Sujet Précédent Sujet Suivant

Problème messenger

Fermé
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009 - 18 févr. 2009 à 17:24
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 19 févr. 2009 à 19:17
Bonjour,

hier alors que j'étais sur messenger, j'ai reçu un message d'un de mes contacts où ca me disait qu'il avait des photos à me montrer. Il fallait cliquer sur un lien, ce que malheureusement j'ai fait. Il demandait d'installer quelque chose, ce que j'ai encore fais.

Depuis messenger est inutilisable. Dès que je vais dessus, au bout de 5 min, ca ferme toutes mes fenêtres et je n'ai plus la main. J'ai donc désinstaller messenger.

J'ai lancé un scan de mon ordi: ça a détecté 2 virus que j'ai supprimé. Mais maintenant dès que je lance internet, mon antivirus me retrouve à chaque fois 2 virus, tel que C:\aos.exe.

Merci de toute l'aide que vous pourrez m'apporter.

13 réponses

Réponse 1 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
18 févr. 2009 à 17:36
Salut,

Tu as infecté par un virus MSN.

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 2 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
18 févr. 2009 à 17:57
Logfile of random's system information tool 1.05 (written by random/random)
Run by emmanuelle paulin at 2009-02-18 17:56:35
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (3%) free of 54 GB
Total RAM: 1022 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:56:41, on 18/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\fxstaller.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\DOCUME~1\EMMANU~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\winlogon.exe
C:\WINDOWS\winlogon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Documents and Settings\emmanuelle paulin\Bureau\RSIT.exe
C:\Program Files\trend micro\HijackThis\emmanuelle paulin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://postarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run1
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
O4 - HKLM\..\Run: [Window UDP Control Servic] winlogon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\emmanuelle paulin\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
0
Réponse 3 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
18 févr. 2009 à 18:00
---> Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.
- Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
- Redémarre ton ordinateur en mode sans échec.

---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ta session.

---> Déroule la liste des instructions ci-dessous :
- Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
- Appuie sur Y pour commencer le processus de nettoyage.
- Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
- Appuie sur une touche pour redémarrer le PC.
- Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
- Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
- Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
- Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
- Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
0
Réponse 4 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
18 févr. 2009 à 18:30
[b]SDFix: Version 1.240 [/b]
Run by emmanuelle paulin on 18/02/2009 at 18:17

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\fxstaller.exe - Deleted
C:\WINDOWS\winlogon.exe - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-18 18:27:36
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sat 19 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
Sat 19 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMP3.dll"
Sat 19 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
Sat 19 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
Sat 19 Aug 2006 1,024 ...HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
Tue 30 Sep 2008 3,424,768 ...H. --- "C:\Documents and Settings\emmanuelle paulin\Mes documents\~WRL0002.tmp"
Fri 5 Dec 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\326d1a08fc685e3efad9e9a5b059ebfb\BIT5A5.tmp"
Fri 5 Dec 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5b6da8fb69b176ee583a3734e2af76e6\BIT5A8.tmp"
Wed 10 Dec 2008 464,896 A.SH. --- "C:\Documents and Settings\emmanuelle paulin\Mes documents\TP2\projet terrasement\~WRL0003.tmp"
Thu 21 Feb 2008 23,552 ...H. --- "C:\Documents and Settings\emmanuelle paulin\Mes documents\TP1\coursparis\~WRL0001.tmp"

[b]Finished![/b]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
18 févr. 2009 à 18:32
---> Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 6 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
18 févr. 2009 à 18:37
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL
USER : emmanuelle paulin ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:1 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:53 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 18/02/2009|18:37 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3048_2532_23.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2596_2480_28.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\dealio-14290.log
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2596_2992_31.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\dod_cache.xml
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_3144_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_3392_9.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_2960_18.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_1052_27.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_3044_55.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_4080_58.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3128_3668_49.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_808_1180_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_808_2608_6.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_808_1232_9.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1032_3780_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1032_1040_6.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1032_3708_12.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1032_1068_18.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3048_3420_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3048_3380_6.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3048_3096_9.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3048_1004_12.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3612_4056_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3612_3232_6.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3612_3200_12.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1948_2916_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1948_3276_6.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2596_2640_3.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2596_3716_12.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\alerts.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\global_scripts.js
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\logo.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\logo_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\scripts.js
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\scroller.js
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\separator.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\settings.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\settings_over.gif
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\index.76.35
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
C:\Program Files\Dealio
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43
C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\temp\ws-14239.log
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\temp\ws-14240.log
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\temp\ws-14241.log
C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127\temp\ws-14242.log

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.postarticles.net"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 18/02/2009|18:37 - Option : [1]

-----------\\ Fin du rapport a 18:37:33.04
0
Réponse 7 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
18 févr. 2009 à 18:41
---> Relance ToolBar S&D, fais l'option 2 et poste le rapport.
0
Réponse 8 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
18 févr. 2009 à 18:45
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL
USER : emmanuelle paulin ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:1 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:53 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 18/02/2009|18:44 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio\kb127
Supprime! - C:\Program Files\Dealio\kb127
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-0D71B01B.pf
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
Supprime! - C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings\kb127
Supprime! - C:\DOCUME~1\EMMANU~1\APPLIC~1\Dealio
Supprime! - C:\Program Files\Dealio
Supprime! - C:\DOCUME~1\EMMANU~1\APPLIC~1\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.postarticles.net"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 18/02/2009|18:37 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 18/02/2009|18:44 - Option : [2]

-----------\\ Fin du rapport a 18:44:46.95
0
Réponse 9 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
18 févr. 2009 à 18:52
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
Réponse 10 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
18 févr. 2009 à 19:06
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1775
Windows 5.1.2600 Service Pack 2

18/02/2009 19:05:25
mbam-log-2009-02-18 (19-05-25).txt

Type de recherche: Examen rapide
Eléments examinés: 84762
Temps écoulé: 6 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Window UDP Control Servic (Backdoor.Bot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://www.postarticles.net) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 11 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
19 févr. 2009 à 05:01
---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Puis fais ceci :

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 12 / 13
emmanuelle94 Messages postés 10 Date d'inscription mercredi 18 février 2009 Statut Membre Dernière intervention 15 décembre 2009
19 févr. 2009 à 07:59
Logfile of random's system information tool 1.05 (written by random/random)
Run by emmanuelle paulin at 2009-02-19 07:56:58
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (3%) free of 54 GB
Total RAM: 1022 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:56:59, on 19/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\DOCUME~1\EMMANU~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\emmanuelle paulin\Bureau\RSIT(2).exe
C:\Program Files\trend micro\HijackThis\emmanuelle paulin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /normal-run1
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
0
Réponse 13 / 13
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 295
19 févr. 2009 à 19:17
L'auteur d'UsbFix ayant retiré son programme (UsbFix), je prends la responsabilité de te le faire utiliser. Merci aux autres de ne pas utiliser le lien de téléchargement donné.

--> Télécharge UsbFix sur ton Bureau.

--> Lance l'installation avec les paramètres par défaut.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

--> Double-clique sur le raccourci UsbFix sur ton Bureau.

--> Choisis l'option 1 (Nettoyage).

--> Le PC va redémarrer.

--> Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
0

Discussions similaires

Que signifie "Utilisateur de Facebook" ?
Jitgie -
Utilisateur anonyme -

13 réponses
Mettre Facebook Messenger en français
bleumarine2009 -
lauredine61 -

1 réponse
Échec d’envoie message messenger
Kris68 -
Colibri -

2 réponses
On me voit connecté sur facebook alors que je n'y suis pas
MrTheMolode -
lily -

5 réponses
Impossible de "retirer"mes messages sur Messenger
Sab -
Sab -

8 réponses