Redemarrages recurents du pc, virus ?
Forum Sécurité - Virus : Redemarrages recurents du pc, virus ?
Bonjour, depuis peu mon pc redémarre obstinément, le net s'est mis à ramer sévère, certaines applications plante et ni avast, spybot ou adaware ne trouve rien de méchant... VOici mon log hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:49:28, on 06/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\VisualTaskTips.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\VPro500.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0323693203
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 86.64.145.141 84.103.237.141
O17 - HKLM\System\CS1\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9674 bytes
MErci de votre aide future!
Un bonjour ?
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de Toolbar-S&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré. (C:\TB.txt)
Répondre à Angeldark
Merci de ta réponse !
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090505-0] 4.8.1335 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:6 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 06/05/2009|18:53 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\temp
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\global_scripts.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\logo.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\logo_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\scripts.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\scroller.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\separator.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\settings.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\settings_over.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\index.76.35
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
C:\DOCUME~1\ADMINI~1\APPLIC~1\Dealio\kb127\temp\installtype.ini
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb127\temp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.fr"
"Search Bar"="http://www.google.fr/ie"
"Start Page"="http://www.cegetel.net"
"Default_Search_URL"="http://www.google.fr/keyword/%s"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.fr"
"Default_Search_URL"="http://www.google.fr"
"Search Page"="http://www.google.fr"
"Start Page"="http://www.google.fr"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Methode Sims 2 mode construction par Kurtspirit.htm
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool\daemon347.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original\Sims2.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s\keygen.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir\Sims2_1.mir
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚\bm.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer\Sims 2 +2 trainer fixed.exe
C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Death To The Pixies\Death To The Pixies (Disc 2)\14 Crackity Jones.mp3
C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Doolittle\09 - Crackity Jones.mp3
1 - "C:\ToolBar SD\TB_1.txt" - 06/05/2009|18:55 - Option : [1]
-----------\\ Fin du rapport a 18:55:27,68
Re,
Relance Lop S&D.
- Choisis cette fois ci l'Option 2 (Suppression)
! Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt)
Répondre à Angeldark
Merci voici le rapport, mais toujours pas d'amélioration...
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090507-0] 4.8.1335 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:10 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 08/05/2009|17:16 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.fr"
"Search Bar"="http://www.google.fr/ie"
"Start Page"="http://www.cegetel.net"
"Default_Search_URL"="http://www.google.fr/keyword/%s"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.fr"
"Default_Search_URL"="http://www.google.fr"
"Search Page"="http://www.google.fr"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Methode Sims 2 mode construction par Kurtspirit.htm
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Daemon Tool\daemon347.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\EXE Original\Sims2.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\G‚n‚rateur de Cl‚s\keygen.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Image Sims2_1.mir\Sims2_1.mir
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Patch nudit‚\bm.exe
C:\DOCUME~1\ADMINI~1\Bureau\Install\Sims2 - Les Sims 2 Fr M‚thode Mode Construction Exe Original Keygen Patch Nudite Trainer Daemon Tool Par Kurtspirit\Trainer\Sims 2 +2 trainer fixed.exe
C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Death To The Pixies\Death To The Pixies (Disc 2)\14 Crackity Jones.mp3
C:\DOCUME~1\ADMINI~1\Bureau\Music\Red Hot Chili Peppers\Pixies\Doolittle\09 - Crackity Jones.mp3
1 - "C:\ToolBar SD\TB_1.txt" - 06/05/2009|18:55 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 08/05/2009|17:18 - Option : [2]
-----------\\ Fin du rapport a 17:18:25,57
Merci de supprimer tous tes cracks, reposte un rapport Hijackthis.
Répondre à Angeldark
Ok c'est fait je savais même pas qu'il trainait encore.
Voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:19:20, on 09/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\VisualTaskTips.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Azureus Ultra Accelerator.lnk = C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0323693203
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS1\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.146 86.64.145.146
O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9148 bytes
Ton pc se comporte mieux ?
Désinstalle via Ajout/Suppression de Programmes (si présents) :
- Avast!
Télécharge et exécute le Désinstalleur d'Avast!.
Ceci effacera la majorité des traces du produit Avast! d'Alwil Software.
Télécharge Ccleaner sur ton Bureau.
- Clique sur "download the latest version"
- Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
- Lance le Nettoyage
- Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.
Aide : Comment utiliser CCleaner.
&
Télécharge AntiVir sur ton Bureau.
- Double clique sur l'exécutable téléchargé pour lancer l'installation.
- A la fin de l'installation, clique sur Finish.
- Ouvre Antivir, assure-toi qu’il soit bien à jour !
- Dans l'onglet Protection Locale, choisis Contrôler.
- Active la recherche de rootkits via le + de Recherche de Rootkits, puis dans Sélection manuelle, coche tout (tes partitions de disque dur).
- Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
- Poste moi le rapport généré : Pour cela, clique sur l'onglet Aperçu, puis choisis Rapports, tu trouveras son rapport..
- Sélectionne le rapport et clique sur l'icône "Afficher le fichier de rapport du rapport sélectionné.
Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.
Pourquoi changer ? Avast vs Antivir.
Aide : Comment installer et utiliser AntiVir.
Répondre à Angeldark
Bonjour, désolé pour le temps de réponse j'ai du m'absenter pour un moment. Voici le scan antivir... Il a trouvé plusieurs choses que j'ai mise en quarantaine
Avira AntiVir Personal
Date de création du fichier de rapport : lundi 18 mai 2009 09:44
La recherche porte sur 1396800 souches de virus.
Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows 
Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :382598EDA7D34A7
Informations de version :
BUILD.DAT : 8.2.0.53 17752 Bytes 23/03/2009 13:45:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 12:40:11
ANTIVIR2.VDF : 7.1.3.185 2010112 Bytes 12/05/2009 12:39:18
ANTIVIR3.VDF : 7.1.3.216 129536 Bytes 16/05/2009 12:39:17
Version du moteur: 8.2.0.168
AEVDF.DLL : 8.1.1.1 106868 Bytes 11/05/2009 12:40:21
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 16/05/2009 12:39:22
AESCN.DLL : 8.1.2.3 127347 Bytes 16/05/2009 12:39:20
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38
AEPACK.DLL : 8.1.3.16 397686 Bytes 11/05/2009 12:40:19
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 11/05/2009 12:40:18
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 16/05/2009 12:39:20
AEHELP.DLL : 8.1.2.2 119158 Bytes 11/05/2009 12:40:16
AEGEN.DLL : 8.1.1.44 348532 Bytes 16/05/2009 12:39:18
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56
AECORE.DLL : 8.1.6.9 176500 Bytes 11/05/2009 12:40:15
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58
AVREP.DLL : 8.0.0.3 155688 Bytes 11/05/2009 12:40:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43
Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen
Début de la recherche : lundi 18 mai 2009 09:44
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Azureus Ultra Accelerator.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VPro500.exe' - '1' module(s) sont contrôlés
Processus de recherche 'dslmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Eraser.exe' - '1' module(s) sont contrôlés
Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'zlclient.exe' - '0' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VisualTaskTips.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PAStiSvc.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'vsmon.exe' - '0' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'34' processus ont été contrôlés avec '34' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '50' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\Documents and Settings\Administrateur\Bureau\Install\Nouveau dossier\install_ccsetup211.exe.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Small.fxa
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a8412ed.qua' !
C:\System Volume Information\_restore{8A712722-2AAA-481C-B180-F279239DB17D}\RP330\A0163368.exe
[RESULTAT] Contient le cheval de Troie TR/Agent.6905.A
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a4224e3.qua' !
C:\System Volume Information\_restore{8A712722-2AAA-481C-B180-F279239DB17D}\RP339\A0168227.exe
[RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Small.fxa
[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a422516.qua' !
Fin de la recherche : lundi 18 mai 2009 11:14
Temps nécessaire: 1:29:41 Heure(s)
La recherche a été effectuée intégralement
6881 Les répertoires ont été contrôlés
524902 Des fichiers ont été contrôlés
3 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
3 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
524898 Fichiers non infectés
6483 Les archives ont été contrôlées
1 Avertissements
3 Consignes
Reposte un rapport Hijackthis.
Répondre à Angeldark
Le voici:
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:32:34, on 18/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\VPro500.exe
C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cegetel.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Azureus Ultra Accelerator.lnk = C:\Program Files\Azureus Ultra Accelerator\Azureus Ultra Accelerator.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0323693203
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 86.64.145.142 84.103.237.142
O17 - HKLM\System\CS2\Services\Tcpip\..\{5291976E-14EE-4D79-8F58-0A8C803CAB70}: NameServer = 84.103.237.140 86.64.145.140
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9046 bytes
Même soucis ?
Répondre à Angeldark
Oui toujours peut-être est-ce matériel, mais en tout cas merci pour ton aide.
Autant demander dans Hardware 
Répondre à Angeldark
Il y a 293 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
