description"=RealJukebox Netscape Plugin
    "Vendor"=RealNetworks

    [HKLM\software\mozillaplugins\@real.com/nprpjplug;version=6.0.12.1578]
    "Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [06/30/2007 16:21 81920]
    "Description"=6.0.12.1578
    "Vendor"=RealNetworks

    [HKLM\software\mozillaplugins\@veetle.com/veetlePlugin,version=0.9.9]
    "Description"=Veetle TV Core
    "Path"=C:\Program Files\Veetle\plugins\npVeetle.dll [10/16/2008 22:26 573440]
    "Vendor"=Veetle, Inc

    [HKLM\software\mozillaplugins\@videolan.org/vlc;version=0.9.9]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files\Veetle\VLC\npvlc.dll [10/16/2008 22:37 123392]
    "Vendor"=VideoLAN

    [HKLM\software\mozillaplugins\@zylom.com/ZylomGamesPlayer]
    "Path"=C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [09/26/2006 12:03 98304]
    "Vendor"=zylom
    "Description"=Zylom Games Player 1.00

    [HKCU\software\mozillaplugins\@movenetworks.com/Quantum Media Player]


    [.....Extensions Registre.....]

    [HKEY_LOCAL_MACHINE\software\mozilla\firefox\Extensions]
    "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

    [HKEY_LOCAL_MACHINE\software\mozilla\mozilla firefox 3.0.7\extensions]
    "Components"=C:\Program Files\Mozilla Firefox\components
    "Plugins"=C:\Program Files\Mozilla Firefox\plugins

    ==>Trouvé dans extensions.ini :
    Extension9=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    [.....Fichiers/dossiers suspects.....]
    (Suspect ne veut pas dire néfaste !!! )

    C:\Documents and Settings\Ali\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050} [10/15/2006 18:29 0]
    C:\Documents and Settings\Ali\Local Settings\Application Data\{C98C229E-62B4-4551-B6D4-521A7B2D16EC} [06/19/2008 12:16 0]
    C:\Documents and Settings\Ali\Local Settings\Application Data\{D44E6FA3-EFAC-4D55-9B31-03C5018FDC32} [03/23/2008 19:29 0]
    C:\Documents and Settings\Ali\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [12/01/2008 20:24 229376]
    C:\Documents and Settings\Ali\Local Settings\Application Data\ewcuksi.dat [03/28/2009 17:54 2888]
    C:\Documents and Settings\Ali\Local Settings\Application Data\ewcuksi.exe [03/27/2009 13:44 240128]
    C:\Documents and Settings\Ali\Local Settings\Application Data\ewcuksi_nav.dat [03/18/2009 12:33 338966]
    C:\Documents and Settings\Ali\Local Settings\Application Data\ewcuksi_navps.dat [03/28/2009 17:55 3506]
    C:\Documents and Settings\Ali\Local Settings\Application Data\fusioncache.dat [10/29/2006 14:45 126]
    C:\Documents and Settings\Ali\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [02/13/2009 01:00 102728]
    C:\Documents and Settings\Ali\Local Settings\Application Data\vlmcrb.dat [02/14/2009 15:55 3008]
    C:\Documents and Settings\Ali\Local Settings\Application Data\vlmcrb_nav.dat [01/31/2009 16:40 335064]
    C:\Documents and Settings\Ali\Local Settings\Application Data\vlmcrb_navps.dat [02/14/2009 15:55 1945]
    C:\WINDOWS\system32\config\systemprofile\local settings\application data\IconCache.db [01/23/2005 12:38 1692306]


    ====== Fichier Host ======

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
    "DataBasePath"=C:\WINDOWS\System32\drivers\etc [03/15/2009 14:17 0]

    ---Contenu du fichier host (10 lignes max)---
    127.0.0.1 babe.the-killer.bz
    127.0.0.1 www.babe.the-killer.bz
    127.0.0.1 babe.k-lined.com
    127.0.0.1 www.babe.k-lined.com
    127.0.0.1 did.i-used.cc
    127.0.0.1 www.did.i-used.cc
    127.0.0.1 coolwwwsearch.com
    127.0.0.1 www.coolwwwsearch.com
    127.0.0.1 coolwebsearch.com

    ====== Liste de programmes ======

    Adobe Acrobat 4.0
    Adobe Flash Player Plugin
    Adobe Photoshop CS2
    Adobe Shockwave Player
    Microsoft Age of Empires II
    Microsoft Age of Empires II : The Conquerors Expansion
    AviSynth 2.5
    BitComet 0.75
    Football Manager 2007
    CopyTrans Suite (désinstaller uniquement)
    dBpowerAMP WMA V9.1 Codec
    DivX Player
    eMule
    eMule Plus 1.2d
    EPSON
    28 Mars 2009 18:02:33

    Et sa c un rapport de anti malware :


    Malwarebytes' Anti-Malware 1.35
    Version de la base de données: 1910
    Windows 5.1.2600 Service Pack 3

    3/28/2009 17:48:50
    mbam-log-2009-03-28 (17-48-41).txt

    Type de recherche: Examen complet (C:\|D:\|J:\|)
    Eléments examinés: 360182
    Temps écoulé: 2 hour(s), 52 minute(s), 37 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\mnjisz_navps.dat (Adware.NaviPromo) -> No action taken.
    C:\WINDOWS\system32\mnjisz_nav.dat (Adware.NaviPromo) -> No action taken.
    28 Mars 2009 18:07:18

    Re,

    Peux-tu me dire combien de temps a mis le scan avec EDT ? Et tu as bien lancé l'option comme demandé ?


    Télécharge Navilog (de Il-Mafioso)

    Enregistre-le sur ton Bureau.
    Installe-le en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Une fois l'installation terminée, fais un clic droit sur le raccourci navilog1 puis choisis "Exécuter en tant qu'administrateur". ( Pour Vista)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2,3 et 4 sans notre accord !
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

    Le rapport se trouve ici :C:\fixnavi.txt

    ;) 
    28 Mars 2009 18:13:05

    Merci de prendre le temps pour mon probleme :) 

    Alors le Scan a mis une dizaine de minute , j'ai fais comme dit et il y'a eu quelque message d'erreur genre il n'ya pas de lecteur sur le disque enfin j'ai pas trop fais gaffe mais j'ai mis annulé , et oui j'ai fais comme demandé :) 

    La je vais utilisé ce qui tu viens de me demandé et je reposterais
    28 Mars 2009 18:16:40

    Re,

    Oki. merci pour les infos.

    J'aurais besoin de vérifier quelque chose : peux-tu te rendre dans un dossier nommé "EDT$", à la racine de ton disque dur. Ensuite ouvre le dossiers "logs" et cherche un fichier nommé FichiersDossiers.txt Si tu le trouves poste-le moi stp.


    ;) 
    28 Mars 2009 18:21:40

    Alors j'ai cherché il n'y en a pas , mais en similaire il existe les fichié FichiersDossiers01.txt , FichiersDossiers02.txt , FichiersDossiers1.txt , FichiersDossiers2.txt et FichiersDossiersmodif.txt

    C'est grave ?
    28 Mars 2009 18:25:20

    Non ce n'est grave, j'aimerais juste comprendre pourquoi l'outil n'a pas affiché le rapport concernant les fichiers/dossiers.

    Peux-tu me poster les rapports FichiersDossiers1.txt et FichiersDossiers2.txt ?

    Merci ;) 
    28 Mars 2009 18:28:34

    Je me suis trompé il n'exitse pas de 1 mais il y'a un 01 , et il existe aussi 2 , 02 et 002 .

    Le contenu de 01 est vide , celui de 2 contient : 02/03/2009 17:45 d-------- 0 octets C:\DOCUME~1\Alix\LOCALS~1\APPLIC~1\ApplicationHistory

    le 02 et le 002 contienne le meme message
    28 Mars 2009 18:30:11

    Le rapport :



    Search Navipromo version 3.7.6 commencé le sam. 03/28/2009 à 18:13:20.25

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Ali ( Administrator )
    BOOT : Normal boot

    Antivirus : ESET Smart Security 3.0 3.0 (Activated)
    Firewall : Pare-feu personnel d'ESET 3.0.669.0 (Activated)

    C:\ (Local Disk) - NTFS - Total:144 Go (Free:16 Go)
    D:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go)
    E:\ (USB)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - FAT32 - Total:931 Go (Free:833 Go)


    Recherche executé en mode normal


    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Ali\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\Invité\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Ali\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\Invité\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\Ali\menud+~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    * Recherche dans "C:\Documents and Settings\Ali\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\Invité\locals~1\applic~1" *



    *** Recherche fichiers ***


    C:\WINDOWS\pack.epk trouvé !

    *** Recherche clés spécifiques dans le Registre ***
    !! Les clés trouvées ne sont pas forcément infectées !!

    HKEY_CURRENT_USER\Software\Lanconfig

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "wuwesck"="\"c:\\documents and settings\\ali\\local settings\\application data\\wuwesck.exe\" wuwesck"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ewcuksi"="\"c:\\documents and settings\\ali\\local settings\\application data\\ewcuksi.exe\" ewcuksi"


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    mnjisz.dat trouvé !
    mnjisz_nav.dat trouvé !
    mnjisz_navfx.dat trouvé !
    mnjisz_navps.dat trouvé !

    * Dans "C:\Documents and Settings\Ali\locals~1\applic~1" :

    ewcuksi.exe trouvé !
    ewcuksi.dat trouvé !
    ewcuksi_nav.dat trouvé !
    ewcuksi_navps.dat trouvé !
    vlmcrb.dat trouvé !
    vlmcrb_nav.dat trouvé !
    vlmcrb_navps.dat trouvé !

    * Dans "C:\DOCUME~1\Invité\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup trouvé !
    Certificat Electronic-Group absent !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche autres dossiers et fichiers connus :



    *** Analyse terminée le sam. 03/28/2009 à 18:24:21.01 ***


    Encore fois merci :) 
    28 Mars 2009 18:32:44

    Re,

    Bon curieux, va falloir que je revois cette partie du programme :D  merci d'avoir regardé.

    On continue : tu m'étonnes que tu aies plein de pubs :lol:  On va virer tout ça.

    1) Double clique sur le raccourci de navilog1.
    Option 2 puis valide. (entrée)
    Laisse toi guider.
    Ton ordinateur va redémarrer, sinon fais le manuellement.

    Ton bureau va disparaître.

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    Montorgueil ; VIP

    ~~> Supprime-les si présents ! (pas les autres) <~~

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.

    +++++++++++

    Les programmes suivants installent cette infection :

    * Favorit
    * Go-astro
    * GoRecord
    * HotTVPlayer
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * sudoplanet
    * Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
    * Sur le site www.games-desktop.com (Ne pas aller dessus!)

    ;) 

    2) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

    N.B : Je re en milieu de soirée.

    ;) 
    28 Mars 2009 19:06:00

    Alors voila le tout lol :

    cleanavi :
    Clean Navipromo version 3.7.6 commencé le sam. 03/28/2009 à 18:35:30.39

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Ali ( Administrator )
    BOOT : Normal boot

    Antivirus : ESET Smart Security 3.0 3.0 (Activated)
    Firewall : Pare-feu personnel d'ESET 3.0.669.0 (Activated)

    C:\ (Local Disk) - NTFS - Total:144 Go (Free:16 Go)
    D:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go)
    E:\ (USB)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - FAT32 - Total:931 Go (Free:833 Go)


    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    * Suppression dans "C:\Documents and Settings\Ali\locals~1\applic~1" *


    * Suppression dans "C:\DOCUME~1\Invité\locals~1\applic~1" *


    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudÉ~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Ali\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\Invité\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Ali\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\Invité\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\Ali\menud+~1\progra~1" ***



    *** Suppression fichiers ***

    C:\WINDOWS\pack.epk supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Ali\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    mnjisz.dat trouvé !
    Copie mnjisz.dat réalisée avec succès !
    mnjisz.dat supprimé !

    mnjisz_nav.dat trouvé !
    Copie mnjisz_nav.dat réalisée avec succès !
    mnjisz_nav.dat supprimé !

    mnjisz_navfx.dat trouvé !
    Copie mnjisz_navfx.dat réalisée avec succès !
    mnjisz_navfx.dat supprimé !

    mnjisz_navps.dat trouvé !
    Copie mnjisz_navps.dat réalisée avec succès !
    mnjisz_navps.dat supprimé !


    * Dans "C:\Documents and Settings\Ali\locals~1\applic~1" *


    ewcuksi.exe trouvé !
    Copie ewcuksi.exe réalisée avec succès !
    ewcuksi.exe supprimé !

    ewcuksi.dat trouvé !
    Copie ewcuksi.dat réalisée avec succès !
    ewcuksi.dat supprimé !

    ewcuksi_nav.dat trouvé !
    Copie ewcuksi_nav.dat réalisée avec succès !
    ewcuksi_nav.dat supprimé !

    ewcuksi_navps.dat trouvé !
    Copie ewcuksi_navps.dat réalisée avec succès !
    ewcuksi_navps.dat supprimé !

    vlmcrb.dat trouvé !
    Copie vlmcrb.dat réalisée avec succès !
    vlmcrb.dat supprimé !

    vlmcrb_nav.dat trouvé !
    Copie vlmcrb_nav.dat réalisée avec succès !
    vlmcrb_nav.dat supprimé !

    vlmcrb_navps.dat trouvé !
    Copie vlmcrb_navps.dat réalisée avec succès !
    vlmcrb_navps.dat supprimé !


    * Dans "C:\DOCUME~1\Invité\locals~1\applic~1" *






    Il n'y a rien dans certificat approuvé



    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup supprimé !
    Certificat Electronic-Group absent !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Recherche autres dossiers et fichiers connus ***



    *** Nettoyage terminé le sam. 03/28/2009 à 18:43:58.75 ***

    28 Mars 2009 19:06:30

    RAPPORT HJT :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:04:19, on 3/28/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\runservice.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\oodtray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\program files\valve\steam\steam.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    C:\Program Files\Memeo\AutoSync\MemeoAutoSync.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Ali/Bureau/Streamy/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
    O4 - HKLM\..\Run: [Memeo AutoBackup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent
    O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S5BC.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [wuwesck] "c:\documents and settings\ali\local settings\application data\wuwesck.exe" wuwesck
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
    O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user')
    O4 - .DEFAULT Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Ali\Application Data\Dealio\kb127\res\DealioSearch.html
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Ali\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Ali\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: bw+0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

    --
    End of file - 29859 bytes
    28 Mars 2009 19:08:08

    Le rapport toolbar :



    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Ali ( Administrator )
    BOOT : Normal boot
    Antivirus : ESET Smart Security 3.0 3.0 (Activated)
    Firewall : Pare-feu personnel d'ESET 3.0.669.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:144 Go (Free:16 Go)
    D:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go)
    E:\ (USB)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( sam. 03/28/2009|18:59 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\Ali\APPLIC~1\Dealio
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\dinstallhelper.412563E0A1A843BD9112E82FADBA6653.dll
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\alerts.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\alerts_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\chevron-small.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\DealioSearch.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\deal_report.jpg
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\err_toolbar.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\global_scripts.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\highlight-bg.png
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\logo.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\logo_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\man_toolbar.css
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\man_toolbar.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\man_toolbar.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\scripts.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\scroller.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\search-chevron.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\separator.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\settings.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\settings_over.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\res\yahoo-search.png
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\bottom.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\chevron_down.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\chevron_up.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\close.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\deskbar.css
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\deskbar.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\dispatch_helper.js
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\ebay_compatible.jpg
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\logo.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\logo_chevron_bkg.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\losing.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\lost.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\man_deskbar.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\menu_arrow.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\menu_check.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\no_image.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\prod_img.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\search_chevron.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\spacer.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\textfield_bkg.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\top.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\unknown.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\winning.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\resDN\won.gif
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\index.76.35
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\dealio-14323.log
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\dealio-14324.log
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\dealio-14325.log
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\dealio-14326.log
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\dod_cache.xml
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1640_2588_5.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3556_3504_1.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3556_3504_4.html
    C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_3880_12.html
    C:\Program Files\Dealio
    C:\Program Files\Dealio\DealioAU.exe
    C:\Program Files\Dealio\kb127
    C:\Program Files\Dealio\SearchSettingsKit.exe
    C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
    C:\Program Files\Dealio\kb127\Dealio.dll
    C:\Program Files\Dealio\kb127\DealioRes409.dll
    C:\Program Files\Dealio\kb127\res
    C:\Program Files\Dealio\kb127\resDN
    C:\Program Files\Dealio\kb127\rules
    C:\Program Files\Dealio\kb127\temp
    C:\Program Files\Dealio\kb127\res\alerts.gif
    C:\Program Files\Dealio\kb127\res\alerts_over.gif
    C:\Program Files\Dealio\kb127\res\alerts_rec.gif
    C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
    C:\Program Files\Dealio\kb127\res\chevron-small.gif
    C:\Program Files\Dealio\kb127\res\DealioSearch.html
    C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
    C:\Program Files\Dealio\kb127\res\deal_report.jpg
    C:\Program Files\Dealio\kb127\res\ebay_login.jpg
    C:\Program Files\Dealio\kb127\res\err_mainwindow.html
    C:\Program Files\Dealio\kb127\res\err_toolbar.html
    C:\Program Files\Dealio\kb127\res\global_scripts.js
    C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
    C:\Program Files\Dealio\kb127\res\highlight-bg.png
    C:\Program Files\Dealio\kb127\res\logo.gif
    C:\Program Files\Dealio\kb127\res\logo_over.gif
    C:\Program Files\Dealio\kb127\res\man_toolbar.css
    C:\Program Files\Dealio\kb127\res\man_toolbar.html
    C:\Program Files\Dealio\kb127\res\man_toolbar.js
    C:\Program Files\Dealio\kb127\res\man_toolbarl.js
    C:\Program Files\Dealio\kb127\res\post-this-deal.gif
    C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
    C:\Program Files\Dealio\kb127\res\scripts.js
    C:\Program Files\Dealio\kb127\res\scroller.js
    C:\Program Files\Dealio\kb127\res\search-chevron.gif
    C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
    C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
    C:\Program Files\Dealio\kb127\res\separator.gif
    C:\Program Files\Dealio\kb127\res\settings.gif
    C:\Program Files\Dealio\kb127\res\settings_over.gif
    C:\Program Files\Dealio\kb127\res\yahoo-search.png
    C:\Program Files\Dealio\kb127\resDN\bottom.gif
    C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
    C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
    C:\Program Files\Dealio\kb127\resDN\close.gif
    C:\Program Files\Dealio\kb127\resDN\deskbar.css
    C:\Program Files\Dealio\kb127\resDN\deskbar.js
    C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
    C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
    C:\Program Files\Dealio\kb127\resDN\logo.gif
    C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
    C:\Program Files\Dealio\kb127\resDN\losing.gif
    C:\Program Files\Dealio\kb127\resDN\lost.gif
    C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
    C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
    C:\Program Files\Dealio\kb127\resDN\menu_check.gif
    C:\Program Files\Dealio\kb127\resDN\no_image.gif
    C:\Program Files\Dealio\kb127\resDN\prod_img.gif
    C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
    C:\Program Files\Dealio\kb127\resDN\spacer.gif
    C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
    C:\Program Files\Dealio\kb127\resDN\top.gif
    C:\Program Files\Dealio\kb127\resDN\unknown.gif
    C:\Program Files\Dealio\kb127\resDN\winning.gif
    C:\Program Files\Dealio\kb127\resDN\won.gif
    C:\Program Files\Dealio\kb127\rules\index.76.35
    C:\Program Files\Dealio\kb127\rules\rules.1.10.76
    C:\Program Files\Dealio\kb127\rules\rules.1.109.43
    C:\Program Files\Dealio\kb127\rules\rules.1.110.43
    C:\Program Files\Dealio\kb127\rules\rules.1.12.52
    C:\Program Files\Dealio\kb127\rules\rules.1.13.58
    C:\Program Files\Dealio\kb127\rules\rules.1.130.58
    C:\Program Files\Dealio\kb127\rules\rules.1.135.50
    C:\Program Files\Dealio\kb127\rules\rules.1.153.44
    C:\Program Files\Dealio\kb127\rules\rules.1.155.43
    C:\Program Files\Dealio\kb127\rules\rules.1.156.49
    C:\Program Files\Dealio\kb127\rules\rules.1.16.60
    C:\Program Files\Dealio\kb127\rules\rules.1.161.52
    C:\Program Files\Dealio\kb127\rules\rules.1.178.66
    C:\Program Files\Dealio\kb127\rules\rules.1.184.55
    C:\Program Files\Dealio\kb127\rules\rules.1.188.52
    C:\Program Files\Dealio\kb127\rules\rules.1.189.45
    C:\Program Files\Dealio\kb127\rules\rules.1.196.43
    C:\Program Files\Dealio\kb127\rules\rules.1.198.56
    C:\Program Files\Dealio\kb127\rules\rules.1.199.43
    C:\Program Files\Dealio\kb127\rules\rules.1.200.53
    C:\Program Files\Dealio\kb127\rules\rules.1.201.43
    C:\Program Files\Dealio\kb127\rules\rules.1.202.43
    C:\Program Files\Dealio\kb127\rules\rules.1.203.71
    C:\Program Files\Dealio\kb127\rules\rules.1.205.62
    C:\Program Files\Dealio\kb127\rules\rules.1.213.71
    C:\Program Files\Dealio\kb127\rules\rules.1.214.49
    C:\Program Files\Dealio\kb127\rules\rules.1.215.43
    C:\Program Files\Dealio\kb127\rules\rules.1.216.67
    C:\Program Files\Dealio\kb127\rules\rules.1.217.67
    C:\Program Files\Dealio\kb127\rules\rules.1.218.52
    C:\Program Files\Dealio\kb127\rules\rules.1.219.43
    C:\Program Files\Dealio\kb127\rules\rules.1.220.43
    C:\Program Files\Dealio\kb127\rules\rules.1.221.57
    C:\Program Files\Dealio\kb127\rules\rules.1.222.43
    C:\Program Files\Dealio\kb127\rules\rules.1.223.68
    C:\Program Files\Dealio\kb127\rules\rules.1.226.68
    C:\Program Files\Dealio\kb127\rules\rules.1.227.43
    C:\Program Files\Dealio\kb127\rules\rules.1.228.62
    C:\Program Files\Dealio\kb127\rules\rules.1.229.76
    C:\Program Files\Dealio\kb127\rules\rules.1.23.63
    C:\Program Files\Dealio\kb127\rules\rules.1.239.43
    C:\Program Files\Dealio\kb127\rules\rules.1.24.43
    C:\Program Files\Dealio\kb127\rules\rules.1.240.43
    C:\Program Files\Dealio\kb127\rules\rules.1.241.43
    C:\Program Files\Dealio\kb127\rules\rules.1.242.43
    C:\Program Files\Dealio\kb127\rules\rules.1.243.43
    C:\Program Files\Dealio\kb127\rules\rules.1.244.63
    C:\Program Files\Dealio\kb127\rules\rules.1.245.43
    C:\Program Files\Dealio\kb127\rules\rules.1.247.43
    C:\Program Files\Dealio\kb127\rules\rules.1.248.43
    C:\Program Files\Dealio\kb127\rules\rules.1.249.43
    C:\Program Files\Dealio\kb127\rules\rules.1.250.43
    C:\Program Files\Dealio\kb127\rules\rules.1.251.43
    C:\Program Files\Dealio\kb127\rules\rules.1.252.43
    C:\Program Files\Dealio\kb127\rules\rules.1.253.43
    C:\Program Files\Dealio\kb127\rules\rules.1.254.43
    C:\Program Files\Dealio\kb127\rules\rules.1.255.43
    C:\Program Files\Dealio\kb127\rules\rules.1.256.43
    C:\Program Files\Dealio\kb127\rules\rules.1.257.43
    C:\Program Files\Dealio\kb127\rules\rules.1.279.43
    C:\Program Files\Dealio\kb127\rules\rules.1.28.58
    C:\Program Files\Dealio\kb127\rules\rules.1.282.75
    C:\Program Files\Dealio\kb127\rules\rules.1.283.43
    C:\Program Files\Dealio\kb127\rules\rules.1.284.43
    C:\Program Files\Dealio\kb127\rules\rules.1.289.67
    C:\Program Files\Dealio\kb127\rules\rules.1.290.62
    C:\Program Files\Dealio\kb127\rules\rules.1.291.61
    C:\Program Files\Dealio\kb127\rules\rules.1.296.43
    C:\Program Files\Dealio\kb127\rules\rules.1.297.43
    C:\Program Files\Dealio\kb127\rules\rules.1.304.43
    C:\Program Files\Dealio\kb127\rules\rules.1.307.43
    C:\Program Files\Dealio\kb127\rules\rules.1.308.75
    C:\Program Files\Dealio\kb127\rules\rules.1.31.47
    C:\Program Files\Dealio\kb127\rules\rules.1.310.46
    C:\Program Files\Dealio\kb127\rules\rules.1.311.43
    C:\Program Files\Dealio\kb127\rules\rules.1.315.43
    C:\Program Files\Dealio\kb127\rules\rules.1.316.43
    C:\Program Files\Dealio\kb127\rules\rules.1.317.43
    C:\Program Files\Dealio\kb127\rules\rules.1.318.43
    C:\Program Files\Dealio\kb127\rules\rules.1.319.49
    C:\Program Files\Dealio\kb127\rules\rules.1.32.48
    C:\Program Files\Dealio\kb127\rules\rules.1.334.44
    C:\Program Files\Dealio\kb127\rules\rules.1.335.60
    C:\Program Files\Dealio\kb127\rules\rules.1.336.44
    C:\Program Files\Dealio\kb127\rules\rules.1.337.44
    C:\Program Files\Dealio\kb127\rules\rules.1.338.75
    C:\Program Files\Dealio\kb127\rules\rules.1.339.47
    C:\Program Files\Dealio\kb127\rules\rules.1.34.43
    C:\Program Files\Dealio\kb127\rules\rules.1.340.47
    C:\Program Files\Dealio\kb127\rules\rules.1.341.47
    C:\Program Files\Dealio\kb127\rules\rules.1.349.50
    C:\Program Files\Dealio\kb127\rules\rules.1.35.48
    C:\Program Files\Dealio\kb127\rules\rules.1.350.50
    C:\Program Files\Dealio\kb127\rules\rules.1.351.51
    C:\Program Files\Dealio\kb127\rules\rules.1.352.54
    C:\Program Files\Dealio\kb127\rules\rules.1.353.51
    C:\Program Files\Dealio\kb127\rules\rules.1.354.51
    C:\Program Files\Dealio\kb127\rules\rules.1.357.62
    C:\Program Files\Dealio\kb127\rules\rules.1.358.52
    C:\Program Files\Dealio\kb127\rules\rules.1.359.52
    C:\Program Files\Dealio\kb127\rules\rules.1.360.53
    C:\Program Files\Dealio\kb127\rules\rules.1.361.54
    C:\Program Files\Dealio\kb127\rules\rules.1.362.68
    C:\Program Files\Dealio\kb127\rules\rules.1.363.58
    C:\Program Files\Dealio\kb127\rules\rules.1.364.54
    C:\Program Files\Dealio\kb127\rules\rules.1.365.53
    C:\Program Files\Dealio\kb127\rules\rules.1.367.56
    C:\Program Files\Dealio\kb127\rules\rules.1.368.58
    C:\Program Files\Dealio\kb127\rules\rules.1.369.55
    C:\Program Files\Dealio\kb127\rules\rules.1.370.56
    C:\Program Files\Dealio\kb127\rules\rules.1.371.56
    C:\Program Files\Dealio\kb127\rules\rules.1.372.57
    C:\Program Files\Dealio\kb127\rules\rules.1.373.55
    C:\Program Files\Dealio\kb127\rules\rules.1.375.56
    C:\Program Files\Dealio\kb127\rules\rules.1.376.57
    C:\Program Files\Dealio\kb127\rules\rules.1.377.55
    C:\Program Files\Dealio\kb127\rules\rules.1.378.65
    C:\Program Files\Dealio\kb127\rules\rules.1.384.58
    C:\Program Files\Dealio\kb127\rules\rules.1.386.71
    C:\Program Files\Dealio\kb127\rules\rules.1.387.59
    C:\Program Files\Dealio\kb127\rules\rules.1.388.59
    C:\Program Files\Dealio\kb127\rules\rules.1.389.59
    C:\Program Files\Dealio\kb127\rules\rules.1.390.60
    C:\Program Files\Dealio\kb127\rules\rules.1.391.60
    C:\Program Files\Dealio\kb127\rules\rules.1.392.60
    C:\Program Files\Dealio\kb127\rules\rules.1.393.60
    C:\Program Files\Dealio\kb127\rules\rules.1.394.60
    C:\Program Files\Dealio\kb127\rules\rules.1.396.61
    C:\Program Files\Dealio\kb127\rules\rules.1.397.61
    C:\Program Files\Dealio\kb127\rules\rules.1.398.60
    C:\Program Files\Dealio\kb127\rules\rules.1.399.60
    C:\Program Files\Dealio\kb127\rules\rules.1.403.61
    C:\Program Files\Dealio\kb127\rules\rules.1.404.63
    C:\Program Files\Dealio\kb127\rules\rules.1.405.61
    C:\Program Files\Dealio\kb127\rules\rules.1.406.61
    C:\Program Files\Dealio\kb127\rules\rules.1.407.76
    C:\Program Files\Dealio\kb127\rules\rules.1.408.63
    C:\Program Files\Dealio\kb127\rules\rules.1.409.61
    C:\Program Files\Dealio\kb127\rules\rules.1.412.62
    C:\Program Files\Dealio\kb127\rules\rules.1.413.62
    C:\Program Files\Dealio\kb127\rules\rules.1.414.62
    C:\Program Files\Dealio\kb127\rules\rules.1.415.62
    C:\Program Files\Dealio\kb127\rules\rules.1.416.62
    C:\Program Files\Dealio\kb127\rules\rules.1.417.62
    C:\Program Files\Dealio\kb127\rules\rules.1.418.62
    C:\Program Files\Dealio\kb127\rules\rules.1.419.62
    C:\Program Files\Dealio\kb127\rules\rules.1.420.62
    C:\Program Files\Dealio\kb127\rules\rules.1.421.62
    C:\Program Files\Dealio\kb127\rules\rules.1.423.63
    C:\Program Files\Dealio\kb127\rules\rules.1.424.63
    C:\Program Files\Dealio\kb127\rules\rules.1.425.63
    C:\Program Files\Dealio\kb127\rules\rules.1.426.63
    C:\Program Files\Dealio\kb127\rules\rules.1.427.63
    C:\Program Files\Dealio\kb127\rules\rules.1.428.65
    C:\Program Files\Dealio\kb127\rules\rules.1.429.63
    C:\Program Files\Dealio\kb127\rules\rules.1.430.63
    C:\Program Files\Dealio\kb127\rules\rules.1.432.65
    C:\Program Files\Dealio\kb127\rules\rules.1.433.64
    C:\Program Files\Dealio\kb127\rules\rules.1.434.65
    C:\Program Files\Dealio\kb127\rules\rules.1.435.64
    C:\Program Files\Dealio\kb127\rules\rules.1.436.76
    C:\Program Files\Dealio\kb127\rules\rules.1.437.64
    C:\Program Files\Dealio\kb127\rules\rules.1.438.71
    C:\Program Files\Dealio\kb127\rules\rules.1.439.71
    C:\Program Files\Dealio\kb127\rules\rules.1.440.75
    C:\Program Files\Dealio\kb127\rules\rules.1.442.73
    C:\Program Files\Dealio\kb127\rules\rules.1.443.73
    C:\Program Files\Dealio\kb127\rules\rules.1.444.73
    C:\Program Files\Dealio\kb127\rules\rules.1.445.68
    C:\Program Files\Dealio\kb127\rules\rules.1.446.69
    C:\Program Files\Dealio\kb127\rules\rules.1.450.67
    C:\Program Files\Dealio\kb127\rules\rules.1.451.67
    C:\Program Files\Dealio\kb127\rules\rules.1.452.68
    C:\Program Files\Dealio\kb127\rules\rules.1.453.68
    C:\Program Files\Dealio\kb127\rules\rules.1.454.69
    C:\Program Files\Dealio\kb127\rules\rules.1.456.69
    C:\Program Files\Dealio\kb127\rules\rules.1.457.75
    C:\Program Files\Dealio\kb127\rules\rules.1.458.70
    C:\Program Files\Dealio\kb127\rules\rules.1.459.70
    C:\Program Files\Dealio\kb127\rules\rules.1.460.69
    C:\Program Files\Dealio\kb127\rules\rules.1.462.74
    C:\Program Files\Dealio\kb127\rules\rules.1.463.69
    C:\Program Files\Dealio\kb127\rules\rules.1.464.70
    C:\Program Files\Dealio\kb127\rules\rules.1.465.68
    C:\Program Files\Dealio\kb127\rules\rules.1.468.70
    C:\Program Files\Dealio\kb127\rules\rules.1.469.70
    C:\Program Files\Dealio\kb127\rules\rules.1.470.70
    C:\Program Files\Dealio\kb127\rules\rules.1.471.73
    C:\Program Files\Dealio\kb127\rules\rules.1.472.70
    C:\Program Files\Dealio\kb127\rules\rules.1.478.74
    C:\Program Files\Dealio\kb127\rules\rules.1.479.73
    C:\Program Files\Dealio\kb127\rules\rules.1.480.68
    C:\Program Files\Dealio\kb127\rules\rules.1.481.71
    C:\Program Files\Dealio\kb127\rules\rules.1.482.74
    C:\Program Files\Dealio\kb127\rules\rules.1.49.67
    C:\Program Files\Dealio\kb127\rules\rules.1.50.43
    C:\Program Files\Dealio\kb127\rules\rules.1.500.71
    C:\Program Files\Dealio\kb127\rules\rules.1.501.74
    C:\Program Files\Dealio\kb127\rules\rules.1.502.71
    C:\Program Files\Dealio\kb127\rules\rules.1.51.69
    C:\Program Files\Dealio\kb127\rules\rules.1.52.72
    C:\Program Files\Dealio\kb127\rules\rules.1.520.76
    C:\Program Files\Dealio\kb127\rules\rules.1.521.76
    C:\Program Files\Dealio\kb127\rules\rules.1.522.76
    C:\Program Files\Dealio\kb127\rules\rules.1.53.51
    C:\Program Files\Dealio\kb127\rules\rules.1.531.76
    C:\Program Files\Dealio\kb127\rules\rules.1.532.75
    C:\Program Files\Dealio\kb127\rules\rules.1.534.75
    C:\Program Files\Dealio\kb127\rules\rules.1.54.47
    C:\Program Files\Dealio\kb127\rules\rules.1.55.45
    C:\Program Files\Dealio\kb127\rules\rules.1.56.69
    C:\Program Files\Dealio\kb127\rules\rules.1.57.43
    C:\Program Files\Dealio\kb127\rules\rules.1.58.47
    C:\Program Files\Dealio\kb127\rules\rules.1.593.76
    C:\Program Files\Dealio\kb127\rules\rules.1.595.76
    C:\Program Files\Dealio\kb127\rules\rules.1.63.57
    C:\Program Files\Dealio\kb127\rules\rules.1.66.47
    C:\Program Files\Dealio\kb127\rules\rules.1.70.75
    C:\Program Files\Dealio\kb127\rules\rules.1.71.43
    C:\WINDOWS\Prefetch\DEALIOAU.EXE-17E14027.pf
    C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
    C:\Program Files\Search Settings
    C:\Program Files\Search Settings\kb127
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\Search Settings\kb127\res
    C:\Program Files\Search Settings\kb127\SearchSettings.dll
    C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
    C:\Program Files\Search Settings\kb127\temp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\---Yahoo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\01net.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_dark.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_green.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_white.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\a.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\amazon.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\an.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrowB.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrowT.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_down.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_red.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_red2.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_up.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\autofill.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\avstate.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\b.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\background2.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bgmeteo_results.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bg_pub.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bg_ttl.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom_left.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom_right.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_close.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_minus.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_moreforecast.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\c.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\canalblog.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\cn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\d.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dictionary2.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dropdown.css
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ErrorLog.txt
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\f.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_argentine.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_australia.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_brazil.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_canada.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_china.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_france.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_germany.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_greece.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_hongkong.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_india.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_indonesia.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_italy.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_japan.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_korea.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_mexico.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_netherlands.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_spain.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_sweeden.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_taiwan.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_uk.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_usa.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\fn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\g.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gaming.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gograph.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred0.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred0_5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred1.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred1_5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred2.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred2_5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred3.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred3_5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred4.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred4_5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\help.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\hideremove.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\highlight.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\hn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_aquarius.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_aries.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_cancer.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_capricorn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_gemini.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_leo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_libra.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_pisces.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_scorpio.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_taurus.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_virgo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\i.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7b.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7c.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7d.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\in.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ipsearch.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\j.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\jn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\k.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\kn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\l.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\left.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ln.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\loading.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\login.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\logo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\n.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt11934734
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt25338859
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt32931828
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt3785828
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt4750796
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt49314359
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt8547234
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt98092046
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\new02.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\NewCfg
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\news.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\news.html
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\nn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\o.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\on.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pestscanimg.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pixsy.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_off.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_on.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_ona.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p_yahoo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\q.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\qn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\r.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\relatedlinks.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\report.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\right.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss.xsl
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss1.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rsslib.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rssmenu1_7.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\s.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\search.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\search_fr.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\security.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt11342500
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt115614609
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt141812703
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt17915937
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195592859
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195608046
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195611265
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt20504906
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt251734
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt326500
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt34629390
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt51360375
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt97021625
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt98671781
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\siteinfo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\slider.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\spacer.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red1.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red2.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red3.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red4.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red5.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\storage.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\t.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabdata.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabdataV3.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tablib.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabwelcome_en.html
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tab_icon.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\technorati.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\thes_search.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tools.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top_left.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top_right.png
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\translate.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\u.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\un.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\utf8.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\v.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vmlib.js
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\w.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\web.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\web_fr.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\wikipedia.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\wn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\x.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\xp_close_small.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\yahoo.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\yahoo_search.gif
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\YouTube.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\z.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\zn.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\zoom.bmp
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php11934734
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php195608281
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php32931812
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php3785796
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php4750781
    C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile\searchdataV3.php49314359
    C:\DOCUME~1\Invité\APPLIC~1\VMNToolbar
    C:\Program Files\VMNToolbar
    C:\Program Files\VMNToolbar\install.ico
    C:\Program Files\VMNToolbar\tbuninstall.exe
    C:\Program Files\VMNToolbar\toolbar.ini
    C:\Program Files\VMNToolbar\uninstall.exe
    C:\Program Files\VMNToolbar\vmntoolbar.dll

    -----------\\ Extensions

    (Ali) - {26af1522-982e-c0c4-f54a-7e69fb6432f5} => getjetablemail
    (Ali) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
    (Ali) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
    (Ali) - {b1d89840-39fe-11db-a98b-0800200c9a66} => jvf
    (Ali) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
    (Ali) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
    (Ali) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome

    (Invit‚) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="about:blank"
    "Search Page"="http://www.google.com"
    "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"
    "Search Bar"="http://www.google.com/ie"
    "Default_Search_URL"="http://www.google.com/ie"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.yahoo.com"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.yahoo.com"
    "CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=6..."
    "SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=61005"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Ali\Application Data\Microsoft\Office\Recent\CRACK.LNK
    C:\DOCUME~1\Ali\Bureau\FM\Crack
    C:\DOCUME~1\Ali\Mes documents\Ma musique\113 rim k\Rim-K-Famille_Nombreuse-FR-2007-H5N1\11-rim-k-pilotes_crack_musik_feat._hamza.mp3
    C:\DOCUME~1\Ali\Mes documents\Ma musique\Alpha_5.20-Vivre_Et_Mourir_A_Dakar-FR-2006-H5N1\16-alpha_5.20-mon_crack_feat_iron_sy_and_lino.mp3
    C:\DOCUME~1\Ali\Mes documents\Mes Images\Mes fichiers re‡us\CrackHood Records - 2006 - J'Regularise feat Gizo, I.M.O, Mimo (premaster).mp3



    1 - "C:\ToolBar SD\TB_1.txt" - sam. 03/28/2009|19:01 - Option : [1]

    -----------\\ Fin du rapport a 19:01:36.26

    28 Mars 2009 19:22:28

    Re,

    1) Relance Toolbar-S&D en double-cliquant sur le raccourci.

  • Choisis cette fois l'option 2 puis valide en appuyant sur Entrée.
    ! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
  • Un rapport sera généré, poste son contenu ici, puis un nouveau rapport HijackThis.

    [#008040]Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


  • 2) Télécharge DDS de sUBs et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil. Ne double clique qu'une seule fois dessus, sois patient !
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt, garde l'autre sous la main si jamais je te le demande.

    ;) 
    28 Mars 2009 19:44:20

    RE- salut :) 

    Voila le rapport TB :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Ali ( Administrator )
    BOOT : Normal boot
    Antivirus : ESET Smart Security 3.0 3.0 (Activated)
    Firewall : Pare-feu personnel d'ESET 3.0.669.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:144 Go (Free:16 Go)
    D:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go)
    E:\ (USB)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (Local Disk) - FAT32 - Total:931 Go (Free:833 Go)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( sam. 03/28/2009|19:36 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\Dealio\dinstallhelper.412563E0A1A843BD9112E82FADBA6653.dll
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\Dealio\kb127
    Supprime! - C:\Program Files\Dealio\DealioAU.exe
    Supprime! - C:\Program Files\Dealio\kb127
    Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
    Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-17E14027.pf
    Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
    Supprime! - C:\Program Files\Search Settings\kb127
    Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\---Yahoo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\01net.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_dark.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_green.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\1px_white.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\a.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\amazon.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\an.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrowB.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrowT.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_down.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_red.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_red2.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\arrow_up.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\autofill.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\avstate.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\b.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\background2.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bgmeteo_results.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bg_pub.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bg_ttl.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom_left.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\bottom_right.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_close.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_minus.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\btn_moreforecast.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\c.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\canalblog.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\cn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\d.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dictionary2.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\downfile
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\dropdown.css
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ErrorLog.txt
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\f.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_argentine.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_australia.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_brazil.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_canada.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_china.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_france.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_germany.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_greece.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_hongkong.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_india.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_indonesia.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_italy.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_japan.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_korea.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_mexico.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_netherlands.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_spain.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_sweeden.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_taiwan.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_uk.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\flag_usa.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\fn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\g.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gaming.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\gograph.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred0.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred0_5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred1.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred1_5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred2.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred2_5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred3.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred3_5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred4.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred4_5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\graphred5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\help.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\hideremove.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\highlight.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\hn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_aquarius.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_aries.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_cancer.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_capricorn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_gemini.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_leo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_libra.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_pisces.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_scorpio.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_taurus.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\h_virgo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\i.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7b.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7c.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\IEtab1_7d.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\in.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ipsearch.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\j.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\jn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\k.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\kn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\l.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\left.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\ln.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\loading.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\login.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\logo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\n.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt11934734
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt25338859
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt32931828
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt3785828
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt4750796
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt49314359
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt8547234
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\New York_NY_weather.txt98092046
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\new02.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\NewCfg
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\news.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\news.html
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\nn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\o.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\on.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pestscanimg.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pixsy.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\pn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_off.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_on.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\popup_ona.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p_yahoo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\q.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\qn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\r.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\relatedlinks.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\report.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\right.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss.xsl
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rss1.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rsslib.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rssmenu1_7.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\s.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\search.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\search_fr.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\security.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt11342500
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt115614609
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt141812703
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt17915937
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195592859
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195608046
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt195611265
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt20504906
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt251734
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt326500
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt34629390
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt51360375
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt97021625
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sinfo.txt98671781
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\siteinfo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\slider.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\sn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\spacer.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red1.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red2.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red3.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red4.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\stars-red5.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\storage.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\t.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabdata.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabdataV3.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tablib.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabwelcome_en.html
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tab_icon.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\technorati.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\thes_search.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\tools.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top_left.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\top_right.png
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\translate.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\u.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\un.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\utf8.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\v.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vmlib.js
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\vn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\w.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\web.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\web_fr.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\wikipedia.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\wn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\x.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\xp_close_small.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\yahoo.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\yahoo_search.gif
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\YouTube.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\z.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\zn.bmp
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar\zoom.bmp
    Supprime! - C:\Program Files\VMNToolbar\install.ico
    Supprime! - C:\Program Files\VMNToolbar\tbuninstall.exe
    Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
    Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
    Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\Dealio
    Supprime! - C:\Program Files\Dealio
    Supprime! - C:\Program Files\Search Settings
    Supprime! - C:\DOCUME~1\Ali\APPLIC~1\VMNToolbar
    Supprime! - C:\DOCUME~1\Invité\APPLIC~1\VMNToolbar
    Supprime! - C:\Program Files\VMNToolbar

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Ali) - {26af1522-982e-c0c4-f54a-7e69fb6432f5} => getjetablemail
    (Ali) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
    (Ali) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
    (Ali) - {b1d89840-39fe-11db-a98b-0800200c9a66} => jvf
    (Ali) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
    (Ali) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
    (Ali) - {DDC359D1-844A-42a7-9AA1-88A850A938A8} => chrome

    (Invit‚) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="about:blank"
    "Search Page"="http://www.google.com"
    "SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"
    "Search Bar"="http://www.google.com/ie"
    "Default_Search_URL"="http://www.google.com/ie"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.yahoo.com"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.msn.com/"
    "CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=6..."
    "SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=61005"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Ali\Application Data\Microsoft\Office\Recent\CRACK.LNK
    C:\DOCUME~1\Ali\Bureau\FM\Crack
    C:\DOCUME~1\Ali\Mes documents\Ma musique\113 rim k\Rim-K-Famille_Nombreuse-FR-2007-H5N1\11-rim-k-pilotes_crack_musik_feat._hamza.mp3
    C:\DOCUME~1\Ali\Mes documents\Ma musique\Alpha_5.20-Vivre_Et_Mourir_A_Dakar-FR-2006-H5N1\16-alpha_5.20-mon_crack_feat_iron_sy_and_lino.mp3
    C:\DOCUME~1\Ali\Mes documents\Mes Images\Mes fichiers re‡us\CrackHood Records - 2006 - J'Regularise feat Gizo, I.M.O, Mimo (premaster).mp3



    1 - "C:\ToolBar SD\TB_1.txt" - sam. 03/28/2009|19:01 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - sam. 03/28/2009|19:40 - Option : [2]

    -----------\\ Fin du rapport a 19:40:08.51

    28 Mars 2009 19:44:37

    ET HJT :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:42:42, on 3/28/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\runservice.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\oodtray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\program files\valve\steam\steam.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    C:\Program Files\Memeo\AutoSync\MemeoAutoSync.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\PROGRA~1\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Ali/Bureau/Streamy/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - Default URLSearchHook is missing
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
    O4 - HKLM\..\Run: [Memeo AutoBackup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe --silent
    O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S5BC.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [wuwesck] "c:\documents and settings\ali\local settings\application data\wuwesck.exe" wuwesck
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
    O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user')
    O4 - .DEFAULT Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Ali\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Ali\Menu Démarrer\Programmes\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: bw+0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {CAEA0C1E-D10C-4D20-A1DC-55163481B87C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

    --
    End of file - 28647 bytes
    28 Mars 2009 19:48:14

    Et le rapport DDS :



    POU
    DDS (Ver_09-03-16.01) - NTFSx86
    Run by Ali at 19:45:19.43 on sam. 03/28/2009
    Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_12
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.247 [GMT 1:00]

    AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
    FW: Pare-feu personnel d'ESET *enabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\system32\svchost -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\System32\svchost.exe -k eapsvcs
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\runservice.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\oodtray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\program files\valve\steam\steam.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
    C:\Program Files\Memeo\AutoSync\MemeoAutoSync.exe
    C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\PROGRA~1\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Ali\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearch Page = hxxp://www.google.com
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uWindow Title = Windows Internet Explorer fourni par Yahoo! France
    uSearch Bar = hxxp://www.google.com/ie
    uDefault_Search_URL = hxxp://www.google.com/ie
    mDefault_Page_URL = hxxp://www.yahoo.com
    mWindow Title =
    uInternet Settings,ProxyOverride = <local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=61005
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: Winamp Toolbar BHO: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
    BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
    TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
    TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
    TB: VMN Toolbar: {4e7bd74f-2b8d-469e-8da9-fd60bb9aae33} - c:\progra~1\vmntoo~1\VMNTOO~1.DLL
    TB: {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No File
    TB: Dealio: {e67c74f4-a00a-4f2c-9fec-fd9dc004a67f} - c:\program files\dealio\kb127\Dealio.dll
    TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [SuperCopier2.exe] c:\program files\supercopier2\SuperCopier2.exe
    uRun: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [msnmsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
    uRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
    uRun: [EPSON Stylus DX8400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticee.exe /fu "c:\windows\temp\E_S5BC.tmp" /EF "HKCU"
    uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
    uRun: [STYLEXP] c:\program files\tgtsoft\stylexp\StyleXP.exe -Hide
    uRun: [wuwesck] "c:\documents and settings\ali\local settings\application data\wuwesck.exe" wuwesck
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [TkBellExe] "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    mRun: [ISUSScheduler] "c:\program files\fichiers communs\installshield\updateservice\issch.exe" -start
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [LogitechCommunicationsManager] "c:\program files\fichiers communs\logishrd\lcommgr\Communications_Helper.exe"
    mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
    mRun: [OODefragTray] c:\windows\system32\oodtray.exe
    mRun: [Memeo AutoBackup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent
    mRun: [Memeo AutoSync] c:\program files\memeo\autosync\MemeoLauncher2.exe --silent
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\ali\menudé~1\progra~1\démarr~1\adobeg~1.lnk - c:\program files\fichiers communs\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\docume~1\ali\menudé~1\progra~1\démarr~1\outild~1.lnk - c:\documents and settings\ali\application data\microsoft\live search\Notification-LiveSearch.exe
    StartupFolder: c:\docume~1\ali\menudé~1\progra~1\démarr~1\printk~1.lnk - c:\program files\printkey 2000 fr\Printkey 2000 Fr.exe
    StartupFolder: c:\docume~1\alluse~1\menudé~1\progra~1\démarr~1\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
    IE: Download all links using BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
    IE: Download link using &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
    IE: Tout télécharger avec Free Download Manager - file://c:\program files\free download manager\dlall.htm
    IE: Télécharger avec Free Download Manager - file://c:\program files\free download manager\dllink.htm
    IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\free download manager\dlselected.htm
    IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} - hxxp://musicmix.messenger.msn.com/Medialogic.CAB
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\ali\applic~1\mozilla\firefox\profiles\32dyct9v.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    FF - prefs.js: browser.startup.homepage - hxxp://www.accueilinternet.com/mapage.php
    FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
    FF - prefs.js: network.proxy.type - 2
    FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
    FF - plugin: c:\documents and settings\ali\application data\mozilla\firefox\profiles\32dyct9v.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
    FF - plugin: c:\documents and settings\ali\application data\mozilla\firefox\profiles\32dyct9v.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07076007.dll
    FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\np32dsw.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeploytk.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdivx32.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npganymedenet.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npitunes.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPOFF12.DLL
    FF - plugin: c:\program files\mozilla firefox\plugins\nppdf32.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\nppl3260.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin2.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin3.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin4.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin5.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin6.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin7.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\nprjplug.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\nprpjplug.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
    FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files\veetle\vlc\npvlc.dll

    ============= SERVICES / DRIVERS ===============

    R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
    R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2008-7-1 468224]
    R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [2007-1-4 2560]
    R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2008-11-7 25824]
    R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
    R3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2004-10-20 21344]
    S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;c:\windows\system32\drivers\NSDriver.sys [2008-4-29 15648]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-3-28 38496]
    S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbaudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?]

    =============== Created Last 30 ================

    2009-03-28 18:58 <DIR> --d----- C:\ToolBar SD
    2009-03-28 18:11 <DIR> --d----- c:\program files\Navilog1
    2009-03-28 17:49 <DIR> --d----- C:\EDT$
    2009-03-28 14:53 <DIR> --d----- c:\docume~1\ali\applic~1\Malwarebytes
    2009-03-28 14:53 15,504 a------- c:\windows\system32\drivers\mbam.sys
    2009-03-28 14:52 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-03-28 14:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-03-28 14:52 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2009-03-28 14:30 <DIR> --d----- c:\program files\Trend Micro
    2009-03-26 17:31 54,156 a---h--- c:\windows\QTFont.qfn
    2009-03-26 17:31 1,409 a------- c:\windows\QTFont.for
    2009-03-22 14:23 <DIR> --d----- c:\docume~1\ali\applic~1\Free Download Manager
    2009-03-22 14:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FreeDownloadManager.ORG
    2009-03-22 14:23 <DIR> --d----- c:\program files\Free Download Manager
    2009-03-22 00:16 242 a------- c:\windows\SuperBlank.INI
    2009-03-13 11:54 <DIR> --d----- c:\docume~1\ali\applic~1\Memeo
    2009-03-13 11:37 <DIR> --d----- c:\program files\Western Digital
    2009-03-13 11:35 <DIR> --d----- c:\program files\fichiers communs\eSellerate
    2009-03-13 11:35 <DIR> --d----- c:\program files\Memeo
    2009-03-13 11:34 <DIR> --d----- c:\program files\Western Digital Corporation
    2009-03-13 11:34 20,992 a------- c:\windows\jestertb.dll
    2009-03-11 12:56 <DIR> --d----- c:\program files\FindyKill
    2009-03-10 18:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SRS Labs
    2009-03-10 18:14 47,360 a----r-- c:\windows\system32\drivers\Surroundhp_kern_i386.sys
    2009-03-10 18:14 47,104 a----r-- c:\windows\system32\drivers\tshd4_kern_i386.sys
    2009-03-10 18:14 42,112 a----r-- c:\windows\system32\drivers\csiidecoder_kern_i386.sys
    2009-03-10 18:14 32,000 a----r-- c:\windows\system32\drivers\wowhd_kern_i386.sys
    2009-03-10 18:14 39,808 a----r-- c:\windows\system32\drivers\SRS_SSCFilter_i386.sys
    2009-03-10 18:13 <DIR> --d----- c:\program files\SRS Labs

    ==================== Find3M ====================

    2009-03-22 22:47 2,560 ac------ c:\windows\system32\BitCometRes.dll
    2009-03-15 13:48 410,984 a------- c:\windows\system32\deploytk.dll
    2009-03-15 13:47 515,048 a------- c:\windows\system32\perfh00C.dat
    2009-03-15 13:47 86,514 a------- c:\windows\system32\perfc00C.dat
    2009-02-12 01:31 278,528 a------- c:\windows\system32\TubeFinder.exe
    2009-02-09 15:05 1,846,912 a------- c:\windows\system32\win32k.sys
    2009-02-09 15:05 1,846,912 -------- c:\windows\system32\dllcache\win32k.sys
    2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
    2009-01-16 21:15 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
    2008-10-23 11:19 22,328 a------- c:\docume~1\ali\applic~1\PnkBstrK.sys
    2008-03-12 20:27 2,115 ac------ c:\docume~1\ali\applic~1\SAS7_000.DAT

    ============= FINISH: 19:45:51.07 ===============
    28 Mars 2009 20:20:57

    Re,

    Bien :) 

    Je voudrais vérifier quelque chose.

    Peux-tu relancer EDT, option 1-1-1-1 et me poster le rapport généré ?

    ;) 
    28 Mars 2009 20:26:38

    Voilà :

    ======================================= Egwene's Diagnostic Tool =======================================

    COURTIS
    Scan lancé le sam. 03/28/2009 à 20:24:22.31
    Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3
    Internet Explorer: 7.0.5730.11

    C:\ [Fixed] - NTFS - (Total:147628 Mo/Free:251 Mo)
    D:\ [Fixed] - NTFS - (Total:19461 Mo/Free:621 Mo)
    E:\ [Removable] (Total:0 Mo/Free:0 Mo)
    F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
    G:\ [Removable] (Total:0 Mo/Free:0 Mo)
    H:\ [Removable] (Total:0 Mo/Free:0 Mo)
    I:\ [Removable] (Total:0 Mo/Free:0 Mo)
    J:\ [Fixed] - FAT32 - (Total:953634 Mo/Free:1608 Mo)

    ====== Processus (by Eric_71) ======

    --Locked-- [System Process] [ ]
    ---------- System [ ]
    ---------- C:\WINDOWS\System32\smss.exe [04/14/2008 03:34 50688]
    ---------- C:\WINDOWS\system32\csrss.exe [04/14/2008 03:33 6144]
    ---------- C:\WINDOWS\system32\winlogon.exe [04/14/2008 03:34 512000]
    ---------- C:\WINDOWS\system32\services.exe [04/14/2008 03:34 109056]
    ---------- C:\WINDOWS\system32\lsass.exe [04/14/2008 03:34 13312]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\System32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [01/30/2009 13:18 611664]
    ---------- C:\WINDOWS\system32\spoolsv.exe [04/14/2008 03:34 57856]
    ---------- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [07/26/2008 08:25 150040]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe [09/21/2005 13:46 438272]
    ---------- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [08/15/2007 19:43 106496]
    ---------- C:\WINDOWS\System32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [07/01/2008 09:02 468224]
    ---------- C:\Program Files\Java\jre6\bin\jqs.exe [03/15/2009 13:48 152984]
    ---------- C:\WINDOWS\runservice.exe [01/04/2007 17:27 2560]
    ---------- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [06/20/2006 21:08 49152]
    ---------- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe [07/26/2008 08:23 186904]
    ---------- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [11/07/2008 20:38 25824]
    ---------- C:\WINDOWS\system32\nvsvc32.exe [10/07/2008 12:33 163908]
    ---------- C:\WINDOWS\system32\oodag.exe [06/28/2007 23:02 1049856]
    ---------- C:\WINDOWS\system32\PnkBstrA.exe [10/23/2008 11:19 66872]
    ---------- C:\WINDOWS\system32\PnkBstrB.exe [10/23/2008 11:19 107832]
    ---------- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [01/14/2009 17:53 226656]
    ---------- C:\WINDOWS\system32\svchost.exe [04/14/2008 03:34 14336]
    ---------- C:\WINDOWS\system32\wbem\wmiapsrv.exe [04/14/2008 03:34 126464]
    ---------- C:\WINDOWS\System32\alg.exe [04/14/2008 03:33 44544]
    ---------- C:\WINDOWS\Explorer.EXE [04/14/2008 03:34 1037824]
    ---------- C:\WINDOWS\system32\wbem\wmiprvse.exe [04/14/2008 03:34 218112]
    ---------- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [06/30/2007 16:21 185896]
    ---------- C:\Program Files\QuickTime\qttask.exe [06/29/2007 06:24 286720]
    ---------- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [02/16/2005 16:15 81920]
    ---------- C:\WINDOWS\system32\RUNDLL32.EXE [04/14/2008 03:34 33792]
    ---------- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe [08/14/2008 17:11 565008]
    ---------- C:\Program Files\ESET\ESET Smart Security\egui.exe [07/01/2008 09:01 1447168]
    ---------- C:\WINDOWS\system32\oodtray.exe [06/28/2007 23:01 2512128]
    ---------- C:\Program Files\Java\jre6\bin\jusched.exe [03/15/2009 13:48 148888]
    ---------- C:\Program Files\Winamp\winampa.exe [03/09/2009 16:49 37888]
    ---------- C:\WINDOWS\system32\ctfmon.exe [04/14/2008 03:33 15360]
    ---------- C:\Program Files\SuperCopier2\SuperCopier2.exe [07/07/2006 18:45 1052672]
    ---------- C:\program files\valve\steam\steam.exe [10/08/2008 17:41 1410296]
    ---------- C:\Program Files\Messenger\msmsgs.exe [04/14/2008 03:34 1695232]
    ---------- C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [02/06/2009 18:51 3885408]
    ---------- C:\Program Files\DAEMON Tools\daemon.exe [09/18/2007 16:16 171464]
    ---------- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [05/10/2008 18:31 36864]
    ---------- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [09/16/2008 12:16 1833296]
    ---------- C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe [08/26/2008 17:48 2019624]
    ---------- C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [01/18/2009 14:08 143360]
    ---------- C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe [06/17/2001 16:15 869888]
    ---------- C:\Program Files\Memeo\AutoSync\MemeoAutoSync.exe [11/06/2008 19:20 767200]
    ---------- C:\Documents and Settings\Ali\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe [01/18/2009 14:08 125440]
    ---------- C:\PROGRA~1\Free Download Manager\fdm.exe [01/31/2009 02:45 3399727]
    ---------- C:\Program Files\Mozilla Firefox\firefox.exe [03/28/2009 18:53 307704]
    ---------- C:\WINDOWS\system32\wuauclt.exe [10/16/2008 14:09 51224]
    ---------- C:\WINDOWS\system32\cmd.exe [04/14/2008 03:33 401408]
    ---------- C:\WINDOWS\system32\cmd.exe [04/14/2008 03:33 401408]
    ---------- C:\EDT$\Xproc.exe [03/07/2009 16:52 22829]
    ---------- C:\EDT$\sed.exe [08/31/2000 08:00 98816]


    ======================================= Fin du rapport =======================================


    Le rapport a duré même pas 1 minute par contre
    28 Mars 2009 20:28:21

    Re,

    Oki il y a bien un petit problème avec le programme.

    Poste-moi le contenu de tous les fichiers contenus dans le dossiers logs en me disant à chaque fois duquel il s'agit.

    On passe à la suite après.

    ;) 
    28 Mars 2009 21:15:16

    Re,

    Non ça ira merci, c'est juste curieux... bref !

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera. Et poste-moi le rapport que tu obtiens.

    ;) 
    28 Mars 2009 23:32:26

    Re,

    En fait si j'aimerais bien tous fichiers. Crée une archive avec WinRar ou Zip, dans laquelle tu mettras tous les fichiers du dossiers logs. Et upload moi cette archive, par exemple sur mediafire :

    Uploader un fichier sur mediafire :

  • Rends-toi sur ce lien : http://www.mediafire.com/
  • Clique en haut sur "Upload files To Media fire". Choisis ensuite "I want to upload without an account"
  • Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur "ouvrir".
  • Clique ensuite sur "Upload".
  • A droite de l'écran, choisis : "upload to a new folder". Laisse le nom par défaut ( = la date )
  • Valide et laisse l'upload se faire.
  • Clique sur "Vieuw uploaded file" et copie-moi l'url ( = le lien ) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

    Cela m'aidera à comprendre où réside le bug, d'autant plus étrange que ça marchait très bien jusqu'à présent. Merci !

    ;) 
    29 Mars 2009 12:55:44

    Et le rapport :

    KASPERSKY ONLINE SCANNER 7 REPORT
    Sunday, March 29, 2009
    Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Saturday, March 28, 2009 23:10:03
    Records in database: 1982408
    Scan settings
    Scan using the following database extended
    Scan archives yes
    Scan mail databases yes
    Scan area My Computer
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    K:\
    Scan statistics
    Files scanned 272534
    Threat name 3
    Infected objects 3
    Suspicious objects 0
    Duration of the scan 04:14:48

    File name Threat name Threats count
    C:\ToolBar SD\Backup-TB\Program Files\vmntoolbar\vmntoolbar.dll Infected: not-a-virus:AdWare.Win32.MegaSearch.n 1
    D:\Mes fichiers reçus\virtual-network-computing-vnc-_virtual_network_computing_vnc_4.1.1_complet_anglais_10084.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 1
    D:\Mes fichiers reçus\virtual-network-computing-vnc-_virtual_network_computing_vnc_4.1.1_complet_anglais_10084.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1
    The selected area was scanned.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter