didouille05

Membres

Afficher le profil Afficher son activité

Compteur de contenus
61
Inscription
le 23 novembre 2008
Dernière visite
le 27 avril 2011

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par didouille05

mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

merci pour le nétoyage mais mon problème n'est pas résolu :'( j'ai le fichier Iastor qui a disparu, du coup pour démarer mon pc normalement il faut que quand je l'allume je reste devant pour pouvoir mettre le choix me connecter sur windows sinon il fait une recherche et trouve que le fichier iastor a disparu et me met un écran tout bleu ma protection windows me dit que antivir est périmé (je viens juste de l'intaller et j'ai redémaré mon ordi) et j'ai ausssi un message d'erreur qui s'affiche quand j'arrive sur mon bureau quand j'allume mon ordi
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

Logfile of random's system information tool 1.04 (written by random/random) Run by Propriétaire at 2008-11-26 21:24:04 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 108 GB (57%) free of 191 GB Total RAM: 511 MB (44% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:24:13, on 26/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 9099 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe:*:Enabled:eMule" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" ""="" "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Media" "C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "X:\Codemasters\Insane\Game.exe"="X:\Codemasters\Insane\Game.exe:*:Disabled:Game.exe" "X:\Games\Supreme\Supreme.exe"="X:\Games\Supreme\Supreme.exe:*:Disabled:Supreme.exe" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{296641ea-d4e6-11dc-80b4-0060b3e764c5}] shell\Auto\command - cmd /C launch.bat shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat ======List of files/folders created in the last 1 months====== 2008-11-26 20:24:09 ----A---- C:\TB.txt 2008-11-26 20:23:04 ----D---- C:\ToolBar SD 2008-11-25 22:34:00 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes 2008-11-25 22:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-11-25 22:33:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-11-25 10:43:32 ----A---- C:\cleannavi.txt 2008-11-24 23:11:36 ----A---- C:\fixnavi.txt 2008-11-24 22:02:23 ----D---- C:\Program Files\Navilog1 2008-11-23 17:25:13 ----D---- C:\Program Files\trend micro 2008-11-23 17:25:03 ----D---- C:\rsit 2008-11-22 22:26:46 ----D---- C:\Documents and Settings\Propriétaire\Application Data\CVitae 2008-11-21 22:54:24 ----SHD---- C:\Config.Msi 2008-11-12 17:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-11-12 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-11-08 13:41:44 ----A---- C:\memory.txt 2008-11-08 13:16:13 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-11-08 12:07:23 ----A---- C:\WINDOWS\system32\IYVU9_32.DLL 2008-11-08 12:07:22 ----A---- C:\WINDOWS\system32\IACENC.DLL 2008-11-06 17:47:32 ----D---- C:\Temp 2008-11-05 22:47:16 ----D---- C:\Program Files\AIDA32 - Personal System Information 2008-11-05 19:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli 2008-11-05 19:06:45 ----D---- C:\Remote Programs 2008-11-05 19:06:28 ----N---- C:\WINDOWS\ExentInfo.exe 2008-11-05 19:06:20 ----D---- C:\Program Files\Player Metaboli 2008-11-02 21:24:29 ----D---- C:\Program Files\Oberon Media 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs\Oberon Media ======List of files/folders modified in the last 1 months====== 2008-11-26 21:19:03 ----RD---- C:\Program Files 2008-11-26 21:18:16 ----D---- C:\WINDOWS\Prefetch 2008-11-26 20:25:51 ----D---- C:\WINDOWS\Temp 2008-11-26 19:04:34 ----D---- C:\Program Files\eMule 2008-11-26 13:12:51 ----D---- C:\Program Files\Wanadoo 2008-11-26 11:18:31 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-26 09:24:52 ----D---- C:\WINDOWS\system32\drivers 2008-11-25 23:54:29 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-25 22:04:41 ----A---- C:\WINDOWS\NeroDigital.ini 2008-11-25 10:47:10 ----D---- C:\WINDOWS\system32 2008-11-25 10:46:11 ----D---- C:\WINDOWS 2008-11-23 15:00:15 ----D---- C:\Program Files\CONEXANT 2008-11-21 22:59:31 ----SHD---- C:\WINDOWS\Installer 2008-11-21 22:56:07 ----D---- C:\Program Files\Windows Live 2008-11-21 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-11-21 22:52:22 ----RSD---- C:\WINDOWS\assembly 2008-11-19 10:51:20 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-11-19 10:22:21 ----HD---- C:\WINDOWS\inf 2008-11-19 10:22:21 ----D---- C:\WINDOWS\Help 2008-11-18 15:19:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent 2008-11-12 17:01:24 ----HD---- C:\WINDOWS\$hf_mig$ 2008-11-12 17:01:22 ----A---- C:\WINDOWS\imsins.BAK 2008-11-12 17:00:32 ----D---- C:\WINDOWS\WinSxS 2008-11-07 13:53:59 ----D---- C:\WINDOWS\Microsoft.NET 2008-11-07 12:55:36 ----D---- C:\WINDOWS\system32\DirectX 2008-11-05 19:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-11-05 19:06:20 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe 2008-11-02 22:02:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-11-02 21:24:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970] R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632] R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808] R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664] S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880] S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-07 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF-----------------
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

rapport TOOLBAR S&D après suppression : -----------\\ ToolBar S&D 1.2.5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 3.06GHz ) BIOS : BIOS Date: 07/11/05 10:45:41 Ver: 08.00.10 USER : Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081126-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total:186 Go (Free:105 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (Local Disk) - NTFS - Total:465 Go (Free:329 Go) "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 ) Option : [2] ( 26/11/2008|21:16 ) -----------\\ SUPPRESSION Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127 Supprime! - C:\Program Files\Dealio\DealioAU.exe Supprime! - C:\Program Files\Dealio\kb127 Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio Supprime! - C:\Program Files\GamesBar\oberontb.dll Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127 Supprime! - C:\Program Files\Search Settings\kb127 Supprime! - C:\Program Files\Search Settings\SearchSettings.exe Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio Supprime! - C:\Program Files\Dealio Supprime! - C:\Program Files\GamesBar Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings Supprime! - C:\Program Files\Search Settings -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Zuma Deluxe + Crack.zip.torrent C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Zuma Deluxe + Crack.zip C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack.zip C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack\Jewel Quest Solitaire crack.txt 1 - "C:\ToolBar SD\TB_1.txt" - 26/11/2008|20:32 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|21:20 - Option : [2] -----------\\ Fin du rapport a 21:20:10,26
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

je viens de faire toutes les manipulations, voila le résultat : -----------\\ ToolBar S&D 1.2.5 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 3.06GHz ) BIOS : BIOS Date: 07/11/05 10:45:41 Ver: 08.00.10 USER : Propriétaire ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 081126-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total:186 Go (Free:105 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (Local Disk) - NTFS - Total:465 Go (Free:329 Go) "C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 ) Option : [1] ( 26/11/2008|20:24 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\global_scripts.js C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scripts.js C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scroller.js C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\separator.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings_over.gif C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\index.76.35 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14207.log C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dod_cache.xml C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1408_2132_25.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1632_4032_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1668_2720_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1704_2944_1.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1704_2944_2.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1744_3812_97.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2128_2984_23.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2324_3316_50.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2460_1060_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2640_3692_12.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3124_96.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3516_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3868_111.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3992_102.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_280_2004_13.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_280_3864_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2884_3480_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2896_232_35.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2900_1696_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2900_1936_8.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2944_1676_18.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2944_2072_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2968_1444_1.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2968_1444_2.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2980_3476_82.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3068_3592_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3104_1740_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3104_2104_15.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_3188_26.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_3912_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_988_18.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_1620_28.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_1956_22.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_2936_12.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3360_3952_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_1604_15.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_2276_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_3604_12.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_564_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_2692_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_5132_13.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_5132_14.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_2376_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_304_21.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_4024_30.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3928_2708_70.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4008_1540_6.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_1016_15.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_1996_9.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_2352_3.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_2968_21.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_1764_64.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_3660_53.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_4012_67.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_2208_25.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_2436_12.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_292_24.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3056_69.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3628_27.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3648_26.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3672_36.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3864_81.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3920_35.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_4028_23.html C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_4052_34.html C:\Program Files\Dealio C:\Program Files\Dealio\DealioAU.exe C:\Program Files\Dealio\kb127 C:\Program Files\Dealio\SearchSettingsKit.exe C:\Program Files\Dealio\kb127\Dealio Deskbar.exe C:\Program Files\Dealio\kb127\Dealio.dll C:\Program Files\Dealio\kb127\DealioRes409.dll C:\Program Files\Dealio\kb127\res C:\Program Files\Dealio\kb127\resDN C:\Program Files\Dealio\kb127\rules C:\Program Files\Dealio\kb127\temp C:\Program Files\Dealio\kb127\res\alerts.gif C:\Program Files\Dealio\kb127\res\alerts_over.gif C:\Program Files\Dealio\kb127\res\alerts_rec.gif C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif C:\Program Files\Dealio\kb127\res\chevron-small.gif C:\Program Files\Dealio\kb127\res\DealioSearch.html C:\Program Files\Dealio\kb127\res\deals-leftcap.gif C:\Program Files\Dealio\kb127\res\deal_report.jpg C:\Program Files\Dealio\kb127\res\ebay_login.jpg C:\Program Files\Dealio\kb127\res\err_mainwindow.html C:\Program Files\Dealio\kb127\res\err_toolbar.html C:\Program Files\Dealio\kb127\res\global_scripts.js C:\Program Files\Dealio\kb127\res\headerbgthin.jpg C:\Program Files\Dealio\kb127\res\highlight-bg.png C:\Program Files\Dealio\kb127\res\logo.gif C:\Program Files\Dealio\kb127\res\logo_over.gif C:\Program Files\Dealio\kb127\res\man_toolbar.css C:\Program Files\Dealio\kb127\res\man_toolbar.html C:\Program Files\Dealio\kb127\res\man_toolbar.js C:\Program Files\Dealio\kb127\res\man_toolbarl.js C:\Program Files\Dealio\kb127\res\post-this-deal.gif C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif C:\Program Files\Dealio\kb127\res\scripts.js C:\Program Files\Dealio\kb127\res\scroller.js C:\Program Files\Dealio\kb127\res\search-chevron.gif C:\Program Files\Dealio\kb127\res\search-chevron_over.gif C:\Program Files\Dealio\kb127\res\search_bg_blink.gif C:\Program Files\Dealio\kb127\res\separator.gif C:\Program Files\Dealio\kb127\res\settings.gif C:\Program Files\Dealio\kb127\res\settings_over.gif C:\Program Files\Dealio\kb127\res\yahoo-search.png C:\Program Files\Dealio\kb127\resDN\bottom.gif C:\Program Files\Dealio\kb127\resDN\chevron_down.gif C:\Program Files\Dealio\kb127\resDN\chevron_up.gif C:\Program Files\Dealio\kb127\resDN\close.gif C:\Program Files\Dealio\kb127\resDN\deskbar.css C:\Program Files\Dealio\kb127\resDN\deskbar.js C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg C:\Program Files\Dealio\kb127\resDN\logo.gif C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif C:\Program Files\Dealio\kb127\resDN\losing.gif C:\Program Files\Dealio\kb127\resDN\lost.gif C:\Program Files\Dealio\kb127\resDN\man_deskbar.html C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif C:\Program Files\Dealio\kb127\resDN\menu_check.gif C:\Program Files\Dealio\kb127\resDN\no_image.gif C:\Program Files\Dealio\kb127\resDN\prod_img.gif C:\Program Files\Dealio\kb127\resDN\search_chevron.gif C:\Program Files\Dealio\kb127\resDN\spacer.gif C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif C:\Program Files\Dealio\kb127\resDN\top.gif C:\Program Files\Dealio\kb127\resDN\unknown.gif C:\Program Files\Dealio\kb127\resDN\winning.gif C:\Program Files\Dealio\kb127\resDN\won.gif C:\Program Files\Dealio\kb127\rules\index.76.35 C:\Program Files\Dealio\kb127\rules\rules.1.10.76 C:\Program Files\Dealio\kb127\rules\rules.1.109.43 C:\Program Files\Dealio\kb127\rules\rules.1.110.43 C:\Program Files\Dealio\kb127\rules\rules.1.12.52 C:\Program Files\Dealio\kb127\rules\rules.1.13.58 C:\Program Files\Dealio\kb127\rules\rules.1.130.58 C:\Program Files\Dealio\kb127\rules\rules.1.135.50 C:\Program Files\Dealio\kb127\rules\rules.1.153.44 C:\Program Files\Dealio\kb127\rules\rules.1.155.43 C:\Program Files\Dealio\kb127\rules\rules.1.156.49 C:\Program Files\Dealio\kb127\rules\rules.1.16.60 C:\Program Files\Dealio\kb127\rules\rules.1.161.52 C:\Program Files\Dealio\kb127\rules\rules.1.178.66 C:\Program Files\Dealio\kb127\rules\rules.1.184.55 C:\Program Files\Dealio\kb127\rules\rules.1.188.52 C:\Program Files\Dealio\kb127\rules\rules.1.189.45 C:\Program Files\Dealio\kb127\rules\rules.1.196.43 C:\Program Files\Dealio\kb127\rules\rules.1.198.56 C:\Program Files\Dealio\kb127\rules\rules.1.199.43 C:\Program Files\Dealio\kb127\rules\rules.1.200.53 C:\Program Files\Dealio\kb127\rules\rules.1.201.43 C:\Program Files\Dealio\kb127\rules\rules.1.202.43 C:\Program Files\Dealio\kb127\rules\rules.1.203.71 C:\Program Files\Dealio\kb127\rules\rules.1.205.62 C:\Program Files\Dealio\kb127\rules\rules.1.213.71 C:\Program Files\Dealio\kb127\rules\rules.1.214.49 C:\Program Files\Dealio\kb127\rules\rules.1.215.43 C:\Program Files\Dealio\kb127\rules\rules.1.216.67 C:\Program Files\Dealio\kb127\rules\rules.1.217.67 C:\Program Files\Dealio\kb127\rules\rules.1.218.52 C:\Program Files\Dealio\kb127\rules\rules.1.219.43 C:\Program Files\Dealio\kb127\rules\rules.1.220.43 C:\Program Files\Dealio\kb127\rules\rules.1.221.57 C:\Program Files\Dealio\kb127\rules\rules.1.222.43 C:\Program Files\Dealio\kb127\rules\rules.1.223.68 C:\Program Files\Dealio\kb127\rules\rules.1.226.68 C:\Program Files\Dealio\kb127\rules\rules.1.227.43 C:\Program Files\Dealio\kb127\rules\rules.1.228.62 C:\Program Files\Dealio\kb127\rules\rules.1.229.76 C:\Program Files\Dealio\kb127\rules\rules.1.23.63 C:\Program Files\Dealio\kb127\rules\rules.1.239.43 C:\Program Files\Dealio\kb127\rules\rules.1.24.43 C:\Program Files\Dealio\kb127\rules\rules.1.240.43 C:\Program Files\Dealio\kb127\rules\rules.1.241.43 C:\Program Files\Dealio\kb127\rules\rules.1.242.43 C:\Program Files\Dealio\kb127\rules\rules.1.243.43 C:\Program Files\Dealio\kb127\rules\rules.1.244.63 C:\Program Files\Dealio\kb127\rules\rules.1.245.43 C:\Program Files\Dealio\kb127\rules\rules.1.247.43 C:\Program Files\Dealio\kb127\rules\rules.1.248.43 C:\Program Files\Dealio\kb127\rules\rules.1.249.43 C:\Program Files\Dealio\kb127\rules\rules.1.250.43 C:\Program Files\Dealio\kb127\rules\rules.1.251.43 C:\Program Files\Dealio\kb127\rules\rules.1.252.43 C:\Program Files\Dealio\kb127\rules\rules.1.253.43 C:\Program Files\Dealio\kb127\rules\rules.1.254.43 C:\Program Files\Dealio\kb127\rules\rules.1.255.43 C:\Program Files\Dealio\kb127\rules\rules.1.256.43 C:\Program Files\Dealio\kb127\rules\rules.1.257.43 C:\Program Files\Dealio\kb127\rules\rules.1.279.43 C:\Program Files\Dealio\kb127\rules\rules.1.28.58 C:\Program Files\Dealio\kb127\rules\rules.1.282.75 C:\Program Files\Dealio\kb127\rules\rules.1.283.43 C:\Program Files\Dealio\kb127\rules\rules.1.284.43 C:\Program Files\Dealio\kb127\rules\rules.1.289.67 C:\Program Files\Dealio\kb127\rules\rules.1.290.62 C:\Program Files\Dealio\kb127\rules\rules.1.291.61 C:\Program Files\Dealio\kb127\rules\rules.1.296.43 C:\Program Files\Dealio\kb127\rules\rules.1.297.43 C:\Program Files\Dealio\kb127\rules\rules.1.304.43 C:\Program Files\Dealio\kb127\rules\rules.1.307.43 C:\Program Files\Dealio\kb127\rules\rules.1.308.75 C:\Program Files\Dealio\kb127\rules\rules.1.31.47 C:\Program Files\Dealio\kb127\rules\rules.1.310.46 C:\Program Files\Dealio\kb127\rules\rules.1.311.43 C:\Program Files\Dealio\kb127\rules\rules.1.315.43 C:\Program Files\Dealio\kb127\rules\rules.1.316.43 C:\Program Files\Dealio\kb127\rules\rules.1.317.43 C:\Program Files\Dealio\kb127\rules\rules.1.318.43 C:\Program Files\Dealio\kb127\rules\rules.1.319.49 C:\Program Files\Dealio\kb127\rules\rules.1.32.48 C:\Program Files\Dealio\kb127\rules\rules.1.334.44 C:\Program Files\Dealio\kb127\rules\rules.1.335.60 C:\Program Files\Dealio\kb127\rules\rules.1.336.44 C:\Program Files\Dealio\kb127\rules\rules.1.337.44 C:\Program Files\Dealio\kb127\rules\rules.1.338.75 C:\Program Files\Dealio\kb127\rules\rules.1.339.47 C:\Program Files\Dealio\kb127\rules\rules.1.34.43 C:\Program Files\Dealio\kb127\rules\rules.1.340.47 C:\Program Files\Dealio\kb127\rules\rules.1.341.47 C:\Program Files\Dealio\kb127\rules\rules.1.349.50 C:\Program Files\Dealio\kb127\rules\rules.1.35.48 C:\Program Files\Dealio\kb127\rules\rules.1.350.50 C:\Program Files\Dealio\kb127\rules\rules.1.351.51 C:\Program Files\Dealio\kb127\rules\rules.1.352.54 C:\Program Files\Dealio\kb127\rules\rules.1.353.51 C:\Program Files\Dealio\kb127\rules\rules.1.354.51 C:\Program Files\Dealio\kb127\rules\rules.1.357.62 C:\Program Files\Dealio\kb127\rules\rules.1.358.52 C:\Program Files\Dealio\kb127\rules\rules.1.359.52 C:\Program Files\Dealio\kb127\rules\rules.1.360.53 C:\Program Files\Dealio\kb127\rules\rules.1.361.54 C:\Program Files\Dealio\kb127\rules\rules.1.362.68 C:\Program Files\Dealio\kb127\rules\rules.1.363.58 C:\Program Files\Dealio\kb127\rules\rules.1.364.54 C:\Program Files\Dealio\kb127\rules\rules.1.365.53 C:\Program Files\Dealio\kb127\rules\rules.1.367.56 C:\Program Files\Dealio\kb127\rules\rules.1.368.58 C:\Program Files\Dealio\kb127\rules\rules.1.369.55 C:\Program Files\Dealio\kb127\rules\rules.1.370.56 C:\Program Files\Dealio\kb127\rules\rules.1.371.56 C:\Program Files\Dealio\kb127\rules\rules.1.372.57 C:\Program Files\Dealio\kb127\rules\rules.1.373.55 C:\Program Files\Dealio\kb127\rules\rules.1.375.56 C:\Program Files\Dealio\kb127\rules\rules.1.376.57 C:\Program Files\Dealio\kb127\rules\rules.1.377.55 C:\Program Files\Dealio\kb127\rules\rules.1.378.65 C:\Program Files\Dealio\kb127\rules\rules.1.384.58 C:\Program Files\Dealio\kb127\rules\rules.1.386.71 C:\Program Files\Dealio\kb127\rules\rules.1.387.59 C:\Program Files\Dealio\kb127\rules\rules.1.388.59 C:\Program Files\Dealio\kb127\rules\rules.1.389.59 C:\Program Files\Dealio\kb127\rules\rules.1.390.60 C:\Program Files\Dealio\kb127\rules\rules.1.391.60 C:\Program Files\Dealio\kb127\rules\rules.1.392.60 C:\Program Files\Dealio\kb127\rules\rules.1.393.60 C:\Program Files\Dealio\kb127\rules\rules.1.394.60 C:\Program Files\Dealio\kb127\rules\rules.1.396.61 C:\Program Files\Dealio\kb127\rules\rules.1.397.61 C:\Program Files\Dealio\kb127\rules\rules.1.398.60 C:\Program Files\Dealio\kb127\rules\rules.1.399.60 C:\Program Files\Dealio\kb127\rules\rules.1.403.61 C:\Program Files\Dealio\kb127\rules\rules.1.404.63 C:\Program Files\Dealio\kb127\rules\rules.1.405.61 C:\Program Files\Dealio\kb127\rules\rules.1.406.61 C:\Program Files\Dealio\kb127\rules\rules.1.407.76 C:\Program Files\Dealio\kb127\rules\rules.1.408.63 C:\Program Files\Dealio\kb127\rules\rules.1.409.61 C:\Program Files\Dealio\kb127\rules\rules.1.412.62 C:\Program Files\Dealio\kb127\rules\rules.1.413.62 C:\Program Files\Dealio\kb127\rules\rules.1.414.62 C:\Program Files\Dealio\kb127\rules\rules.1.415.62 C:\Program Files\Dealio\kb127\rules\rules.1.416.62 C:\Program Files\Dealio\kb127\rules\rules.1.417.62 C:\Program Files\Dealio\kb127\rules\rules.1.418.62 C:\Program Files\Dealio\kb127\rules\rules.1.419.62 C:\Program Files\Dealio\kb127\rules\rules.1.420.62 C:\Program Files\Dealio\kb127\rules\rules.1.421.62 C:\Program Files\Dealio\kb127\rules\rules.1.423.63 C:\Program Files\Dealio\kb127\rules\rules.1.424.63 C:\Program Files\Dealio\kb127\rules\rules.1.425.63 C:\Program Files\Dealio\kb127\rules\rules.1.426.63 C:\Program Files\Dealio\kb127\rules\rules.1.427.63 C:\Program Files\Dealio\kb127\rules\rules.1.428.65 C:\Program Files\Dealio\kb127\rules\rules.1.429.63 C:\Program Files\Dealio\kb127\rules\rules.1.430.63 C:\Program Files\Dealio\kb127\rules\rules.1.432.65 C:\Program Files\Dealio\kb127\rules\rules.1.433.64 C:\Program Files\Dealio\kb127\rules\rules.1.434.65 C:\Program Files\Dealio\kb127\rules\rules.1.435.64 C:\Program Files\Dealio\kb127\rules\rules.1.436.76 C:\Program Files\Dealio\kb127\rules\rules.1.437.64 C:\Program Files\Dealio\kb127\rules\rules.1.438.71 C:\Program Files\Dealio\kb127\rules\rules.1.439.71 C:\Program Files\Dealio\kb127\rules\rules.1.440.75 C:\Program Files\Dealio\kb127\rules\rules.1.442.73 C:\Program Files\Dealio\kb127\rules\rules.1.443.73 C:\Program Files\Dealio\kb127\rules\rules.1.444.73 C:\Program Files\Dealio\kb127\rules\rules.1.445.68 C:\Program Files\Dealio\kb127\rules\rules.1.446.69 C:\Program Files\Dealio\kb127\rules\rules.1.450.67 C:\Program Files\Dealio\kb127\rules\rules.1.451.67 C:\Program Files\Dealio\kb127\rules\rules.1.452.68 C:\Program Files\Dealio\kb127\rules\rules.1.453.68 C:\Program Files\Dealio\kb127\rules\rules.1.454.69 C:\Program Files\Dealio\kb127\rules\rules.1.456.69 C:\Program Files\Dealio\kb127\rules\rules.1.457.75 C:\Program Files\Dealio\kb127\rules\rules.1.458.70 C:\Program Files\Dealio\kb127\rules\rules.1.459.70 C:\Program Files\Dealio\kb127\rules\rules.1.460.69 C:\Program Files\Dealio\kb127\rules\rules.1.462.74 C:\Program Files\Dealio\kb127\rules\rules.1.463.69 C:\Program Files\Dealio\kb127\rules\rules.1.464.70 C:\Program Files\Dealio\kb127\rules\rules.1.465.68 C:\Program Files\Dealio\kb127\rules\rules.1.468.70 C:\Program Files\Dealio\kb127\rules\rules.1.469.70 C:\Program Files\Dealio\kb127\rules\rules.1.470.70 C:\Program Files\Dealio\kb127\rules\rules.1.471.73 C:\Program Files\Dealio\kb127\rules\rules.1.472.70 C:\Program Files\Dealio\kb127\rules\rules.1.478.74 C:\Program Files\Dealio\kb127\rules\rules.1.479.73 C:\Program Files\Dealio\kb127\rules\rules.1.480.68 C:\Program Files\Dealio\kb127\rules\rules.1.481.71 C:\Program Files\Dealio\kb127\rules\rules.1.482.74 C:\Program Files\Dealio\kb127\rules\rules.1.49.67 C:\Program Files\Dealio\kb127\rules\rules.1.50.43 C:\Program Files\Dealio\kb127\rules\rules.1.500.71 C:\Program Files\Dealio\kb127\rules\rules.1.501.74 C:\Program Files\Dealio\kb127\rules\rules.1.502.71 C:\Program Files\Dealio\kb127\rules\rules.1.51.69 C:\Program Files\Dealio\kb127\rules\rules.1.52.72 C:\Program Files\Dealio\kb127\rules\rules.1.520.76 C:\Program Files\Dealio\kb127\rules\rules.1.521.76 C:\Program Files\Dealio\kb127\rules\rules.1.522.76 C:\Program Files\Dealio\kb127\rules\rules.1.53.51 C:\Program Files\Dealio\kb127\rules\rules.1.531.76 C:\Program Files\Dealio\kb127\rules\rules.1.532.75 C:\Program Files\Dealio\kb127\rules\rules.1.534.75 C:\Program Files\Dealio\kb127\rules\rules.1.54.47 C:\Program Files\Dealio\kb127\rules\rules.1.55.45 C:\Program Files\Dealio\kb127\rules\rules.1.56.69 C:\Program Files\Dealio\kb127\rules\rules.1.57.43 C:\Program Files\Dealio\kb127\rules\rules.1.58.47 C:\Program Files\Dealio\kb127\rules\rules.1.593.76 C:\Program Files\Dealio\kb127\rules\rules.1.595.76 C:\Program Files\Dealio\kb127\rules\rules.1.63.57 C:\Program Files\Dealio\kb127\rules\rules.1.66.47 C:\Program Files\Dealio\kb127\rules\rules.1.70.75 C:\Program Files\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio C:\Program Files\GamesBar C:\Program Files\GamesBar\oberontb.dll C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127 C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\res C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14207.log C:\Program Files\Search Settings C:\Program Files\Search Settings\kb127 C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Search Settings\kb127\res C:\Program Files\Search Settings\kb127\SearchSettings.dll C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll C:\Program Files\Search Settings\kb127\temp -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://home.sweetim.com" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Zuma Deluxe + Crack.zip.torrent C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Zuma Deluxe + Crack.zip C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack.zip C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack\Jewel Quest Solitaire crack.txt 1 - "C:\ToolBar SD\TB_1.txt" - 26/11/2008|20:32 - Option : [1] -----------\\ Fin du rapport a 20:32:48,98
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

je n'ai que le rapport log.txt est ce normal? Logfile of random's system information tool 1.04 (written by random/random) Run by Propriétaire at 2008-11-26 13:20:37 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 108 GB (57%) free of 191 GB Total RAM: 511 MB (17% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:20:41, on 26/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe C:\Program Files\trend micro\Propriétaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [uyikc] c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Propriétaire\Application Data\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 10315 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488] "uyikc"=c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe:*:Enabled:eMule" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" ""="" "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Media" "C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "X:\Codemasters\Insane\Game.exe"="X:\Codemasters\Insane\Game.exe:*:Disabled:Game.exe" "X:\Games\Supreme\Supreme.exe"="X:\Games\Supreme\Supreme.exe:*:Disabled:Supreme.exe" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{296641ea-d4e6-11dc-80b4-0060b3e764c5}] shell\Auto\command - cmd /C launch.bat shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat ======List of files/folders created in the last 1 months====== 2008-11-25 22:34:00 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes 2008-11-25 22:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-11-25 22:33:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-11-25 10:43:32 ----A---- C:\cleannavi.txt 2008-11-24 23:11:36 ----A---- C:\fixnavi.txt 2008-11-24 22:02:23 ----D---- C:\Program Files\Navilog1 2008-11-23 17:25:13 ----D---- C:\Program Files\trend micro 2008-11-23 17:25:03 ----D---- C:\rsit 2008-11-22 22:26:46 ----D---- C:\Documents and Settings\Propriétaire\Application Data\CVitae 2008-11-21 22:54:24 ----SHD---- C:\Config.Msi 2008-11-12 17:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-11-12 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-11-08 13:41:44 ----A---- C:\memory.txt 2008-11-08 13:16:13 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-11-08 12:07:23 ----A---- C:\WINDOWS\system32\IYVU9_32.DLL 2008-11-08 12:07:22 ----A---- C:\WINDOWS\system32\IACENC.DLL 2008-11-06 17:47:32 ----D---- C:\Temp 2008-11-05 22:47:16 ----D---- C:\Program Files\AIDA32 - Personal System Information 2008-11-05 19:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli 2008-11-05 19:06:45 ----D---- C:\Remote Programs 2008-11-05 19:06:28 ----N---- C:\WINDOWS\ExentInfo.exe 2008-11-05 19:06:20 ----D---- C:\Program Files\Player Metaboli 2008-11-02 21:24:29 ----D---- C:\Program Files\Oberon Media 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs\Oberon Media ======List of files/folders modified in the last 1 months====== 2008-11-26 13:13:59 ----D---- C:\WINDOWS\Temp 2008-11-26 13:12:51 ----D---- C:\Program Files\Wanadoo 2008-11-26 11:18:31 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-26 10:45:27 ----D---- C:\Program Files\eMule 2008-11-26 09:32:08 ----D---- C:\WINDOWS\Prefetch 2008-11-26 09:24:52 ----D---- C:\WINDOWS\system32\drivers 2008-11-25 23:54:29 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-25 22:33:14 ----RD---- C:\Program Files 2008-11-25 22:04:41 ----A---- C:\WINDOWS\NeroDigital.ini 2008-11-25 10:47:10 ----D---- C:\WINDOWS\system32 2008-11-25 10:46:11 ----D---- C:\WINDOWS 2008-11-23 15:00:15 ----D---- C:\Program Files\CONEXANT 2008-11-21 22:59:31 ----SHD---- C:\WINDOWS\Installer 2008-11-21 22:56:07 ----D---- C:\Program Files\Windows Live 2008-11-21 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-11-21 22:52:22 ----RSD---- C:\WINDOWS\assembly 2008-11-19 10:51:20 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-11-19 10:22:21 ----HD---- C:\WINDOWS\inf 2008-11-19 10:22:21 ----D---- C:\WINDOWS\Help 2008-11-18 15:19:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent 2008-11-12 17:01:24 ----HD---- C:\WINDOWS\$hf_mig$ 2008-11-12 17:01:22 ----A---- C:\WINDOWS\imsins.BAK 2008-11-12 17:00:32 ----D---- C:\WINDOWS\WinSxS 2008-11-07 13:53:59 ----D---- C:\WINDOWS\Microsoft.NET 2008-11-07 12:55:36 ----D---- C:\WINDOWS\system32\DirectX 2008-11-05 19:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-11-05 19:06:20 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-05 17:42:45 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Dealio 2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe 2008-11-03 16:45:37 ----D---- C:\Program Files\GamesBar 2008-11-02 22:02:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-11-02 21:24:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970] R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632] R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808] R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664] S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880] S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-07 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF-----------------
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

merci bien te ton aide voici le résultat : Malwarebytes' Anti-Malware 1.30 Version de la base de données: 1424 Windows 5.1.2600 Service Pack 2 26/11/2008 09:23:11 mbam-log-2008-11-26 (09-23-11).txt Type de recherche: Examen rapide Eléments examinés: 63745 Temps écoulé: 14 minute(s), 49 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 10 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe) Good: (userinit.exe) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
- le 26 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

voila le résultat : Clean Navipromo version 3.6.9 commencé le 25/11/2008 à 10:43:32,57 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Propriétaire" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * Autres Suppressions : wiqwguo.exe trouvé ! Copie wiqwguo.exe réalisée avec succès ! wiqwguo.exe supprimé ! wiqwguo.dat trouvé ! Copie wiqwguo.dat réalisée avec succès ! wiqwguo.dat supprimé ! wiqwguo_nav.dat trouvé ! Copie wiqwguo_nav.dat réalisée avec succès ! wiqwguo_nav.dat supprimé ! wiqwguo_navps.dat trouvé ! Copie wiqwguo_navps.dat réalisée avec succès ! wiqwguo_navps.dat supprimé ! *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf supprimé ! C:\WINDOWS\prefetch\MESSENGERSKINNER_SETUP[1].EXE-1259DC2B.pf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * wmlhavqb.dat trouvé ! Copie wmlhavqb.dat réalisée avec succès ! wmlhavqb.dat supprimé ! wmlhavqb_nav.dat trouvé ! Copie wmlhavqb_nav.dat réalisée avec succès ! wmlhavqb_nav.dat supprimé ! wmlhavqb_navps.dat trouvé ! Copie wmlhavqb_navps.dat réalisée avec succès ! wmlhavqb_navps.dat supprimé ! * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * hjstnpq.exe trouvé ! Copie hjstnpq.exe réalisée avec succès ! hjstnpq.exe supprimé ! hjstnpq.dat trouvé ! Copie hjstnpq.dat réalisée avec succès ! hjstnpq.dat supprimé ! hjstnpq_nav.dat trouvé ! Copie hjstnpq_nav.dat réalisée avec succès ! hjstnpq_nav.dat supprimé ! hjstnpq_navps.dat trouvé ! Copie hjstnpq_navps.dat réalisée avec succès ! hjstnpq_navps.dat supprimé ! C:\WINDOWS\prefetch\hjstnpq*.pf trouvé ! Copie C:\WINDOWS\prefetch\hjstnpq*.pf réalisée avec succès ! C:\WINDOWS\prefetch\hjstnpq*.pf supprimé ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Clés RUN orphelines Navipromo *** !! Résultats temporairement non pris en charge !! !! Les clés trouvées ne sont pas forcément infectées !! Clés trouvés : [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uyikc"="c:\\documents and settings\\propri‚taire\\local settings\\application data\\uyikc.exe uyikc" *** Nettoyage terminé le 25/11/2008 à 10:47:09,75 ***
- le 25 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

Search Navipromo version 3.6.9 commencé le 24/11/2008 à 23:11:36,15 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Propriétaire" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** Favorit Favorit MessengerSkinner *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * Fichiers suspects : wiqwguo.exe trouvé ! wiqwguo.dat trouvé ! wiqwguo_nav.dat trouvé ! wiqwguo_navps.dat trouvé ! *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf trouvé ! C:\WINDOWS\prefetch\MESSENGERSKINNER_SETUP[1].EXE-1259DC2B.pf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : wmlhavqb.dat trouvé ! wmlhavqb_nav.dat trouvé ! wmlhavqb_navps.dat trouvé ! * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" : hjstnpq.exe trouvé ! hjstnpq.dat trouvé ! hjstnpq_nav.dat trouvé ! hjstnpq_navps.dat trouvé ! wiqwguo.exe trouvé ! wiqwguo.dat trouvé ! wiqwguo_nav.dat trouvé ! wiqwguo_navps.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 24/11/2008 à 23:21:04,48 ***
- le 24 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

je n'ai toujours pas de résultat est ce normal?
- le 24 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a répondu à un(e) sujet de didouille05 dans Analyses et éradication malwares

rapport log.txt : Logfile of random's system information tool 1.04 (written by random/random) Run by Propriétaire at 2008-11-23 17:25:03 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 109 GB (57%) free of 191 GB Total RAM: 511 MB (40% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:25:33, on 23/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe C:\Program Files\trend micro\Propriétaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe O4 - HKCU\..\Run: [uyikc] c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Propriétaire\Application Data\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Propriétaire/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 10739 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}] DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488] "messengerskinner"=C:\Program Files\MessengerSkinner\MessengerSkinner.exe [] "uyikc"=c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe:*:Enabled:eMule" "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" ""="" "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Media" "C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "X:\Codemasters\Insane\Game.exe"="X:\Codemasters\Insane\Game.exe:*:Disabled:Game.exe" "X:\Games\Supreme\Supreme.exe"="X:\Games\Supreme\Supreme.exe:*:Disabled:Supreme.exe" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{296641ea-d4e6-11dc-80b4-0060b3e764c5}] shell\Auto\command - cmd /C launch.bat shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat ======List of files/folders created in the last 1 months====== 2008-11-23 17:25:13 ----D---- C:\Program Files\trend micro 2008-11-23 17:25:03 ----D---- C:\rsit 2008-11-22 22:26:46 ----D---- C:\Documents and Settings\Propriétaire\Application Data\CVitae 2008-11-22 22:26:30 ----D---- C:\Program Files\MonProduit 2008-11-21 22:54:24 ----SHD---- C:\Config.Msi 2008-11-12 17:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-11-12 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-11-08 13:41:44 ----A---- C:\memory.txt 2008-11-08 13:16:13 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2008-11-08 12:07:23 ----A---- C:\WINDOWS\system32\IYVU9_32.DLL 2008-11-08 12:07:22 ----A---- C:\WINDOWS\system32\IACENC.DLL 2008-11-06 17:47:32 ----D---- C:\Temp 2008-11-05 22:47:16 ----D---- C:\Program Files\AIDA32 - Personal System Information 2008-11-05 19:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli 2008-11-05 19:06:45 ----D---- C:\Remote Programs 2008-11-05 19:06:28 ----N---- C:\WINDOWS\ExentInfo.exe 2008-11-05 19:06:20 ----D---- C:\Program Files\Player Metaboli 2008-11-02 21:24:29 ----D---- C:\Program Files\Oberon Media 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs\Oberon Media 2008-10-26 15:12:03 ----D---- C:\Program Files\Bandoo 2008-10-24 10:40:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ ======List of files/folders modified in the last 1 months====== 2008-11-23 17:25:13 ----RD---- C:\Program Files 2008-11-23 17:25:10 ----D---- C:\WINDOWS\Prefetch 2008-11-23 17:01:47 ----D---- C:\WINDOWS\Temp 2008-11-23 16:16:48 ----D---- C:\Program Files\eMule 2008-11-23 15:00:15 ----D---- C:\Program Files\CONEXANT 2008-11-23 14:58:28 ----A---- C:\WINDOWS\NeroDigital.ini 2008-11-23 12:59:12 ----D---- C:\Program Files\Wanadoo 2008-11-23 00:15:45 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-22 22:26:49 ----D---- C:\WINDOWS\system32 2008-11-22 01:58:20 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-21 22:59:31 ----SHD---- C:\WINDOWS\Installer 2008-11-21 22:56:07 ----D---- C:\Program Files\Windows Live 2008-11-21 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-11-21 22:52:59 ----D---- C:\WINDOWS 2008-11-21 22:52:22 ----RSD---- C:\WINDOWS\assembly 2008-11-19 10:51:20 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-11-19 10:22:21 ----HD---- C:\WINDOWS\inf 2008-11-19 10:22:21 ----D---- C:\WINDOWS\Help 2008-11-18 15:19:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent 2008-11-12 17:01:28 ----D---- C:\WINDOWS\system32\drivers 2008-11-12 17:01:24 ----HD---- C:\WINDOWS\$hf_mig$ 2008-11-12 17:01:22 ----A---- C:\WINDOWS\imsins.BAK 2008-11-12 17:00:32 ----D---- C:\WINDOWS\WinSxS 2008-11-07 13:53:59 ----D---- C:\WINDOWS\Microsoft.NET 2008-11-07 12:55:36 ----D---- C:\WINDOWS\system32\DirectX 2008-11-05 19:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-11-05 19:06:20 ----HD---- C:\Program Files\InstallShield Installation Information 2008-11-05 17:42:45 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Dealio 2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe 2008-11-03 16:45:37 ----D---- C:\Program Files\GamesBar 2008-11-02 22:02:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-11-02 21:24:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs 2008-10-26 13:55:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970] R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704] R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632] R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808] R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880] S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [] S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640] R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-07 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF----------------- rapport info.txt : info.txt logfile of random's system information tool 1.04 2008-11-23 17:25:41 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7 Sins-->J:\Remote Programs\7 Sins\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=361654;name=7 Sins;dir=J:\Remote Programs\7 Sins\;prvid=200;cmdid=1;prvdir=Default AbiWord 2.6.3-->C:\Program Files\AbiSuite2\UninstallAbiWord2.exe Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe" ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C765D9FF-4A34-4BF1-9F91-E9A3C60C86FC}\setup.exe" -l0x40c Arthur et Minimoys-->J:\Remote Programs\Arthur et les Minimoys\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=458654;name=Arthur et Minimoys;dir=J:\Remote Programs\Arthur et les Minimoys\;prvid=200;cmdid=1;prvdir=Default Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup CEP - Color Enable Package-->"C:\PROGRA~1\EAGAME~1\zCEP_Uninstaller\unins000.exe" Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB} Colin McRae 2005-->J:\Remote Programs\Colin McRae Rally 2005\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=352954;name=Colin McRae 2005;dir=J:\Remote Programs\Colin McRae Rally 2005\;prvid=200;cmdid=1;prvdir=Default Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Crashday-->J:\Remote Programs\Crashday\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=423250;name=Crashday;dir=J:\Remote Programs\Crashday\;prvid=200;cmdid=1;prvdir=Default Dealio Toolbar 3.4-->MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53} eMule-->"C:\Program Files\eMule\Uninstall.exe" Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} Fantasy Wars-->J:\Remote Programs\Fantasy Wars\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=521754;name=Fantasy Wars;dir=J:\Remote Programs\Fantasy Wars\;prvid=200;cmdid=1;prvdir=Default Favorit-->"c:\documents and settings\propriétaire\local settings\application data\wiqwguo.exe" -uninstall Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62} Freak Out-->J:\Remote Programs\Freak Out\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=475550;name=Freak Out;dir=J:\Remote Programs\Freak Out\;prvid=200;cmdid=1;prvdir=Default Ghost Master-->J:\Remote Programs\Ghost Master\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=546254;name=Ghost Master;dir=J:\Remote Programs\Ghost Master\;prvid=200;cmdid=1;prvdir=Default Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} HijackThis 2.0.2-->"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis[1].zip\HijackThis.exe" /uninstall Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} K-Lite Codec Pack 3.3.5 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c LOST-->J:\Remote Programs\Lost Via Domus\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=571554;name=LOST;dir=J:\Remote Programs\Lost Via Domus\;prvid=200;cmdid=1;prvdir=Default Lula 3D-->J:\Remote Programs\Lula 3D\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=416554;name=Lula 3D;dir=J:\Remote Programs\Lula 3D\;prvid=200;cmdid=1;prvdir=Default Magic Ball 3-->J:\Remote Programs\Magic Ball 3\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=465950;name=Magic Ball 3;dir=J:\Remote Programs\Magic Ball 3\;prvid=200;cmdid=1;prvdir=Default Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{718263DE-E612-4653-BB7D-7154BA9E31AB} Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server Native Client-->MsiExec.exe /I{9C7E944F-4502-40B8-A0AB-66B2FA9EE829} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{75FF1600-6330-43FA-9022-E0835BF20778} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Moto Racer 3-->J:\Remote Programs\Moto Racer 3\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=181463;name=Moto Racer 3;dir=J:\Remote Programs\Moto Racer 3\;prvid=200;cmdid=1;prvdir=Default MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5} Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33} Outil de connexion Wanadoo-->C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Player Metaboli-->"C:\Program Files\Player Metaboli\Uninstall.exe" SAGEM Wi-Fi 11g USB adapter (outil)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6266AB37-350F-483C-88D2-C530ACA42645}\setup.exe" -l0x40c SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}\setup.exe" -l0x40c Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F20&SUBSYS_200014F1 SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Supreme Snow...-->J:\Remote Programs\Supreme Snowboarding\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=136354;name=Supreme Snow...;dir=J:\Remote Programs\Supreme Snowboarding\;prvid=200;cmdid=1;prvdir=Default Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0} TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Winkaa 1.0 1.0-->"C:\Program Files\Emoticons-plus.com\Winkaa 1.0\uninstall.exe" Winter Games 2007-->J:\Remote Programs\Winter Games 2007\GPlrLanc.exe -LOpCode 2 /RemoveContent cid=471650;name=Winter Games 2007;dir=J:\Remote Programs\Winter Games 2007\;prvid=200;cmdid=1;prvdir=Default ======Hosts File====== 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com ======Security center information====== AV: avast! antivirus 4.8.1229 [VPS 081122-0] ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Teleca Shared "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
- le 23 novembre 2008
- 47 réponses
mon fichier Iastor a disparu

didouille05 a posté un sujet dans Analyses et éradication malwares

bonjour a tous, voila j'ai un problme avec mon PC, j'ai le fichier Iastor qui a disparu, du coup pour démarer mon pc normalement il faut que quand je l'allume je reste devant pour pouvoir mettre le choix me connecter sur windows sinon il fait une recherche et trouve que le fichier iastor a disparu et me met un écran tout bleu :'( quelqu'un peut il m'aider???? merci d'avance
- le 23 novembre 2008
- 47 réponses

Connexion

didouille05

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par didouille05

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

mon fichier Iastor a disparu

Zebulon

Outils en ligne

Naviguer