mayie

merci pour avoir mis "résolu" à ma place. Je pense que la seconde solution serait très bien, windows et les dossiers !! comment faire ??

je pense que je suis hors sujet, mais je te pose la question quand-même : je voudrais sauvegarder tous mes fichiers de données personnelles en cas de plantage du pc.. comment puis-je procéder ?? merci

Hello Falkra !! merci, j'ai désinstallé les programmes que tu m'as dit en gardans mbam... je suis en train d'installer le pack sp3 Mais pour le pare-feu, ne fait-il pas double usage avec celui de windows ? ou faudra-t-il que je désinstalle le pare-feu windows ? C'est un pare-feu supplémentaire ? Pour E-mule, il me manque les images, mais quelle est la version officiele alors si on veut le télécharger ? Tu me dis d'éditer mon premier post pour afficher "résolu", je n'ai pas bien compris la démarche à faire, je dois me planter quelque part !!!

merci pour tout !!! super Faldra !!!

merci pour tout !!!! super !!! Falkra

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:42:11, on 21/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Controle Parental\bin\optproxy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\TF1Vision\TF1vision.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\BitComet\BitComet.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\pointsoft\lanceur.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\Program Files\Orange\systray\systrayapp.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BitComet\tools\CometBrowser.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\martinez\LOCALS~1\Temp\Répertoire temporaire 2 pour HiJackThis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe /auto O4 - HKCU\..\Run: [uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE -- End of file - 12542 bytes

SUPER CELA MARCHE MERCI BEAUCOUP FALKRA!!!! c'est super !!!! merci pour ta patience... et désolée pour mes bêtises précédentes sur le forum !!

tiens par exemple, dans la fenetre dial, il y a le lien pour aller sur le site web, et bien je ne peux pas y aller, j'ai une page blanche... voilà pour toutes les programmes, où il y a un lien pour un web, je ne peux pas y acceder, page blanche,,, c'est vraiment embêtant..

AIDE ET SUPPORT MARCHE !!! youpi ... pas windows update à partir du lien

mission accomplie !! cela ne m'a pas demandé de redémarrer.. et je n'accède toujours pas à internet par les liens..

opération effectuée, j'ai toujours le même problème.. par exemple idem aide et support en ligne dans le panneau de config.. enfin tu as compris,

oui par internet en direct c'est ok.. mais le lien par exemple dans le panneau de configuration windows update mise à jour.. page blanche... logiciel téléchargé sur mon pc, mise à jour pages blanches, dès qu'il y a un lien pour aller sur internet impossible...

coucou falkra, il n'y a rien de marquer, je ne vois pas ; je l'ai testée pour voir si il y avait des virus, a-priori elle n'est pas infectée et j'ai toujours le même problème... merci

mais je viens de tester ma clé, elle n'est pas infectée !

excuse-moi, qu'est ce que tu entends à la racine ?? J'ai été sur matériel etc.. je ne vois pas de fichier auto-run.. mais elle fonctionne bien ! j'ai affiché les fichiers cachés comme c'était indiqué, mais j'ai toujours le même problème.. aucun accès internet par un lien intermédiaire , logiciel, panneau de config etc... merci !

enregistrement registre fait executer fait voila le rapport mbam Malwarebytes' Anti-Malware 1.34 Version de la base de données: 1782 Windows 5.1.2600 Service Pack 2 20/02/2009 19:47:11 mbam-log-2009-02-20 (19-47-11).txt Type de recherche: Examen rapide Eléments examinés: 66426 Temps écoulé: 8 minute(s), 37 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Logfile of random's system information tool 1.05 (written by random/random) Run by martinez at 2009-02-20 17:54:37 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 52 GB (36%) free of 144 GB Total RAM: 447 MB (33% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:55:13, on 20/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Controle Parental\bin\optproxy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\TF1Vision\TF1vision.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BitComet\BitComet.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\pointsoft\lanceur.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\Program Files\Orange\systray\systrayapp.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Documents and Settings\martinez\Bureau\RSIT.exe C:\Program Files\trend micro\martinez.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE -- End of file - 12622 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll [2008-01-02 496952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}] ST - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-08 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] MSNToolBandBHO - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll [2006-01-17 282624] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-03-11 147456] "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "RestoreIT!"=C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE [2004-09-21 114688] "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-02-15 26112] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960] "LogitechCommunicationsManager"=C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200] "farstone"= [] "e-TF1"=C:\Program Files\TF1Vision\TF1vision.exe [2007-07-24 345600] "AudioDeck"=C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2005-04-08 512000] "AOLDialer"=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696] "ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-12-12 107248] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Uniblue RegistryBooster2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-06-02 1957888] "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] "BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-12-07 1913656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "AOL ACS"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE C:\Documents and Settings\martinez\Menu Démarrer\Programmes\Démarrage Lanceur Pointsoft.lnk - C:\pointsoft\lanceur.exe Outil de notification Live Search.lnk - C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019" "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:Enabled:CSS" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f230adb0-7a49-11dc-b902-0013d3a2577b}] shell\AutoRun\command - E:\m.exe shell\explore\command - E:\m.exe shell\open\command - E:\m.exe ======List of files/folders created in the last 1 months====== 2009-02-20 17:54:40 ----D---- C:\Program Files\trend micro 2009-02-20 17:54:37 ----DC---- C:\rsit 2009-02-20 17:43:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Avira 2009-02-20 17:43:53 ----D---- C:\Program Files\Avira 2009-02-20 14:53:35 ----AC---- C:\cleannavi.txt 2009-02-20 12:04:03 ----AC---- C:\fixnavi.txt 2009-02-20 12:02:42 ----D---- C:\Program Files\Navilog1 2009-02-20 10:22:40 ----AC---- C:\TB.txt 2009-02-20 10:21:47 ----DC---- C:\ToolBar SD 2009-02-20 00:16:06 ----DC---- C:\_OTMoveIt 2009-02-19 20:31:39 ----D---- C:\Program Files\eMule 2009-02-19 20:30:41 ----A---- C:\Program Files\eMule0.49b-Installer1.exe 2009-02-19 13:42:27 ----D---- C:\Documents and Settings\martinez\Application Data\Malwarebytes 2009-02-19 13:42:17 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-02-19 12:44:01 ----D---- C:\Program Files\hijackthis 1 2009-02-19 11:03:23 ----DC---- C:\HijackThis 1 2009-02-19 00:07:57 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-18 00:17:56 ----D---- C:\Program Files\Abrosoft FantaMorph 2009-02-10 20:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$ ======List of files/folders modified in the last 1 months====== 2009-02-20 17:54:40 ----RD---- C:\Program Files 2009-02-20 17:54:16 ----D---- C:\WINDOWS\Prefetch 2009-02-20 17:49:20 ----D---- C:\WINDOWS\Temp 2009-02-20 17:44:02 ----D---- C:\WINDOWS\system32\drivers 2009-02-20 17:42:22 ----D---- C:\Downloads 2009-02-20 16:03:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-20 16:02:27 ----D---- C:\WINDOWS\system32 2009-02-20 14:58:19 ----D---- C:\WINDOWS 2009-02-20 00:19:25 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-20 00:06:05 ----A---- C:\WINDOWS\NeroDigital.ini 2009-02-19 18:27:55 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-02-19 18:27:55 ----HD---- C:\WINDOWS\inf 2009-02-19 18:27:38 ----D---- C:\WINDOWS\system32\CatRoot 2009-02-18 04:49:36 ----D---- C:\WINDOWS\Debug 2009-02-18 02:17:23 ----D---- C:\WINDOWS\I386 2009-02-18 01:16:55 ----D---- C:\Program Files\Internet Explorer 2009-02-18 00:53:18 ----A---- C:\WINDOWS\imsins.BAK 2009-02-18 00:22:22 ----D---- C:\WINDOWS\system32\config 2009-02-18 00:21:49 ----D---- C:\WINDOWS\system32\wbem 2009-02-18 00:21:48 ----D---- C:\WINDOWS\Registration 2009-02-18 00:17:50 ----DC---- C:\Config.Msi 2009-02-18 00:17:49 ----SHD---- C:\WINDOWS\Installer 2009-02-18 00:17:42 ----HD---- C:\WINDOWS\$hf_mig$ 2009-02-16 22:02:12 ----D---- C:\WINDOWS\Help 2009-02-15 11:13:19 ----D---- C:\Program Files\Paint Shop Pro 6 2009-02-10 20:25:59 ----D---- C:\WINDOWS\ie7updates 2009-02-05 19:11:34 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-02-02 03:50:45 ----D---- C:\Program Files\Java 2009-01-24 17:56:56 ----D---- C:\WINDOWS\network diagnostic ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 43520] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-02-15 8552] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480] R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-18 227200] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2005-04-08 179968] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] S2 FBAPI;FBAPI; \??\C:\WINDOWS\system32\drivers\FBAPI.sys [] S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender9\bdfdll.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 cel90xbe;cel90xbe; \??\C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys [] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496] S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632] S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [] S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2004-05-21 163328] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-06-02 86606] R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824] R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [2007-09-25 65536] R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888] R2 OPTENET_FILTER;Control Parental; C:\Program Files\Controle Parental\bin\optproxy.exe [2006-03-02 564400] R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [] S3 PsShutdownSvc;PsShutdown; C:\WINDOWS\System32\PSSDNSVC.EXE [2006-01-16 65536] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF----------------- info.txt logfile of random's system information tool 1.05 2009-02-20 17:55:20 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER 7-Zip 4.58 beta-->"C:\Program Files\7-Zip\Uninstall.exe" Abrosoft FantaMorph 2.5-->"C:\Program Files\Abrosoft FantaMorph\unins000.exe" Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543} Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE BitComet 0.98-->C:\Program Files\BitComet\uninst.exe Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Dealio Toolbar 3.3-->MsiExec.exe /X{8476C5A3-6DF0-467F-91D0-ABA22DC37373} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Dofus 1.25.0-->C:\Program Files\Dofus\uninstall.exe eMule-->"C:\Program Files\eMule\Uninstall.exe" Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HijackThis 2.0.2-->"C:\DOCUME~1\martinez\LOCALS~1\Temp\Répertoire temporaire 2 pour HiJackThis.zip\HijackThis.exe" /uninstall Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech QuickCam-->MsiExec.exe /X{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC} Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" mIRC-->"C:\TeamScripT4\mirc.exe" -uninstall Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Navilog1 3.7.4-->"C:\Program Files\Navilog1\unins000.exe" Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\setup.exe /uninstall ExtraUninstallID="" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u Paint Shop Pro 6.0 (CD-ROM)-->C:\PROGRA~1\PAINTS~1\Unwise.exe C:\PROGRA~1\PAINTS~1\INSTALL.LOG QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} Search Settings 1.1-->MsiExec.exe /X{32AD1A7A-25F1-44B9-A396-EA8A4A6605B0} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe TF1Vision version 1.2.1.1-->"C:\Program Files\TF1Vision\unins000.exe" Tgl0beSCRIPT 9.0-->C:\Tgl0beSCRIPT\uninst.exe VideoLAN VLC media player 0.8.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll ======Security center information====== AV: Avira AntiVir PersonalEdition Classic System event log Computer Name: SY6PBC14 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service PCANDIS5 NDIS Protocol Driver. Record Number: 43268 Source Name: Service Control Manager Time Written: 20090124120347.000000+060 Event Type: Informations User: MATHIEU-233E48F\martinez Computer Name: SY6PBC14 Event Code: 59 Message: Generate Activation Context a échoué pour C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80.DLL. Message d'erreur de référence : Opération réussie. . Record Number: 43267 Source Name: SideBySide Time Written: 20090124120243.000000+060 Event Type: erreur User: Computer Name: SY6PBC14 Event Code: 59 Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC. Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système. . Record Number: 43266 Source Name: SideBySide Time Written: 20090124120243.000000+060 Event Type: erreur User: Computer Name: SY6PBC14 Event Code: 32 Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système. Record Number: 43265 Source Name: SideBySide Time Written: 20090124120243.000000+060 Event Type: erreur User: Computer Name: SY6PBC14 Event Code: 59 Message: Generate Activation Context a échoué pour C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80.DLL. Message d'erreur de référence : Opération réussie. . Record Number: 43264 Source Name: SideBySide Time Written: 20090124120242.000000+060 Event Type: erreur User: Application event log Computer Name: SY6PBC14 Event Code: 701 Message: msnmsgr (1904) La défragmentation en ligne a terminé un passage complet dans la base de données '\\.\C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Messenger\mayie33@hotmail.com\SharingMetadata\Working\database_3E08_5C0E_85B_C415\dfsr.db'. Record Number: 2953 Source Name: ESENT Time Written: 20090122030120.000000+060 Event Type: Informations User: Computer Name: SY6PBC14 Event Code: 700 Message: msnmsgr (1904) La défragmentation en ligne commence un passage complet dans la base de données '\\.\C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Messenger\mayie33@hotmail.com\SharingMetadata\Working\database_3E08_5C0E_85B_C415\dfsr.db'. Record Number: 2952 Source Name: ESENT Time Written: 20090122030120.000000+060 Event Type: Informations User: Computer Name: SY6PBC14 Event Code: 701 Message: msnmsgr (1904) La défragmentation en ligne a terminé un passage complet dans la base de données '\\.\C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Messenger\mayie33@hotmail.com\SharingMetadata\Working\database_3E08_5C0E_85B_C415\dfsr.db'. Record Number: 2951 Source Name: ESENT Time Written: 20090122020123.000000+060 Event Type: Informations User: Computer Name: SY6PBC14 Event Code: 700 Message: msnmsgr (1904) La défragmentation en ligne commence un passage complet dans la base de données '\\.\C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Messenger\mayie33@hotmail.com\SharingMetadata\Working\database_3E08_5C0E_85B_C415\dfsr.db'. Record Number: 2950 Source Name: ESENT Time Written: 20090122020119.000000+060 Event Type: Informations User: Computer Name: SY6PBC14 Event Code: 4103 Message: La fusion principale est terminée sur c:\system volume information\catalog.wci. Record Number: 2949 Source Name: Ci Time Written: 20090122010222.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip -----------------EOF-----------------

ok je m'occupe de l'antivirus ..

merci !! j'ai plus de virus ? ET j'ai toujours le même problème, quand je veux aller sur internet par l'intermédiaire d'une fenêtre du pc, par exemple windows updat sur la panneau de configuration, une mise à jour d'un logiciel ou d'un programme, j'ai une page blanche , aucun accès...

merci !!!! Clean Navipromo version 3.7.4 commencé le 20/02/2009 à 14:53:35,85 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Sempron Processor 3000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : martinez ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090219-0] 4.8.1296 (Activated) C:\ (Local Disk) - NTFS - Total:140 Go (Free:50 Go) D:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\martinez\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\martinez\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\martinez\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\martinez\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\martinez\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\martinez\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 20/02/2009 à 15:01:24,46 *** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:04:36, on 20/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Controle Parental\bin\optproxy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\TF1Vision\TF1vision.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\pointsoft\lanceur.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\DOCUME~1\martinez\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe C:\Program Files\Orange\systray\systrayapp.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKCU\..\Run: [uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE -- End of file - 12711 bytes

voici navilog : merci Search Navipromo version 3.7.4 commencé le 20/02/2009 à 12:04:03,00 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Sempron Processor 3000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : martinez ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090219-0] 4.8.1296 (Activated) C:\ (Local Disk) - NTFS - Total:140 Go (Free:50 Go) D:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\martinez\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\martinez\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\martinez\menudm~1\progra~1" *** *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\martinez\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\martinez\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 20/02/2009 à 12:05:22,87 ***

TU PENSES QUE J AI EU UN VIRUS ?? -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Sempron Processor 3000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : martinez ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090219-0] 4.8.1296 (Activated) C:\ (Local Disk) - NTFS - Total:140 Go (Free:50 Go) D:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 20/02/2009|11:50 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskTBar\bar Supprime! - C:\Program Files\AskTBar\PopSwatr Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Dealio\dinstallhelper.4378B33D3B00405AB56DD82B3002DB0B.dll Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Dealio\dinstallhelper.F1F55717C9AB4EF9817B18CB31D0EA21.dll Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126 Supprime! - C:\Program Files\Dealio\DealioAU.exe Supprime! - C:\Program Files\Dealio\kb126 Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126 Supprime! - C:\Program Files\Search Settings\kb126 Supprime! - C:\Program Files\Search Settings\SearchSettings.exe Supprime! - C:\DOCUME~1\martinez\Favoris\dvdrip french avi torrent search.url Supprime! - C:\Program Files\AskTBar Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Dealio Supprime! - C:\Program Files\Dealio Supprime! - C:\DOCUME~1\martinez\APPLIC~1\Search Settings Supprime! - C:\Program Files\Search Settings -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.google.com" "SearchMigratedDefaultURL"="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" "Search Bar"="http://search.ke.voila.fr/S/voila?kw=" "Start Page"="http://www.google.fr/" "Url"="http://go.microsoft.com/fwlink/?LinkID=68928" "Url"="http://go.microsoft.com/fwlink/?LinkID=44406" "Url"="http://go.microsoft.com/fwlink/?LinkID=68929" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== 1 - "C:\ToolBar SD\TB_1.txt" - 20/02/2009|10:24 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 20/02/2009|11:54 - Option : [2] -----------\\ Fin du rapport a 11:54:54,84

Merci Falkra !! -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Sempron Processor 3000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : martinez ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090219-0] 4.8.1296 (Activated) C:\ (Local Disk) - NTFS - Total:140 Go (Free:50 Go) D:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 20/02/2009|10:22 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskTBar C:\Program Files\AskTBar\bar C:\Program Files\AskTBar\PopSwatr C:\Program Files\AskTBar\bar\History C:\Program Files\AskTBar\bar\Settings C:\Program Files\AskTBar\bar\History\search2 C:\Program Files\AskTBar\PopSwatr\History C:\Program Files\AskTBar\PopSwatr\History\allowed C:\Program Files\AskTBar\PopSwatr\History\notallow C:\DOCUME~1\martinez\APPLIC~1\Dealio C:\DOCUME~1\martinez\APPLIC~1\Dealio\dinstallhelper.4378B33D3B00405AB56DD82B3002DB0B.dll C:\DOCUME~1\martinez\APPLIC~1\Dealio\dinstallhelper.F1F55717C9AB4EF9817B18CB31D0EA21.dll C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\temp C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\chevron-small.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\DealioSearch.html C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\deals-leftcap.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\deal_report.jpg C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\ebay_login.jpg C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\err_mainwindow.html C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\err_toolbar.html C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\global_scripts.js C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\headerbgthin.jpg C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\highlight-bg.png C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\logo.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\logo_over.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\man_toolbar.html C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\man_toolbar.js C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\post-this-deal.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\post-this-deal_over.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\scripts.js C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\scroller.js C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\search-chevron.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\search-chevron_over.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\search_bg_blink.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\separator.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\settings.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\settings_over.gif C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\res\yahoo-search.png C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\index.76.35 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.10.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.109.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.110.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.12.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.13.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.130.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.135.50 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.153.44 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.155.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.156.49 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.16.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.161.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.178.66 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.184.55 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.188.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.189.45 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.196.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.198.56 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.199.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.200.53 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.201.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.202.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.203.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.205.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.213.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.214.49 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.215.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.216.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.217.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.218.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.219.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.220.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.221.57 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.222.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.223.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.226.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.227.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.228.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.229.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.23.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.239.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.24.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.240.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.241.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.242.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.243.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.244.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.245.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.247.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.248.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.249.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.250.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.251.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.252.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.253.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.254.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.255.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.256.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.257.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.279.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.28.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.282.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.283.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.284.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.289.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.290.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.291.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.296.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.297.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.304.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.307.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.308.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.31.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.310.46 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.311.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.315.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.316.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.317.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.318.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.319.49 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.32.48 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.334.44 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.335.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.336.44 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.337.44 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.338.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.339.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.34.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.340.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.341.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.349.50 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.35.48 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.350.50 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.351.51 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.352.54 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.353.51 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.354.51 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.357.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.358.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.359.52 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.360.53 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.361.54 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.362.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.363.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.364.54 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.365.53 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.367.56 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.368.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.369.55 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.370.56 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.371.56 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.372.57 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.373.55 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.375.56 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.376.57 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.377.55 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.378.65 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.384.58 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.386.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.387.59 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.388.59 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.389.59 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.390.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.391.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.392.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.393.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.394.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.396.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.397.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.398.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.399.60 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.403.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.404.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.405.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.406.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.407.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.408.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.409.61 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.412.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.413.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.414.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.415.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.416.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.417.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.418.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.419.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.420.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.421.62 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.423.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.424.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.425.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.426.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.427.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.428.65 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.429.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.430.63 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.432.65 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.433.64 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.434.65 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.435.64 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.436.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.437.64 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.438.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.439.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.440.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.442.73 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.443.73 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.444.73 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.445.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.446.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.450.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.451.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.452.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.453.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.454.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.456.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.457.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.458.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.459.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.460.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.462.74 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.463.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.464.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.465.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.468.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.469.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.470.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.471.73 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.472.70 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.478.74 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.479.73 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.480.68 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.481.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.482.74 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.49.67 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.50.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.500.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.501.74 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.502.71 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.51.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.52.72 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.520.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.521.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.522.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.53.51 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.531.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.532.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.534.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.54.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.55.45 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.56.69 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.57.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.58.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.593.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.595.76 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.63.57 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.66.47 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.70.75 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\rules\rules.1.71.43 C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\temp\dealio-14291.log C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\temp\dealio-14292.log C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\temp\dealio-14294.log C:\DOCUME~1\martinez\APPLIC~1\Dealio\kb126\temp\dod_cache.xml C:\Program Files\Dealio C:\Program Files\Dealio\DealioAU.exe C:\Program Files\Dealio\kb126 C:\Program Files\Dealio\SearchSettingsKit.exe C:\Program Files\Dealio\kb126\Dealio Deskbar.exe C:\Program Files\Dealio\kb126\Dealio.dll C:\Program Files\Dealio\kb126\res C:\Program Files\Dealio\kb126\rules C:\Program Files\Dealio\kb126\temp C:\Program Files\Dealio\kb126\res\chevron-small.gif C:\Program Files\Dealio\kb126\res\DealioSearch.html C:\Program Files\Dealio\kb126\res\deals-leftcap.gif C:\Program Files\Dealio\kb126\res\deal_report.jpg C:\Program Files\Dealio\kb126\res\ebay_login.jpg C:\Program Files\Dealio\kb126\res\err_mainwindow.html C:\Program Files\Dealio\kb126\res\err_toolbar.html C:\Program Files\Dealio\kb126\res\global_scripts.js C:\Program Files\Dealio\kb126\res\headerbgthin.jpg C:\Program Files\Dealio\kb126\res\highlight-bg.png C:\Program Files\Dealio\kb126\res\logo.gif C:\Program Files\Dealio\kb126\res\logo_over.gif C:\Program Files\Dealio\kb126\res\man_toolbar.html C:\Program Files\Dealio\kb126\res\man_toolbar.js C:\Program Files\Dealio\kb126\res\post-this-deal.gif C:\Program Files\Dealio\kb126\res\post-this-deal_over.gif C:\Program Files\Dealio\kb126\res\scripts.js C:\Program Files\Dealio\kb126\res\scroller.js C:\Program Files\Dealio\kb126\res\search-chevron.gif C:\Program Files\Dealio\kb126\res\search-chevron_over.gif C:\Program Files\Dealio\kb126\res\search_bg_blink.gif C:\Program Files\Dealio\kb126\res\separator.gif C:\Program Files\Dealio\kb126\res\settings.gif C:\Program Files\Dealio\kb126\res\settings_over.gif C:\Program Files\Dealio\kb126\res\yahoo-search.png C:\Program Files\Dealio\kb126\rules\index.76.35 C:\Program Files\Dealio\kb126\rules\rules.1.10.76 C:\Program Files\Dealio\kb126\rules\rules.1.109.43 C:\Program Files\Dealio\kb126\rules\rules.1.110.43 C:\Program Files\Dealio\kb126\rules\rules.1.12.52 C:\Program Files\Dealio\kb126\rules\rules.1.13.58 C:\Program Files\Dealio\kb126\rules\rules.1.130.58 C:\Program Files\Dealio\kb126\rules\rules.1.135.50 C:\Program Files\Dealio\kb126\rules\rules.1.153.44 C:\Program Files\Dealio\kb126\rules\rules.1.155.43 C:\Program Files\Dealio\kb126\rules\rules.1.156.49 C:\Program Files\Dealio\kb126\rules\rules.1.16.60 C:\Program Files\Dealio\kb126\rules\rules.1.161.52 C:\Program Files\Dealio\kb126\rules\rules.1.178.66 C:\Program Files\Dealio\kb126\rules\rules.1.184.55 C:\Program Files\Dealio\kb126\rules\rules.1.188.52 C:\Program Files\Dealio\kb126\rules\rules.1.189.45 C:\Program Files\Dealio\kb126\rules\rules.1.196.43 C:\Program Files\Dealio\kb126\rules\rules.1.198.56 C:\Program Files\Dealio\kb126\rules\rules.1.199.43 C:\Program Files\Dealio\kb126\rules\rules.1.200.53 C:\Program Files\Dealio\kb126\rules\rules.1.201.43 C:\Program Files\Dealio\kb126\rules\rules.1.202.43 C:\Program Files\Dealio\kb126\rules\rules.1.203.71 C:\Program Files\Dealio\kb126\rules\rules.1.205.62 C:\Program Files\Dealio\kb126\rules\rules.1.213.71 C:\Program Files\Dealio\kb126\rules\rules.1.214.49 C:\Program Files\Dealio\kb126\rules\rules.1.215.43 C:\Program Files\Dealio\kb126\rules\rules.1.216.67 C:\Program Files\Dealio\kb126\rules\rules.1.217.67 C:\Program Files\Dealio\kb126\rules\rules.1.218.52 C:\Program Files\Dealio\kb126\rules\rules.1.219.43 C:\Program Files\Dealio\kb126\rules\rules.1.220.43 C:\Program Files\Dealio\kb126\rules\rules.1.221.57 C:\Program Files\Dealio\kb126\rules\rules.1.222.43 C:\Program Files\Dealio\kb126\rules\rules.1.223.68 C:\Program Files\Dealio\kb126\rules\rules.1.226.68 C:\Program Files\Dealio\kb126\rules\rules.1.227.43 C:\Program Files\Dealio\kb126\rules\rules.1.228.62 C:\Program Files\Dealio\kb126\rules\rules.1.229.76 C:\Program Files\Dealio\kb126\rules\rules.1.23.63 C:\Program Files\Dealio\kb126\rules\rules.1.239.43 C:\Program Files\Dealio\kb126\rules\rules.1.24.43 C:\Program Files\Dealio\kb126\rules\rules.1.240.43 C:\Program Files\Dealio\kb126\rules\rules.1.241.43 C:\Program Files\Dealio\kb126\rules\rules.1.242.43 C:\Program Files\Dealio\kb126\rules\rules.1.243.43 C:\Program Files\Dealio\kb126\rules\rules.1.244.63 C:\Program Files\Dealio\kb126\rules\rules.1.245.43 C:\Program Files\Dealio\kb126\rules\rules.1.247.43 C:\Program Files\Dealio\kb126\rules\rules.1.248.43 C:\Program Files\Dealio\kb126\rules\rules.1.249.43 C:\Program Files\Dealio\kb126\rules\rules.1.250.43 C:\Program Files\Dealio\kb126\rules\rules.1.251.43 C:\Program Files\Dealio\kb126\rules\rules.1.252.43 C:\Program Files\Dealio\kb126\rules\rules.1.253.43 C:\Program Files\Dealio\kb126\rules\rules.1.254.43 C:\Program Files\Dealio\kb126\rules\rules.1.255.43 C:\Program Files\Dealio\kb126\rules\rules.1.256.43 C:\Program Files\Dealio\kb126\rules\rules.1.257.43 C:\Program Files\Dealio\kb126\rules\rules.1.279.43 C:\Program Files\Dealio\kb126\rules\rules.1.28.58 C:\Program Files\Dealio\kb126\rules\rules.1.282.75 C:\Program Files\Dealio\kb126\rules\rules.1.283.43 C:\Program Files\Dealio\kb126\rules\rules.1.284.43 C:\Program Files\Dealio\kb126\rules\rules.1.289.67 C:\Program Files\Dealio\kb126\rules\rules.1.290.62 C:\Program Files\Dealio\kb126\rules\rules.1.291.61 C:\Program Files\Dealio\kb126\rules\rules.1.296.43 C:\Program Files\Dealio\kb126\rules\rules.1.297.43 C:\Program Files\Dealio\kb126\rules\rules.1.304.43 C:\Program Files\Dealio\kb126\rules\rules.1.307.43 C:\Program Files\Dealio\kb126\rules\rules.1.308.75 C:\Program Files\Dealio\kb126\rules\rules.1.31.47 C:\Program Files\Dealio\kb126\rules\rules.1.310.46 C:\Program Files\Dealio\kb126\rules\rules.1.311.43 C:\Program Files\Dealio\kb126\rules\rules.1.315.43 C:\Program Files\Dealio\kb126\rules\rules.1.316.43 C:\Program Files\Dealio\kb126\rules\rules.1.317.43 C:\Program Files\Dealio\kb126\rules\rules.1.318.43 C:\Program Files\Dealio\kb126\rules\rules.1.319.49 C:\Program Files\Dealio\kb126\rules\rules.1.32.48 C:\Program Files\Dealio\kb126\rules\rules.1.334.44 C:\Program Files\Dealio\kb126\rules\rules.1.335.60 C:\Program Files\Dealio\kb126\rules\rules.1.336.44 C:\Program Files\Dealio\kb126\rules\rules.1.337.44 C:\Program Files\Dealio\kb126\rules\rules.1.338.75 C:\Program Files\Dealio\kb126\rules\rules.1.339.47 C:\Program Files\Dealio\kb126\rules\rules.1.34.43 C:\Program Files\Dealio\kb126\rules\rules.1.340.47 C:\Program Files\Dealio\kb126\rules\rules.1.341.47 C:\Program Files\Dealio\kb126\rules\rules.1.349.50 C:\Program Files\Dealio\kb126\rules\rules.1.35.48 C:\Program Files\Dealio\kb126\rules\rules.1.350.50 C:\Program Files\Dealio\kb126\rules\rules.1.351.51 C:\Program Files\Dealio\kb126\rules\rules.1.352.54 C:\Program Files\Dealio\kb126\rules\rules.1.353.51 C:\Program Files\Dealio\kb126\rules\rules.1.354.51 C:\Program Files\Dealio\kb126\rules\rules.1.357.62 C:\Program Files\Dealio\kb126\rules\rules.1.358.52 C:\Program Files\Dealio\kb126\rules\rules.1.359.52 C:\Program Files\Dealio\kb126\rules\rules.1.360.53 C:\Program Files\Dealio\kb126\rules\rules.1.361.54 C:\Program Files\Dealio\kb126\rules\rules.1.362.68 C:\Program Files\Dealio\kb126\rules\rules.1.363.58 C:\Program Files\Dealio\kb126\rules\rules.1.364.54 C:\Program Files\Dealio\kb126\rules\rules.1.365.53 C:\Program Files\Dealio\kb126\rules\rules.1.367.56 C:\Program Files\Dealio\kb126\rules\rules.1.368.58 C:\Program Files\Dealio\kb126\rules\rules.1.369.55 C:\Program Files\Dealio\kb126\rules\rules.1.370.56 C:\Program Files\Dealio\kb126\rules\rules.1.371.56 C:\Program Files\Dealio\kb126\rules\rules.1.372.57 C:\Program Files\Dealio\kb126\rules\rules.1.373.55 C:\Program Files\Dealio\kb126\rules\rules.1.375.56 C:\Program Files\Dealio\kb126\rules\rules.1.376.57 C:\Program Files\Dealio\kb126\rules\rules.1.377.55 C:\Program Files\Dealio\kb126\rules\rules.1.378.65 C:\Program Files\Dealio\kb126\rules\rules.1.384.58 C:\Program Files\Dealio\kb126\rules\rules.1.386.71 C:\Program Files\Dealio\kb126\rules\rules.1.387.59 C:\Program Files\Dealio\kb126\rules\rules.1.388.59 C:\Program Files\Dealio\kb126\rules\rules.1.389.59 C:\Program Files\Dealio\kb126\rules\rules.1.390.60 C:\Program Files\Dealio\kb126\rules\rules.1.391.60 C:\Program Files\Dealio\kb126\rules\rules.1.392.60 C:\Program Files\Dealio\kb126\rules\rules.1.393.60 C:\Program Files\Dealio\kb126\rules\rules.1.394.60 C:\Program Files\Dealio\kb126\rules\rules.1.396.61 C:\Program Files\Dealio\kb126\rules\rules.1.397.61 C:\Program Files\Dealio\kb126\rules\rules.1.398.60 C:\Program Files\Dealio\kb126\rules\rules.1.399.60 C:\Program Files\Dealio\kb126\rules\rules.1.403.61 C:\Program Files\Dealio\kb126\rules\rules.1.404.63 C:\Program Files\Dealio\kb126\rules\rules.1.405.61 C:\Program Files\Dealio\kb126\rules\rules.1.406.61 C:\Program Files\Dealio\kb126\rules\rules.1.407.76 C:\Program Files\Dealio\kb126\rules\rules.1.408.63 C:\Program Files\Dealio\kb126\rules\rules.1.409.61 C:\Program Files\Dealio\kb126\rules\rules.1.412.62 C:\Program Files\Dealio\kb126\rules\rules.1.413.62 C:\Program Files\Dealio\kb126\rules\rules.1.414.62 C:\Program Files\Dealio\kb126\rules\rules.1.415.62 C:\Program Files\Dealio\kb126\rules\rules.1.416.62 C:\Program Files\Dealio\kb126\rules\rules.1.417.62 C:\Program Files\Dealio\kb126\rules\rules.1.418.62 C:\Program Files\Dealio\kb126\rules\rules.1.419.62 C:\Program Files\Dealio\kb126\rules\rules.1.420.62 C:\Program Files\Dealio\kb126\rules\rules.1.421.62 C:\Program Files\Dealio\kb126\rules\rules.1.423.63 C:\Program Files\Dealio\kb126\rules\rules.1.424.63 C:\Program Files\Dealio\kb126\rules\rules.1.425.63 C:\Program Files\Dealio\kb126\rules\rules.1.426.63 C:\Program Files\Dealio\kb126\rules\rules.1.427.63 C:\Program Files\Dealio\kb126\rules\rules.1.428.65 C:\Program Files\Dealio\kb126\rules\rules.1.429.63 C:\Program Files\Dealio\kb126\rules\rules.1.430.63 C:\Program Files\Dealio\kb126\rules\rules.1.432.65 C:\Program Files\Dealio\kb126\rules\rules.1.433.64 C:\Program Files\Dealio\kb126\rules\rules.1.434.65 C:\Program Files\Dealio\kb126\rules\rules.1.435.64 C:\Program Files\Dealio\kb126\rules\rules.1.436.76 C:\Program Files\Dealio\kb126\rules\rules.1.437.64 C:\Program Files\Dealio\kb126\rules\rules.1.438.71 C:\Program Files\Dealio\kb126\rules\rules.1.439.71 C:\Program Files\Dealio\kb126\rules\rules.1.440.75 C:\Program Files\Dealio\kb126\rules\rules.1.442.73 C:\Program Files\Dealio\kb126\rules\rules.1.443.73 C:\Program Files\Dealio\kb126\rules\rules.1.444.73 C:\Program Files\Dealio\kb126\rules\rules.1.445.68 C:\Program Files\Dealio\kb126\rules\rules.1.446.69 C:\Program Files\Dealio\kb126\rules\rules.1.450.67 C:\Program Files\Dealio\kb126\rules\rules.1.451.67 C:\Program Files\Dealio\kb126\rules\rules.1.452.68 C:\Program Files\Dealio\kb126\rules\rules.1.453.68 C:\Program Files\Dealio\kb126\rules\rules.1.454.69 C:\Program Files\Dealio\kb126\rules\rules.1.456.69 C:\Program Files\Dealio\kb126\rules\rules.1.457.75 C:\Program Files\Dealio\kb126\rules\rules.1.458.70 C:\Program Files\Dealio\kb126\rules\rules.1.459.70 C:\Program Files\Dealio\kb126\rules\rules.1.460.69 C:\Program Files\Dealio\kb126\rules\rules.1.462.74 C:\Program Files\Dealio\kb126\rules\rules.1.463.69 C:\Program Files\Dealio\kb126\rules\rules.1.464.70 C:\Program Files\Dealio\kb126\rules\rules.1.465.68 C:\Program Files\Dealio\kb126\rules\rules.1.468.70 C:\Program Files\Dealio\kb126\rules\rules.1.469.70 C:\Program Files\Dealio\kb126\rules\rules.1.470.70 C:\Program Files\Dealio\kb126\rules\rules.1.471.73 C:\Program Files\Dealio\kb126\rules\rules.1.472.70 C:\Program Files\Dealio\kb126\rules\rules.1.478.74 C:\Program Files\Dealio\kb126\rules\rules.1.479.73 C:\Program Files\Dealio\kb126\rules\rules.1.480.68 C:\Program Files\Dealio\kb126\rules\rules.1.481.71 C:\Program Files\Dealio\kb126\rules\rules.1.482.74 C:\Program Files\Dealio\kb126\rules\rules.1.49.67 C:\Program Files\Dealio\kb126\rules\rules.1.50.43 C:\Program Files\Dealio\kb126\rules\rules.1.500.71 C:\Program Files\Dealio\kb126\rules\rules.1.501.74 C:\Program Files\Dealio\kb126\rules\rules.1.502.71 C:\Program Files\Dealio\kb126\rules\rules.1.51.69 C:\Program Files\Dealio\kb126\rules\rules.1.52.72 C:\Program Files\Dealio\kb126\rules\rules.1.520.76 C:\Program Files\Dealio\kb126\rules\rules.1.521.76 C:\Program Files\Dealio\kb126\rules\rules.1.522.76 C:\Program Files\Dealio\kb126\rules\rules.1.53.51 C:\Program Files\Dealio\kb126\rules\rules.1.531.76 C:\Program Files\Dealio\kb126\rules\rules.1.532.75 C:\Program Files\Dealio\kb126\rules\rules.1.534.75 C:\Program Files\Dealio\kb126\rules\rules.1.54.47 C:\Program Files\Dealio\kb126\rules\rules.1.55.45 C:\Program Files\Dealio\kb126\rules\rules.1.56.69 C:\Program Files\Dealio\kb126\rules\rules.1.57.43 C:\Program Files\Dealio\kb126\rules\rules.1.58.47 C:\Program Files\Dealio\kb126\rules\rules.1.593.76 C:\Program Files\Dealio\kb126\rules\rules.1.595.76 C:\Program Files\Dealio\kb126\rules\rules.1.63.57 C:\Program Files\Dealio\kb126\rules\rules.1.66.47 C:\Program Files\Dealio\kb126\rules\rules.1.70.75 C:\Program Files\Dealio\kb126\rules\rules.1.71.43 C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf C:\DOCUME~1\martinez\APPLIC~1\Search Settings C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126 C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\res C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\temp C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\temp\ws-14291.log C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\temp\ws-14292.log C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\temp\ws-14293.log C:\DOCUME~1\martinez\APPLIC~1\Search Settings\kb126\temp\ws-14294.log C:\Program Files\Search Settings C:\Program Files\Search Settings\kb126 C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Search Settings\kb126\res C:\Program Files\Search Settings\kb126\SearchSettings.dll C:\Program Files\Search Settings\kb126\temp C:\DOCUME~1\martinez\Favoris\dvdrip french avi torrent search.url -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.google.com" "SearchMigratedDefaultURL"="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7" "Search Bar"="http://search.ke.voila.fr/S/voila?kw=" "Start Page"="http://www.google.fr/" "Url"="http://go.microsoft.com/fwlink/?LinkID=68928" "Url"="http://go.microsoft.com/fwlink/?LinkID=44406" "Url"="http://go.microsoft.com/fwlink/?LinkID=68929" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== 1 - "C:\ToolBar SD\TB_1.txt" - 20/02/2009|10:24 - Option : [1] -----------\\ Fin du rapport a 10:24:09,59

voici le résultat :========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\WINDOWS\system32\kavo.exe not found. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\kava deleted successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF1721.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF3CF8.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF3D0C.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF9345.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF9399.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_628.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02202009_001606 Files moved on Reboot... C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF1721.tmp moved successfully. File C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF3CF8.tmp not found! File C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF3D0C.tmp not found! File C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF9345.tmp not found! File C:\DOCUME~1\martinez\LOCALS~1\Temp\~DF9399.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot. File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. C:\WINDOWS\temp\Perflib_Perfdata_628.dat moved successfully.

merci et encore désolée pour mes bêtises ! voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:21:20, on 19/02/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Controle Parental\bin\optproxy.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\TF1Vision\TF1vision.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Orange\Launcher\Launcher.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\pointsoft\lanceur.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\Program Files\Orange\systray\systrayapp.exe C:\Program Files\Orange\connectivity\connectivitymanager.exe C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\martinez\LOCALS~1\Temp\Répertoire temporaire 4 pour HiJackThis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SOS Connexion - Le web en toute simplicité R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKCU\..\Run: [uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\martinez\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\martinez\Application Data\Dealio\kb126\res\DealioSearch.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://*.mappy.com O15 - Trusted Zone: http://*.orange.fr O15 - Trusted Zone: http://rw.search.ke.voila.fr O15 - Trusted Zone: http://orange.weborama.fr O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...AdSignerADP.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE -- End of file - 14075 bytes