Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Virus trojan swizzor.2

Dernière réponse le 4 déc 2008 à 12:15:02 fanny84, le 4 déc 2008 à 09:12:55

Signaler ce message aux modérateurs

Bonjour,
Bonjour,
bonjour,
depuis qq jours mon pc rame...
suite à l'analyse par bitdefender, le trojan swizzor a été detecté et mis en quarantaine... impossible de le supprimer
le sav de btidefender m'a conseillé toute uen procédure qui n'a rien donné...
depuis hier impossible de me connecter à msn...
merci d'avance pour l'aide apportée

voici le rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:02:07, on 04/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\Pelmiced.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\SILJA\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

Configuration: Windows XP
Firefox 3.0.4

Meilleures réponses pour « virus trojan swizzor.2 » dans :

Virus ->virus downloader.swizzor.2.aq Voir

!!!!!!!! Virus Trojan.Swizzor.WB !!!!!!!! Voir

Trojan Swizzor.2.AQ+Trojan BackDoor.Agent.2.H Voir

Infecté par 2 virus : Trojan-Downloader-Zlob (Résolu) Voir

Infecté par Trojan.Zlob.2.Gen Voir

Trojan horse downloader.swizzor.2.AQ Voir

Hello ! Petite intrusion ( scuze me ) ;-P Tu es infecté a cause Lire la suite

Posez votre question Répondre

00julien00, le 4 déc 2008 à 09:15:25

Tu a tester un autre anti-virus ??? Avec Windows 3.1, on était au bord du précipice.Avec Windows 95, on a fait un grand pas en avant...

Répondre à 00julien00

Feelgood1, le 4 déc 2008 à 09:21:17

Bonjour, jamais plusieurs antivirus sur 1 pc, sinon risque de conflits... Il ne faut en garder qu'un seul... Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

00julien00, le 4 déc 2008 à 09:22:51

Oui déjà que la plupart ne sont pas efficaces seule....XD Avec Windows 3.1, on était au bord du précipice.Avec Windows 95, on a fait un grand pas en avant...

Répondre à 00julien00

fanny84, le 4 déc 2008 à 09:37:18

Merci pour la rapidité!

hier j'ai scanné avec avast qui n'a rien trouvé...
là je viens de faire un "runscanner"
voici les rapports

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

000 General info
----------------
Computer name : LENOVO-8458107C
Creation time : 04/12/2008 09:28:27
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.11
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.6.1.0
User Language : Français (France)
User rights : Administrator
Windows folder : C:\WINDOWS

001 Running processes
---------------------
* c:\program files\windows media player\wmpnscfg.exe (Microsoft Corporation)
* c:\windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\system32\alg.exe (Microsoft Corporation)
* c:\windows\system32\services.exe (Microsoft Corporation)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
* c:\program files\alwil software\avast4\ashserv.exe (ALWIL Software)
* c:\program files\alwil software\avast4\aswupdsv.exe (ALWIL Software)
* c:\progra~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
* c:\program files\microsoft small business\business contact manager\bcmsqlstartupsvc.exe (Microsoft Corporation)
c:\program files\bitdefender\bitdefender 2009\bdagent.exe (BitDefender S.R.L.)
c:\program files\bitdefender\bitdefender 2009\seccenter.exe
c:\program files\bitdefender\bitdefender 2009\vsserv.exe (BitDefender S. R. L.)
c:\program files\fichiers communs\bitdefender\bitdefender update service\livesrv.exe (BitDefender SRL)
* c:\windows\system32\notepad.exe (Microsoft Corporation)
c:\program files\ati technologies\ati.ace\core-static\mom.exe (ATI Technologies Inc.)
c:\program files\ati technologies\ati.ace\core-static\ccc.exe (ATI Technologies Inc.)
c:\program files\ati technologies\ati.ace\core-static\ccc.exe (ATI Technologies Inc.)
* c:\windows\system32\csrss.exe (Microsoft Corporation)
* c:\program files\lenovo\client security solution\cssauth.exe (Lenovo Group Limited)
* c:\windows\system32\ctfmon.exe (Microsoft Corporation)
c:\program files\diskeeper corporation\diskeeper\dkicon.exe (Diskeeper Corporation)
c:\program files\diskeeper corporation\diskeeper\dkservice.exe (Diskeeper Corporation)
c:\windows\system32\dla\dlactrlw.exe (Sonic Solutions)
* c:\windows\explorer.exe (Microsoft Corporation)
* c:\program files\mozilla firefox\firefox.exe (Mozilla Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\smss.exe (Microsoft Corporation)
* c:\documents and settings\silja\bureau\hijackthis.exe (Trend Micro Inc.)
c:\program files\fichiers communs\installshield\updateservice\issch.exe (InstallShield Software Corporation)
* c:\windows\system32\ipssvc.exe (Lenovo Group Limited)
c:\program files\lenovo\rescue and recovery\adm\iuservice.exe
* c:\program files\java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
* c:\program files\fichiers communs\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe (Symantec Corporation)
* c:\program files\fichiers communs\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe (Symantec Corporation)
c:\program files\fichiers communs\lenovo\logger\logmon.exe
* c:\windows\system32\lsass.exe (Microsoft Corporation)
* c:\program files\lenovo\awaytask\awaysch.exe (Lenovo Group Limited)
* c:\program files\thinkvantage\amsg\amsg.exe (LENOVO)
* c:\windows\vvx1000.exe (Microsoft Corporation)
* c:\windows\system32\pelmiced.exe (Primax Electronics Ltd.)
c:\windows\system32\ico.exe (Primax Electronics Ltd.)
* c:\program files\mozilla thunderbird\thunderbird.exe (Mozilla Corporation)
* c:\program files\microsoft lifecam\mscams32.exe (Microsoft Corporation)
* c:\program files\fichiers communs\real\update_ob\realsched.exe (RealNetworks, Inc.)
* c:\windows\rthdcpl.exe (Realtek Semiconductor Corp.)
* c:\program files\fichiers communs\intervideo\regmgr\iviregmgr.exe (InterVideo)
c:\program files\lenovo\rescue and recovery\rrservice.exe (Lenovo Group Limited)
c:\program files\lenovo\rescue and recovery\rrpservice.exe
* c:\documents and settings\silja\bureau\runscanner1-6.exe (Runscanner.net)
c:\program files\fichiers communs\lenovo\scheduler\scheduler_proxy.exe (Lenovo Group Limited)
* c:\program files\search settings\searchsettings.exe (Vendio Services, Inc.)
* c:\windows\system32\fxssvc.exe (Microsoft Corporation)
* c:\program files\windows media player\wmpnetwk.exe (Microsoft Corporation)
* c:\windows\system32\spoolsv.exe (Microsoft Corporation)
* c:\program files\microsoft sql server\90\shared\sqlbrowser.exe (Microsoft Corporation)
* c:\program files\microsoft sql server\90\shared\sqlwriter.exe (Microsoft Corporation)
* c:\windows\system32\fsrremos.exe
* c:\progra~1\thinkv~1\prdctr\lpmgr.exe (Lenovo Group Limited)
* c:\program files\fichiers communs\lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
c:\program files\fichiers communs\lenovo\scheduler\tvtsched.exe (Lenovo Group Limited)
c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited)
* c:\program files\lenovo\client security solution\tvttcsd.exe (IBM)
* c:\windows\system32\wuauclt.exe (Microsoft Corporation)
* c:\windows\system32\wuauclt.exe (Microsoft Corporation)

002 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
-----------------------------------------------------------------
* c:\program files\thinkvantage\amsg\amsg.exe (LENOVO)
* c:\program files\dealio\dealioau.exe (Vendio Services, Inc.)
* c:\progra~1\alwils~1\avast4\ashdisp.exe (ALWIL Software)
* c:\program files\lenovo\awaytask\awaysch.exe (Lenovo Group Limited)
c:\program files\bitdefender\bitdefender 2009\bdagent.exe (BitDefender S.R.L.)
c:\program files\bitdefender\bitdefender 2009\ieshow.exe (BitDefender)
* c:\program files\lenovo\client security solution\cssauth.exe (Lenovo Group Limited)
c:\program files\diskeeper corporation\diskeeper\dkicon.exe (Diskeeper Corporation)
c:\windows\system32\dla\dlactrlw.exe (Sonic Solutions)
c:\progra~1\fichie~1\instal~1\update~1\isuspm.exe (InstallShield Software Corporation)
c:\program files\fichiers communs\installshield\updateservice\issch.exe (InstallShield Software Corporation)
* c:\progra~1\thinkv~1\prdctr\lpmgr.exe (Lenovo Group Limited)
C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
* c:\program files\search settings\searchsettings.exe (Vendio Services, Inc.)
c:\program files\ati technologies\ati.ace\core-static\clistart.exe
* c:\program files\fichiers communs\real\update_ob\realsched.exe (RealNetworks, Inc.)
c:\program files\fichiers communs\lenovo\scheduler\scheduler_proxy.exe (Lenovo Group Limited)

004 C:\Documents and Settings\SILJA\Menu Démarrer\Programmes\Démarrage
----------------------------------------------------------------------
c:\progra~1\atitec~1\ati.ace\core-s~1\ccc.exe (ATI Technologies Inc.)

010 HKLM\SYSTEM\CurrentControlSet\Services (Services)
-----------------------------------------------------
* c:\program files\alwil software\avast4\ashserv.exe (avast! Antivirus)
* c:\program files\alwil software\avast4\aswupdsv.exe (avast! iAVS4 Control Service)
* c:\program files\alwil software\avast4\ashmaisv.exe (avast! Mail Scanner)
* c:\program files\alwil software\avast4\ashwebsv.exe (avast! Web Scanner)
c:\program files\fichiers communs\bitdefender\bitdefender arrakis server\bin\arrakis3.exe (BitDefender Arrakis Server)
c:\program files\fichiers communs\bitdefender\bitdefender update service\livesrv.exe (BitDefender Desktop Update Service)
c:\program files\bitdefender\bitdefender 2009\vsserv.exe (BitDefender Virus Shield)
c:\program files\diskeeper corporation\diskeeper\dkservice.exe (Diskeeper)
c:\program files\fichiers communs\installshield\driver\1150\intel 32\idrivert.exe (InstallDriver Table Manager)
* c:\program files\fichiers communs\intervideo\regmgr\iviregmgr.exe (IviRegMgr)
- c:\program files\fichiers communs\symantec shared\ccsvchst.exe (LiveUpdate Notice Service Ex)
* C:\WINDOWS\system32\ipssvc.exe (Service de base IPS)
c:\program files\lenovo\system update\suservice.exe (System Update)
* c:\program files\fichiers communs\lenovo\tvt_reg_monitor_svc.exe (ThinkVantage Registry Monitor Service)
* c:\program files\lenovo\client security solution\tvttcsd.exe (TSS Core Service)
c:\program files\lenovo\rescue and recovery\rrpservice.exe (TVT Backup Protection Service)
c:\program files\lenovo\rescue and recovery\rrservice.exe (TVT Backup Service)
c:\program files\fichiers communs\lenovo\scheduler\tvtsched.exe (TVT Scheduler)
c:\program files\lenovo\rescue and recovery\adm\iuservice.exe (tvtnetwk)

011 HKLM\SYSTEM\CurrentControlSet\Services (drivers)
----------------------------------------------------
* C:\WINDOWS\system32\drivers\aswfsblk.sys (aswFsBlk)
* c:\windows\system32\drivers\aswrdr.sys (aswRdr)
* c:\windows\system32\drivers\aavmker4.sys (avast! Asynchronous Virus Monitor)
* c:\windows\system32\drivers\aswtdi.sys (avast! Network Shield Support)
* c:\windows\system32\drivers\aswsp.sys (avast! Self Protection)
* c:\windows\system32\drivers\aswmon2.sys (avast! Standard Shield Support)
* C:\WINDOWS\system32\drivers\bdfm.sys (BDFM)
* C:\WINDOWS\system32\drivers\bdfsfltr.sys (bdfsfltr)
* c:\program files\fichiers communs\bitdefender\bitdefender firewall\bdftdif.sys (bdftdif)
c:\program files\bitdefender\bitdefender 2009\bdselfpr.sys (BDSelfPr)
* c:\program files\bitdefender\bitdefender 2009\bdvedisk.sys (BDVEDISK)
* C:\WINDOWS\system32\drivers\bdfndisf.sys (BitDefender Firewall NDIS Filter Service)
- c:\combofix\catchme.sys (catchme)
- c:\windows\system32\drivers\changer.sys (Changer)
C:\WINDOWS\system32\dla\dlaboiom.sys (DLABOIOM)
C:\WINDOWS\system32\drivers\dlacdbhm.sys (DLACDBHM)
C:\WINDOWS\system32\dla\dladresn.sys (DLADResN)
C:\WINDOWS\system32\dla\dlaifs_m.sys (DLAIFS_M)
C:\WINDOWS\system32\dla\dlaopiom.sys (DLAOPIOM)
C:\WINDOWS\system32\dla\dlapoolm.sys (DLAPoolM)
C:\WINDOWS\system32\drivers\dlartl_n.sys (DLARTL_N)
C:\WINDOWS\system32\dla\dlaudf_m.sys (DLAUDF_M)
C:\WINDOWS\system32\dla\dlaudfam.sys (DLAUDFAM)
C:\WINDOWS\system32\drivers\drvmcdb.sys (DRVMCDB)
C:\WINDOWS\system32\drivers\drvnddm.sys (DRVNDDM)
- c:\windows\system32\drivers\adildr.sys (General Purpose USB Driver (adildr.sys))
C:\WINDOWS\system32\drivers\iviaspi.sys (IVI ASPI Shell)
- c:\windows\system32\drivers\lbrtfdc.sys (lbrtfdc)
- c:\windows\system32\drivers\pcidump.sys (PCIDump)
- c:\windows\system32\drivers\pdcomp.sys (PDCOMP)
- c:\windows\system32\drivers\pdframe.sys (PDFRAME)
- c:\windows\system32\drivers\pdreli.sys (PDRELI)
- c:\windows\system32\drivers\pdrframe.sys (PDRFRAME)
* C:\WINDOWS\system32\drivers\procdd.sys (Pilote de support IPS)
c:\windows\system32\drivers\pmemnt.sys (pmem)
c:\program files\fichiers communs\bitdefender\bitdefender threat scanner\profos.sys (Profos)
* C:\WINDOWS\system32\drivers\pxhelp20.sys (PxHelp20)
c:\program files\fichiers communs\bitdefender\bitdefender threat scanner\trufos.sys (Trufos)
- c:\windows\system32\drivers\adiusbaw.sys (USB ADSL WAN Adapter)
- c:\windows\system32\drivers\wdica.sys (WDICA)

030 HKLM\SOFTWARE\Classes\PROTOCOLS\Filter
------------------------------------------
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}

035 HKLM-HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components
------------------------------------------------------------------
c:\windows\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}

041 HKLM-HKCU\Software\Microsoft\Internet Explorer\Toolbar
----------------------------------------------------------
c:\program files\bitdefender\bitdefender 2009\ietoolbar.dll (Bitdefender) {381FFDE8-2394-4f90-B10D-FC6124A40F8C}

045 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
----------------------------------------------------------------
* c:\program files\dealio\kb127\dealio.dll (Vendio Services, Inc.) {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
c:\program files\epson\epson web-to-page\epson web-to-page.dll (SEIKO EPSON CORPORATION) {EE5D279F-081B-4404-994D-C6B60AAEBA6D}

052 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
----------------------------------------------------------------------------------
* c:\program files\dealio\kb127\dealio.dll (Vendio Services, Inc.) {6A87B991-A31F-4130-AE72-6D0C294BF082}
c:\windows\system32\dla\dlashx_w.dll (Sonic Solutions) {5CA3D70E-1895-11CF-8E15-001234567890}
c:\program files\epson\epson web-to-page\epson web-to-page.dll (SEIKO EPSON CORPORATION) {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}
* c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll (Lenovo Group Limited) {F040E541-A427-4CF7-85D8-75E3E0F476C5}
* c:\program files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer) {3049C3E9-B461-4BC5-8870-4C09146192CA}

061 HKLM-HCKU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
---------------------------------------------------------------------------------
* c:\program files\thinkvantage\sma\7z\7-zip.dll {23170F69-40C1-278A-1000-000100020000}
* c:\program files\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll {5E2121EE-0300-11D4-8D3B-444553540000}
c:\windows\system32\dla\dlashx_w.dll (Sonic Solutions) {5CA3D70E-1895-11CF-8E15-001234567890}
- deskpan.dll {42071714-76d4-11d1-8b24-00a0c9068ff3}
c:\windows\system32\mscoree.dll (Microsoft Corporation) {1D2680C9-0E2A-469d-B787-065558BC7D43}
* c:\program files\real\realplayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
c:\windows\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}

062 HKLM-HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
------------------------------------------------------------
c:\program files\bitdefender\bitdefender 2009\bdfvsctx.dll (BitDefender S.R.L.) {9E96C1F5-0EFA-4348-9460-15D6802C70AA}
c:\program files\fichiers communs\adobe\acrobat\activex\pdfshell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}

100 Internet Explorer settings
------------------------------
SearchUrl HKCU : http://home.microsoft.com/access/autosearch.asp?p=%s

104 HKLM\Software\Microsoft\Code Store Database\Distribution Units
------------------------------------------------------------------
GUID / CLSID not found {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
c:\program files\java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.) {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
GUID / CLSID not found CabBuilder

173 HKCR\*\shellex\ContextMenuHandlers
--------------------------------------
GUID / CLSID not found
* c:\program files\alwil software\avast4\ashshell.dll (ALWIL Software) {472083B0-C522-11CF-8763-00608CC02F24}
c:\program files\epson\creativity suite\easy photo print\eppshell.dll (SEIKO EPSON CORPORATION) {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78}
c:\program files\bitdefender\bitdefender 2009\bdshelxt.dll (BitDefender S.R.L)
c:\program files\bitdefender\bitdefender 2009\bdfvsctx.dll (BitDefender S.R.L.)

Répondre à fanny84

Feelgood1, le 4 déc 2008 à 09:55:49

http://www.avast.com/fre/avast-uninstall-utility.html >>> pour desinstaller avast proprement !

*Pour virer Norton proprement ici : http://www.commentcamarche.net/faq/sujet 2453 supprimer norton antivirus *Accompagné d'un nouveau rapport Hijackthis stp Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

jorginho67, le 4 déc 2008 à 10:10:08

Hello !

Petite intrusion ( scuze me ) ;-P

Tu es infecté a cause de certaines Toolbars que tu a installé lors de téléchargements de differentes applications.
Bien souvent, ces toolbars sont en fait des spywares.

Plusieurs barres d'outils peuvent ralentir l'ordinateur ou occasionner des plantages du navigateur.
Pour plus d'informations, voir l'article Les Toolbars, c'est pas obligatoire! ( Merci a Malekal )

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

Tutoriel d'install' et d'utilisation

Ø Lance l'installation du programme en exécutant le fichier téléchargé.
Ø Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Ø Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré qui se trouve ici => (C:\TB.txt)

@+

Fais de ta vie un rêve, et de ce rêve une réalité [ Saint Exupéry ]

Répondre à jorginho67

Feelgood1, le 4 déc 2008 à 10:28:16

Ok salut gorginho, j'avais vu l'infection Searchsettings, mais avant ne serait-il pas preferables de virer les antivirus en trop ? Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

jorginho67, le 4 déc 2008 à 10:41:15

Salut Beelgood1

Pourquoi pas... j'ai pas dis le contraire...;) @+

Fais de ta vie un rêve, et de ce rêve une réalité [ Saint Exupéry ]

Répondre à jorginho67

Feelgood1, le 4 déc 2008 à 10:48:02

Re, C'est juste " l'intrusion " qui aurait pu faire penser à ça, mais il n'y a pas de souci... C'est juste pour le " helpé ", j'ai peur qu'il ne sache plus par quoi commencer >>> donc je récapitule, virer antivirus et ensuite faire ce que Jorginho a proposé >>> Toolbar S & d, meme si j'aurais préféré un nouveau log hijackthis, afin d'etre sur pour l'antivirus ! Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

fanny84, le 4 déc 2008 à 11:09:19

Voilà le nouveau rapport
merci encore à vous tous
j'attends votre feu vert pour faire ce qu'à dit jorginho67

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:38, on 04/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\SILJA\Bureau\HiJackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Fichiers communs\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 12000 bytes

Répondre à fanny84

jorginho67, le 4 déc 2008 à 11:12:20

Tu peux y aller.

Je laisse la main a Feelgood @+

Fais de ta vie un rêve, et de ce rêve une réalité [ Saint Exupéry ]

Répondre à jorginho67

fanny84, le 4 déc 2008 à 11:22:55

Voilà le rapport de toolbar

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ )
BIOS : Lenovo BIOS Version: 2UKT052A.ROM V0.52A
USER : SILJA ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : Pare-feu BitDefender 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:186 Go)
D:\ (CD or DVD)
G:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 04/12/2008|11:20 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\SILJA\APPLIC~1\Dealio
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\alerts.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\alerts_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\chevron-small.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\DealioSearch.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\deal_report.jpg
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\err_toolbar.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\global_scripts.js
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\highlight-bg.png
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\logo.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\logo_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\man_toolbar.css
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\man_toolbar.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\man_toolbar.js
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\scripts.js
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\scroller.js
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\search-chevron.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\separator.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\settings.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\settings_over.gif
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\res\yahoo-search.png
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\index.76.35
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\dealio-14206.log
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\dod_cache.xml
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2016_2936_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2480_2980_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2776_1796_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2816_3052_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2824_3684_2.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2880_3316_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3208_3088_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3248_5328_1.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3396_3756_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_4632_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3736_3700_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3936_3176_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4076_3428_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4148_4204_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4456_2852_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4536_4564_1.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4668_4716_2.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5020_5060_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5240_4296_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5332_5368_2.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5472_1160_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5516_4868_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5532_5552_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_560_696_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5996_5808_2.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_608_3756_3.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_660_3568_2.html
C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_792_372_3.html
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43
C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\temp\ws-14214.log
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\temp\ws-14215.log
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\temp\ws-14216.log
C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127\temp\ws-14217.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb127\temp

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.google.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"First Home Page"="http://go.microsoft.com/fwlink/?LinkId=54843"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 04/12/2008|11:21 - Option : [1]

-----------\\ Fin du rapport a 11:21:43,48

Répondre à fanny84

Feelgood1, le 4 déc 2008 à 11:29:07

Ok, relances Toolbar S& D , choisis maintenant l'option 2 ( suppression)... * le menu et les icones du bureau disparaitront, c'est normal, laisses faire.... * Une fois la suppression terminé, un rapport s'ouvre, postes le accompagné d'un nouveau log Hijackthis... Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

fanny84, le 4 déc 2008 à 11:31:03

Ok merci

Répondre à fanny84

fanny84, le 4 déc 2008 à 11:36:39

Voilà toolbar

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ )
BIOS : Lenovo BIOS Version: 2UKT052A.ROM V0.52A
USER : SILJA ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : Pare-feu BitDefender 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:186 Go)
D:\ (CD or DVD)
G:\ (USB)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 04/12/2008|11:32 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\SILJA\APPLIC~1\Dealio\kb127
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\kb127
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
Supprime! - C:\DOCUME~1\SILJA\APPLIC~1\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\DOCUME~1\SILJA\APPLIC~1\Dealio
Supprime! - C:\Program Files\Dealio
Supprime! - C:\DOCUME~1\SILJA\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.google.com/"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"First Home Page"="http://go.microsoft.com/fwlink/?LinkId=54843"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 04/12/2008|11:21 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/12/2008|11:33 - Option : [2]

-----------\\ Fin du rapport a 11:33:45,79

et voilà hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:44, on 04/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\SILJA\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Fichiers communs\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 11430 bytes

Répondre à fanny84

Feelgood1, le 4 déc 2008 à 11:55:54

Telecharges Mbam ici : http://www.malwarebytes.org/mbam/program/mbam-setup.exe *Lances l'installation, à la fin le programme se met a jour automatiquement... * cliques sur "parametre" et coche la case " arreter internet explorer pendant la suppression * fermes tous les programmes et lances Mbam, cliques sur "recherche " et coche " executer un examen rapide" puis " rechercher"

* A la fin du scan, si des infections sont trouvées, clique sur " supprimer la selection"... postes le rapport mbam ici. Aller doucement, n'empeches pas d'arriver !

Répondre à Feelgood1

fanny84, le 4 déc 2008 à 12:15:02

Il n"y avait pas d'infections

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1459
Windows 5.1.2600 Service Pack 3

04/12/2008 12:13:17
mbam-log-2008-12-04 (12-13-17).txt

Type de recherche: Examen rapide
Eléments examinés: 55138
Temps écoulé: 3 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Répondre à fanny84

Posez votre question Répondre