Aller au contenu

Jibione

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    41

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Jibione

  1. Jibione
    Bonjour à tous, J'ai un petit souçi depuis hier soir, mon PC s'est éteint tout seul pendant que je travaillais dessus. Depuis, il reboot tout seul de manière continue. J'ai réussi à le lancer en mode sans echec, mais après un scan Antivira, je n'ai vu aucune amélioration. J'ai vu qu'Appollo proposait un scan via ZHP, ce que j'ai fait. En voici le rapport. Lien CJoint.com BKgiGKEI0rk Si l'un d'entre vous y voit quelque chose d'anormal... Je suis preneur Merci par avance pour vos conseils. Bien cordialement!
  2. Jibione
    J'ai réussi à avoir free qui me dit que la ligne fonctionne correctement. Donc le problème viendrait de mon PC. Par ailleurs, merci pour ton retour, mais je n'arrive pas à trouver winfix pour XPSP2. J'ai repéré un tuto sur ce site ! --->ici<--- mais je n'ose pas trop m'embarquer dans des manip qui pourraient se révéler irréversible...
  3. Jibione
    Bonjour, Après maintes recherches sur différents forums, je n'ai pas réussi à solutionner mon problème. Depuis ce matin, je n'ai plus de connexion internet (ethernet) ("Network cable unplugged" alors que tout est bien branché) Je suis équipé de la freebox, qui ne fonctionne plus qu'en mode USB, qui est assez lent. (Je n'ai pas de carte Wifi) A noter que le télephone et la TV fonctionnent tous 2 très bien. J'ai essayé de modifier le driver de ma carte réseau (Sis 191 de chez Acer) mais l'assistant me dit que le pilote est à jour. J'ai également essayé différents câbles RJ 45 mais sans résultat.. Si l'un d'entre vous aurait une petite idée pour que je puisse récupérer ma connexion, je vous en serai très reconnaissant. Merci d'avance
  4. Jibione
    ok merci pour tout
  5. Jibione
    j'en ai bien l'impression pear, merci. en tout cas le "relevant" a bien dégagé de mon pc! un grand merci à toi. du coup, j'en profite : - à quoi sert la dernière manip? je n'ai pas compris l'intérêt de la désactivation de la restauration des lecteurs... - comme tu as dû le voir, j'ai avira comme antivirus. est-il toujours d'actualité pour limiter les infections? encore merci et très bonne continuation à toi. en plus aidé par quelqu'un du 29.. la classe
  6. Jibione
    Le voici : Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2382 Windows 5.1.2600 Service Pack 2 06/07/2009 23:03:18 mbam-log-2009-07-06 (23-03-18).txt Type de recherche: Examen complet (C:\|I:\|) Eléments examinés: 155489 Temps écoulé: 1 hour(s), 10 minute(s), 49 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 10 Fichier(s) infecté(s): 23 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\cablerouting.cablerouting (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\cablerouting.cablerouting.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\vrmdtneg.bfso (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Adsl Software Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\CableRouting (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\documents and settings\All Users\Start Menu\Programs\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully. C:\Program Files\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\components (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\documents and settings\All Users\Application Data\ADSL Software Ltd (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\WinSpywareProtect (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\BASE (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\system volume information\_restore{b9e2cb46-2106-41d8-a525-55ce93ab7c95}\RP382\A0092713.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully. c:\program files\cablerouting\uninstall.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\program files\cablerouting\Uninstall.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\relevantknowledge\About RelevantKnowledge.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\relevantknowledge\Privacy Policy and User License Agreement.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\relevantknowledge\Support.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\relevantknowledge\Uninstall Instructions.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\chrome.manifest (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\install.rdf (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rloci.bin (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rlph.dll (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rlxf.dll (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\Shortcut to rlvknlg.exe.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\components\rlxg.dll (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080621171005281.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080621182605640.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080622101248187.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080622233527781.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080623100429359.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080623212606578.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\adsl software ltd\winspywareprotect\LOG\20080623215145484.log (Rogue.Multiple) -> Quarantined and deleted successfully. c:\winzip112.exe (Trojan.Agent) -> Quarantined and deleted successfully.
  7. Jibione
    Ca tourne..
  8. Jibione
    Tout d'abord, merci à toi Pear pour t'occuper de mon cas voici le rapport otm : All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== FILES ========== c:\program files\relevantknowledge\rlvknlg.exe moved successfully. File/Folder c:\program files\quad utilities\quad registry cleaner\quad scheduler.exe not found. DllUnregisterServer procedure not found in c:\program files\relevantknowledge\rlls.dll c:\program files\relevantknowledge\rlls.dll NOT unregistered. c:\program files\relevantknowledge\rlls.dll moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QUAD Scheduler deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\RelevantKnowledge\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Jibione ->Temp folder emptied: 948775 bytes ->Temporary Internet Files folder emptied: 2705298 bytes ->Java cache emptied: 9950886 bytes ->FireFox cache emptied: 90259429 bytes ->Apple Safari cache emptied: 13218001 bytes ->Opera cache emptied: 1411048 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 179684285 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 4285428 bytes %systemroot%\System32 .tmp files removed: 4627985 bytes Windows Temp folder emptied: 16019690 bytes RecycleBin emptied: 51560746 bytes Total Files Cleaned = 357,38 mb OTM by OldTimer - Version 3.0.0.4 log created on 07062009_214039 Files moved on Reboot... Registry entries deleted on Reboot...
  9. Jibione
    bonjour à tous, j'ai récupéré le virus relevant knowledge. quelqu'un peut-il m'aider à m'en débarasser? voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:31:58, on 06/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\RelevantKnowledge\rlvknlg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Jibione\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{45BCFF62-AB81-4033-A84F-C015C618050B}: NameServer = 212.27.53.252,212.27.54.252 O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: uvnc_service - Unknown owner - C:\Program Files\UltraVNC\winvnc.exe (file missing) -- End of file - 6187 bytes Merci d'avance
  10. Jibione
    Ok bien noté. Par contre, j'ai l'impression que ton lien pour télécharger antivir n'est plus trop à jour. Voici le rapport : Search Navipromo version 3.7.1 commencé le 14/01/2009 à 20:02:00,18 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Genuine Intel® CPU 2140 @ 1.60GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Jibione ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090108-0] 4.8.1296 (Not Activated) C:\ (Local Disk) - NTFS - Total:111 Go (Free:10 Go) D:\ (Local Disk) - FAT32 - Total:232 Go (Free:160 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (Local Disk) - NTFS - Total:111 Go (Free:13 Go) J:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) L:\ (CD or DVD) Recherche executé en mode normal *** Recherche Programmes installés *** Favorit *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\startm~1\programs" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\startm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Jibione\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Jibione\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Jibione\startm~1\programs" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Jibione\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Jibione\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 14/01/2009 à 20:23:21,18 ***
  11. Jibione
    ok c'est bon j'ai viré les cracks qui m'ont infecté. voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:13:26, on 14/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\UltraVNC\winvnc.exe C:\Program Files\AMD\RAIDXpert\_jvm\bin\java.exe C:\Program Files\UltraVNC\winvnc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\My Lockbox\flockbox.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Jibione\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [flockbox] C:\Program Files\My Lockbox\flockbox.exe /a O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{45BCFF62-AB81-4033-A84F-C015C618050B}: NameServer = 212.27.53.252,212.27.54.252 O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown owner - C:\Program Files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\winvnc.exe -- End of file - 5939 bytes
  12. Jibione
    je suis au taf, mais je fais ça ce soir en rentrant. Merci
  13. Jibione
    Effectivement, c'est après avoir voulu choper un crack sur la mule que je me suis fait eu... NB : J'ai lancé Antivir entre mes 2 posts.. Et hop le rapport : -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Genuine Intel® CPU 2140 @ 1.60GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Jibione ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090108-0] 4.8.1296 (Not Activated) C:\ (Local Disk) - NTFS - Total:111 Go (Free:18 Go) D:\ (Local Disk) - FAT32 - Total:232 Go (Free:160 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (Local Disk) - NTFS - Total:111 Go (Free:13 Go) J:\ (CD or DVD) L:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 13/01/2009| 7:28 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\Program Files\AskBarDis\PopSwatter Supprime! - C:\Program Files\AskBarDis\unins000.dat Supprime! - C:\Program Files\AskBarDis\unins000.exe Supprime! - C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127 Supprime! - C:\Program Files\Dealio\DealioAU.exe Supprime! - C:\Program Files\Dealio\kb127 Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe Supprime! - C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Dealio Supprime! - C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127 Supprime! - C:\Program Files\Search Settings\kb127 Supprime! - C:\Program Files\Search Settings\SearchSettings.exe Supprime! - C:\Program Files\AskBarDis Supprime! - C:\DOCUME~1\Jibione\APPLIC~1\Dealio Supprime! - C:\Program Files\Dealio Supprime! - C:\DOCUME~1\Jibione\APPLIC~1\Search Settings Supprime! - C:\Program Files\Search Settings -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Jibione) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://yahoo.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Jibione\Desktop\Prg\Adobe Photoshop CS 9 + Keygen.iso C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack\Return to Castle Wolfenstein Key Generator.exe C:\DOCUME~1\Jibione\My Documents\My Music\I am\De La Planete Mars [uK]\06 Crack.wma C:\DOCUME~1\Jibione\My Documents\My Music\Iam\De La Planete Mars [uK]\06 Crack.mp3 C:\DOCUME~1\Jibione\My Documents\My Music\iTunes\iTunes Music\Kanye West_The Game\Late Registration\08 Crack Music.mp3 C:\DOCUME~1\Jibione\Recent\Adobe Photoshop CS3 [Key.Serial.Crack.Keygen].txt.lnk C:\DOCUME~1\Jibione\Recent\Avs Video Converter 5.6 Keygen.7z.lnk C:\DOCUME~1\Jibione\Recent\avs-video-converter-6.2.keygen.jpg.lnk C:\DOCUME~1\Jibione\Recent\Return to The Castle of Wolfenstein + patch v1.41 + Keygen.ISO.lnk C:\DOCUME~1\Jibione\Recent\Windows.Xp.Sp2.Keygen.with.auto.key.changer.rar.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 09/01/2009|18:31 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 10/01/2009|12:33 - Option : [1] 3 - "C:\ToolBar SD\TB_3.txt" - 12/01/2009|18:36 - Option : [1] 4 - "C:\ToolBar SD\TB_4.txt" - 13/01/2009| 7:31 - Option : [2] -----------\\ Fin du rapport a 7:31:13,57
  14. Jibione
    Disons que j'avais utilisé Toolbar SD pour poster le premier rapport de mon sujet. Je viens de le remouliner, et ça donne ça : -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Genuine Intel® CPU 2140 @ 1.60GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Jibione ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090108-0] 4.8.1296 (Not Activated) C:\ (Local Disk) - NTFS - Total:111 Go (Free:18 Go) D:\ (Local Disk) - FAT32 - Total:232 Go (Free:160 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (Local Disk) - NTFS - Total:111 Go (Free:13 Go) J:\ (CD or DVD) L:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 12/01/2009|18:34 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\PopSwatter C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\0077F6F0 C:\Program Files\AskBarDis\bar\Cache\0077FAB8.bin C:\Program Files\AskBarDis\bar\Cache\0077FC8D.bin C:\Program Files\AskBarDis\bar\Cache\0077FE43.bin C:\Program Files\AskBarDis\bar\Cache\0077FFE8.bin C:\Program Files\AskBarDis\bar\Cache\00780121.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\Program Files\AskBarDis\PopSwatter\History C:\Program Files\AskBarDis\PopSwatter\History\allowed C:\Program Files\AskBarDis\PopSwatter\History\notallow C:\DOCUME~1\Jibione\APPLIC~1\Dealio C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_rec.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\chevron-small.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\DealioSearch.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\deal_report.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\ebay_login.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\err_mainwindow.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\err_toolbar.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\global_scripts.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\highlight-bg.png C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\logo.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\logo_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.css C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbarl.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\post-this-deal.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\scripts.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\scroller.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search-chevron.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\separator.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\settings.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\settings_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\yahoo-search.png C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\index.76.35 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.10.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.109.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.110.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.12.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.13.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.130.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.135.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.153.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.155.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.156.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.16.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.161.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.178.66 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.184.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.188.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.189.45 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.196.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.198.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.199.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.200.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.201.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.202.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.203.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.205.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.213.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.214.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.215.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.216.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.217.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.218.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.219.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.220.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.221.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.222.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.223.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.226.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.227.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.228.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.229.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.23.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.239.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.24.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.240.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.241.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.242.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.243.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.244.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.245.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.247.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.248.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.249.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.250.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.251.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.252.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.253.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.254.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.255.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.256.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.257.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.279.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.28.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.282.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.283.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.284.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.289.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.290.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.291.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.296.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.297.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.304.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.307.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.308.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.31.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.310.46 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.311.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.315.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.316.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.317.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.318.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.319.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.32.48 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.334.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.335.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.336.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.337.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.338.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.339.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.34.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.340.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.341.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.349.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.35.48 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.350.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.351.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.352.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.353.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.354.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.357.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.358.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.359.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.360.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.361.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.362.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.363.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.364.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.365.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.367.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.368.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.369.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.370.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.371.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.372.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.373.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.375.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.376.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.377.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.378.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.384.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.386.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.387.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.388.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.389.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.390.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.391.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.392.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.393.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.394.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.396.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.397.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.398.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.399.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.403.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.404.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.405.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.406.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.407.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.408.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.409.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.412.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.413.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.414.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.415.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.416.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.417.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.418.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.419.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.420.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.421.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.423.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.424.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.425.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.426.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.427.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.428.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.429.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.430.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.432.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.433.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.434.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.435.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.436.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.437.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.438.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.439.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.440.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.442.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.443.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.444.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.445.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.446.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.450.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.451.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.452.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.453.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.454.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.456.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.457.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.458.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.459.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.460.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.462.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.463.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.464.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.465.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.468.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.469.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.470.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.471.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.472.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.478.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.479.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.480.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.481.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.482.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.49.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.50.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.500.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.501.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.502.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.51.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.52.72 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.520.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.521.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.522.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.53.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.531.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.532.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.534.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.54.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.55.45 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.56.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.57.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.58.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.593.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.595.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.63.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.66.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.70.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dealio-14251.log C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dealio-14254.log C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dod_cache.xml C:\Program Files\Dealio C:\Program Files\Dealio\DealioAU.exe C:\Program Files\Dealio\kb127 C:\Program Files\Dealio\SearchSettingsKit.exe C:\Program Files\Dealio\kb127\Dealio Deskbar.exe C:\Program Files\Dealio\kb127\Dealio.dll C:\Program Files\Dealio\kb127\DealioRes409.dll C:\Program Files\Dealio\kb127\res C:\Program Files\Dealio\kb127\resDN C:\Program Files\Dealio\kb127\rules C:\Program Files\Dealio\kb127\temp C:\Program Files\Dealio\kb127\res\alerts.gif C:\Program Files\Dealio\kb127\res\alerts_over.gif C:\Program Files\Dealio\kb127\res\alerts_rec.gif C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif C:\Program Files\Dealio\kb127\res\chevron-small.gif C:\Program Files\Dealio\kb127\res\DealioSearch.html C:\Program Files\Dealio\kb127\res\deals-leftcap.gif C:\Program Files\Dealio\kb127\res\deal_report.jpg C:\Program Files\Dealio\kb127\res\ebay_login.jpg C:\Program Files\Dealio\kb127\res\err_mainwindow.html C:\Program Files\Dealio\kb127\res\err_toolbar.html C:\Program Files\Dealio\kb127\res\global_scripts.js C:\Program Files\Dealio\kb127\res\headerbgthin.jpg C:\Program Files\Dealio\kb127\res\highlight-bg.png C:\Program Files\Dealio\kb127\res\logo.gif C:\Program Files\Dealio\kb127\res\logo_over.gif C:\Program Files\Dealio\kb127\res\man_toolbar.css C:\Program Files\Dealio\kb127\res\man_toolbar.html C:\Program Files\Dealio\kb127\res\man_toolbar.js C:\Program Files\Dealio\kb127\res\man_toolbarl.js C:\Program Files\Dealio\kb127\res\post-this-deal.gif C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif C:\Program Files\Dealio\kb127\res\scripts.js C:\Program Files\Dealio\kb127\res\scroller.js C:\Program Files\Dealio\kb127\res\search-chevron.gif C:\Program Files\Dealio\kb127\res\search-chevron_over.gif C:\Program Files\Dealio\kb127\res\search_bg_blink.gif C:\Program Files\Dealio\kb127\res\separator.gif C:\Program Files\Dealio\kb127\res\settings.gif C:\Program Files\Dealio\kb127\res\settings_over.gif C:\Program Files\Dealio\kb127\res\yahoo-search.png C:\Program Files\Dealio\kb127\resDN\bottom.gif C:\Program Files\Dealio\kb127\resDN\chevron_down.gif C:\Program Files\Dealio\kb127\resDN\chevron_up.gif C:\Program Files\Dealio\kb127\resDN\close.gif C:\Program Files\Dealio\kb127\resDN\deskbar.css C:\Program Files\Dealio\kb127\resDN\deskbar.js C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg C:\Program Files\Dealio\kb127\resDN\logo.gif C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif C:\Program Files\Dealio\kb127\resDN\losing.gif C:\Program Files\Dealio\kb127\resDN\lost.gif C:\Program Files\Dealio\kb127\resDN\man_deskbar.html C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif C:\Program Files\Dealio\kb127\resDN\menu_check.gif C:\Program Files\Dealio\kb127\resDN\no_image.gif C:\Program Files\Dealio\kb127\resDN\prod_img.gif C:\Program Files\Dealio\kb127\resDN\search_chevron.gif C:\Program Files\Dealio\kb127\resDN\spacer.gif C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif C:\Program Files\Dealio\kb127\resDN\top.gif C:\Program Files\Dealio\kb127\resDN\unknown.gif C:\Program Files\Dealio\kb127\resDN\winning.gif C:\Program Files\Dealio\kb127\resDN\won.gif C:\Program Files\Dealio\kb127\rules\index.76.35 C:\Program Files\Dealio\kb127\rules\rules.1.10.76 C:\Program Files\Dealio\kb127\rules\rules.1.109.43 C:\Program Files\Dealio\kb127\rules\rules.1.110.43 C:\Program Files\Dealio\kb127\rules\rules.1.12.52 C:\Program Files\Dealio\kb127\rules\rules.1.13.58 C:\Program Files\Dealio\kb127\rules\rules.1.130.58 C:\Program Files\Dealio\kb127\rules\rules.1.135.50 C:\Program Files\Dealio\kb127\rules\rules.1.153.44 C:\Program Files\Dealio\kb127\rules\rules.1.155.43 C:\Program Files\Dealio\kb127\rules\rules.1.156.49 C:\Program Files\Dealio\kb127\rules\rules.1.16.60 C:\Program Files\Dealio\kb127\rules\rules.1.161.52 C:\Program Files\Dealio\kb127\rules\rules.1.178.66 C:\Program Files\Dealio\kb127\rules\rules.1.184.55 C:\Program Files\Dealio\kb127\rules\rules.1.188.52 C:\Program Files\Dealio\kb127\rules\rules.1.189.45 C:\Program Files\Dealio\kb127\rules\rules.1.196.43 C:\Program Files\Dealio\kb127\rules\rules.1.198.56 C:\Program Files\Dealio\kb127\rules\rules.1.199.43 C:\Program Files\Dealio\kb127\rules\rules.1.200.53 C:\Program Files\Dealio\kb127\rules\rules.1.201.43 C:\Program Files\Dealio\kb127\rules\rules.1.202.43 C:\Program Files\Dealio\kb127\rules\rules.1.203.71 C:\Program Files\Dealio\kb127\rules\rules.1.205.62 C:\Program Files\Dealio\kb127\rules\rules.1.213.71 C:\Program Files\Dealio\kb127\rules\rules.1.214.49 C:\Program Files\Dealio\kb127\rules\rules.1.215.43 C:\Program Files\Dealio\kb127\rules\rules.1.216.67 C:\Program Files\Dealio\kb127\rules\rules.1.217.67 C:\Program Files\Dealio\kb127\rules\rules.1.218.52 C:\Program Files\Dealio\kb127\rules\rules.1.219.43 C:\Program Files\Dealio\kb127\rules\rules.1.220.43 C:\Program Files\Dealio\kb127\rules\rules.1.221.57 C:\Program Files\Dealio\kb127\rules\rules.1.222.43 C:\Program Files\Dealio\kb127\rules\rules.1.223.68 C:\Program Files\Dealio\kb127\rules\rules.1.226.68 C:\Program Files\Dealio\kb127\rules\rules.1.227.43 C:\Program Files\Dealio\kb127\rules\rules.1.228.62 C:\Program Files\Dealio\kb127\rules\rules.1.229.76 C:\Program Files\Dealio\kb127\rules\rules.1.23.63 C:\Program Files\Dealio\kb127\rules\rules.1.239.43 C:\Program Files\Dealio\kb127\rules\rules.1.24.43 C:\Program Files\Dealio\kb127\rules\rules.1.240.43 C:\Program Files\Dealio\kb127\rules\rules.1.241.43 C:\Program Files\Dealio\kb127\rules\rules.1.242.43 C:\Program Files\Dealio\kb127\rules\rules.1.243.43 C:\Program Files\Dealio\kb127\rules\rules.1.244.63 C:\Program Files\Dealio\kb127\rules\rules.1.245.43 C:\Program Files\Dealio\kb127\rules\rules.1.247.43 C:\Program Files\Dealio\kb127\rules\rules.1.248.43 C:\Program Files\Dealio\kb127\rules\rules.1.249.43 C:\Program Files\Dealio\kb127\rules\rules.1.250.43 C:\Program Files\Dealio\kb127\rules\rules.1.251.43 C:\Program Files\Dealio\kb127\rules\rules.1.252.43 C:\Program Files\Dealio\kb127\rules\rules.1.253.43 C:\Program Files\Dealio\kb127\rules\rules.1.254.43 C:\Program Files\Dealio\kb127\rules\rules.1.255.43 C:\Program Files\Dealio\kb127\rules\rules.1.256.43 C:\Program Files\Dealio\kb127\rules\rules.1.257.43 C:\Program Files\Dealio\kb127\rules\rules.1.279.43 C:\Program Files\Dealio\kb127\rules\rules.1.28.58 C:\Program Files\Dealio\kb127\rules\rules.1.282.75 C:\Program Files\Dealio\kb127\rules\rules.1.283.43 C:\Program Files\Dealio\kb127\rules\rules.1.284.43 C:\Program Files\Dealio\kb127\rules\rules.1.289.67 C:\Program Files\Dealio\kb127\rules\rules.1.290.62 C:\Program Files\Dealio\kb127\rules\rules.1.291.61 C:\Program Files\Dealio\kb127\rules\rules.1.296.43 C:\Program Files\Dealio\kb127\rules\rules.1.297.43 C:\Program Files\Dealio\kb127\rules\rules.1.304.43 C:\Program Files\Dealio\kb127\rules\rules.1.307.43 C:\Program Files\Dealio\kb127\rules\rules.1.308.75 C:\Program Files\Dealio\kb127\rules\rules.1.31.47 C:\Program Files\Dealio\kb127\rules\rules.1.310.46 C:\Program Files\Dealio\kb127\rules\rules.1.311.43 C:\Program Files\Dealio\kb127\rules\rules.1.315.43 C:\Program Files\Dealio\kb127\rules\rules.1.316.43 C:\Program Files\Dealio\kb127\rules\rules.1.317.43 C:\Program Files\Dealio\kb127\rules\rules.1.318.43 C:\Program Files\Dealio\kb127\rules\rules.1.319.49 C:\Program Files\Dealio\kb127\rules\rules.1.32.48 C:\Program Files\Dealio\kb127\rules\rules.1.334.44 C:\Program Files\Dealio\kb127\rules\rules.1.335.60 C:\Program Files\Dealio\kb127\rules\rules.1.336.44 C:\Program Files\Dealio\kb127\rules\rules.1.337.44 C:\Program Files\Dealio\kb127\rules\rules.1.338.75 C:\Program Files\Dealio\kb127\rules\rules.1.339.47 C:\Program Files\Dealio\kb127\rules\rules.1.34.43 C:\Program Files\Dealio\kb127\rules\rules.1.340.47 C:\Program Files\Dealio\kb127\rules\rules.1.341.47 C:\Program Files\Dealio\kb127\rules\rules.1.349.50 C:\Program Files\Dealio\kb127\rules\rules.1.35.48 C:\Program Files\Dealio\kb127\rules\rules.1.350.50 C:\Program Files\Dealio\kb127\rules\rules.1.351.51 C:\Program Files\Dealio\kb127\rules\rules.1.352.54 C:\Program Files\Dealio\kb127\rules\rules.1.353.51 C:\Program Files\Dealio\kb127\rules\rules.1.354.51 C:\Program Files\Dealio\kb127\rules\rules.1.357.62 C:\Program Files\Dealio\kb127\rules\rules.1.358.52 C:\Program Files\Dealio\kb127\rules\rules.1.359.52 C:\Program Files\Dealio\kb127\rules\rules.1.360.53 C:\Program Files\Dealio\kb127\rules\rules.1.361.54 C:\Program Files\Dealio\kb127\rules\rules.1.362.68 C:\Program Files\Dealio\kb127\rules\rules.1.363.58 C:\Program Files\Dealio\kb127\rules\rules.1.364.54 C:\Program Files\Dealio\kb127\rules\rules.1.365.53 C:\Program Files\Dealio\kb127\rules\rules.1.367.56 C:\Program Files\Dealio\kb127\rules\rules.1.368.58 C:\Program Files\Dealio\kb127\rules\rules.1.369.55 C:\Program Files\Dealio\kb127\rules\rules.1.370.56 C:\Program Files\Dealio\kb127\rules\rules.1.371.56 C:\Program Files\Dealio\kb127\rules\rules.1.372.57 C:\Program Files\Dealio\kb127\rules\rules.1.373.55 C:\Program Files\Dealio\kb127\rules\rules.1.375.56 C:\Program Files\Dealio\kb127\rules\rules.1.376.57 C:\Program Files\Dealio\kb127\rules\rules.1.377.55 C:\Program Files\Dealio\kb127\rules\rules.1.378.65 C:\Program Files\Dealio\kb127\rules\rules.1.384.58 C:\Program Files\Dealio\kb127\rules\rules.1.386.71 C:\Program Files\Dealio\kb127\rules\rules.1.387.59 C:\Program Files\Dealio\kb127\rules\rules.1.388.59 C:\Program Files\Dealio\kb127\rules\rules.1.389.59 C:\Program Files\Dealio\kb127\rules\rules.1.390.60 C:\Program Files\Dealio\kb127\rules\rules.1.391.60 C:\Program Files\Dealio\kb127\rules\rules.1.392.60 C:\Program Files\Dealio\kb127\rules\rules.1.393.60 C:\Program Files\Dealio\kb127\rules\rules.1.394.60 C:\Program Files\Dealio\kb127\rules\rules.1.396.61 C:\Program Files\Dealio\kb127\rules\rules.1.397.61 C:\Program Files\Dealio\kb127\rules\rules.1.398.60 C:\Program Files\Dealio\kb127\rules\rules.1.399.60 C:\Program Files\Dealio\kb127\rules\rules.1.403.61 C:\Program Files\Dealio\kb127\rules\rules.1.404.63 C:\Program Files\Dealio\kb127\rules\rules.1.405.61 C:\Program Files\Dealio\kb127\rules\rules.1.406.61 C:\Program Files\Dealio\kb127\rules\rules.1.407.76 C:\Program Files\Dealio\kb127\rules\rules.1.408.63 C:\Program Files\Dealio\kb127\rules\rules.1.409.61 C:\Program Files\Dealio\kb127\rules\rules.1.412.62 C:\Program Files\Dealio\kb127\rules\rules.1.413.62 C:\Program Files\Dealio\kb127\rules\rules.1.414.62 C:\Program Files\Dealio\kb127\rules\rules.1.415.62 C:\Program Files\Dealio\kb127\rules\rules.1.416.62 C:\Program Files\Dealio\kb127\rules\rules.1.417.62 C:\Program Files\Dealio\kb127\rules\rules.1.418.62 C:\Program Files\Dealio\kb127\rules\rules.1.419.62 C:\Program Files\Dealio\kb127\rules\rules.1.420.62 C:\Program Files\Dealio\kb127\rules\rules.1.421.62 C:\Program Files\Dealio\kb127\rules\rules.1.423.63 C:\Program Files\Dealio\kb127\rules\rules.1.424.63 C:\Program Files\Dealio\kb127\rules\rules.1.425.63 C:\Program Files\Dealio\kb127\rules\rules.1.426.63 C:\Program Files\Dealio\kb127\rules\rules.1.427.63 C:\Program Files\Dealio\kb127\rules\rules.1.428.65 C:\Program Files\Dealio\kb127\rules\rules.1.429.63 C:\Program Files\Dealio\kb127\rules\rules.1.430.63 C:\Program Files\Dealio\kb127\rules\rules.1.432.65 C:\Program Files\Dealio\kb127\rules\rules.1.433.64 C:\Program Files\Dealio\kb127\rules\rules.1.434.65 C:\Program Files\Dealio\kb127\rules\rules.1.435.64 C:\Program Files\Dealio\kb127\rules\rules.1.436.76 C:\Program Files\Dealio\kb127\rules\rules.1.437.64 C:\Program Files\Dealio\kb127\rules\rules.1.438.71 C:\Program Files\Dealio\kb127\rules\rules.1.439.71 C:\Program Files\Dealio\kb127\rules\rules.1.440.75 C:\Program Files\Dealio\kb127\rules\rules.1.442.73 C:\Program Files\Dealio\kb127\rules\rules.1.443.73 C:\Program Files\Dealio\kb127\rules\rules.1.444.73 C:\Program Files\Dealio\kb127\rules\rules.1.445.68 C:\Program Files\Dealio\kb127\rules\rules.1.446.69 C:\Program Files\Dealio\kb127\rules\rules.1.450.67 C:\Program Files\Dealio\kb127\rules\rules.1.451.67 C:\Program Files\Dealio\kb127\rules\rules.1.452.68 C:\Program Files\Dealio\kb127\rules\rules.1.453.68 C:\Program Files\Dealio\kb127\rules\rules.1.454.69 C:\Program Files\Dealio\kb127\rules\rules.1.456.69 C:\Program Files\Dealio\kb127\rules\rules.1.457.75 C:\Program Files\Dealio\kb127\rules\rules.1.458.70 C:\Program Files\Dealio\kb127\rules\rules.1.459.70 C:\Program Files\Dealio\kb127\rules\rules.1.460.69 C:\Program Files\Dealio\kb127\rules\rules.1.462.74 C:\Program Files\Dealio\kb127\rules\rules.1.463.69 C:\Program Files\Dealio\kb127\rules\rules.1.464.70 C:\Program Files\Dealio\kb127\rules\rules.1.465.68 C:\Program Files\Dealio\kb127\rules\rules.1.468.70 C:\Program Files\Dealio\kb127\rules\rules.1.469.70 C:\Program Files\Dealio\kb127\rules\rules.1.470.70 C:\Program Files\Dealio\kb127\rules\rules.1.471.73 C:\Program Files\Dealio\kb127\rules\rules.1.472.70 C:\Program Files\Dealio\kb127\rules\rules.1.478.74 C:\Program Files\Dealio\kb127\rules\rules.1.479.73 C:\Program Files\Dealio\kb127\rules\rules.1.480.68 C:\Program Files\Dealio\kb127\rules\rules.1.481.71 C:\Program Files\Dealio\kb127\rules\rules.1.482.74 C:\Program Files\Dealio\kb127\rules\rules.1.49.67 C:\Program Files\Dealio\kb127\rules\rules.1.50.43 C:\Program Files\Dealio\kb127\rules\rules.1.500.71 C:\Program Files\Dealio\kb127\rules\rules.1.501.74 C:\Program Files\Dealio\kb127\rules\rules.1.502.71 C:\Program Files\Dealio\kb127\rules\rules.1.51.69 C:\Program Files\Dealio\kb127\rules\rules.1.52.72 C:\Program Files\Dealio\kb127\rules\rules.1.520.76 C:\Program Files\Dealio\kb127\rules\rules.1.521.76 C:\Program Files\Dealio\kb127\rules\rules.1.522.76 C:\Program Files\Dealio\kb127\rules\rules.1.53.51 C:\Program Files\Dealio\kb127\rules\rules.1.531.76 C:\Program Files\Dealio\kb127\rules\rules.1.532.75 C:\Program Files\Dealio\kb127\rules\rules.1.534.75 C:\Program Files\Dealio\kb127\rules\rules.1.54.47 C:\Program Files\Dealio\kb127\rules\rules.1.55.45 C:\Program Files\Dealio\kb127\rules\rules.1.56.69 C:\Program Files\Dealio\kb127\rules\rules.1.57.43 C:\Program Files\Dealio\kb127\rules\rules.1.58.47 C:\Program Files\Dealio\kb127\rules\rules.1.593.76 C:\Program Files\Dealio\kb127\rules\rules.1.595.76 C:\Program Files\Dealio\kb127\rules\rules.1.63.57 C:\Program Files\Dealio\kb127\rules\rules.1.66.47 C:\Program Files\Dealio\kb127\rules\rules.1.70.75 C:\Program Files\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Dealio C:\DOCUME~1\Jibione\APPLIC~1\Search Settings C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127 C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\res C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14253.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14254.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14255.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14256.log C:\Program Files\Search Settings C:\Program Files\Search Settings\kb127 C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Search Settings\kb127\res C:\Program Files\Search Settings\kb127\SearchSettings.dll C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll C:\Program Files\Search Settings\kb127\temp -----------\\ Extensions (Jibione) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://yahoo.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack\Return to Castle Wolfenstein Key Generator.exe C:\DOCUME~1\Jibione\Recent\Avs Video Converter 5.6 Keygen.7z.lnk C:\DOCUME~1\Jibione\Recent\avs-video-converter-6.2.keygen.jpg.lnk C:\DOCUME~1\Jibione\Recent\Return to The Castle of Wolfenstein + patch v1.41 + Keygen.ISO.lnk C:\DOCUME~1\Jibione\Recent\Windows.Xp.Sp2.Keygen.with.auto.key.changer.rar.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 09/01/2009|18:31 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 10/01/2009|12:33 - Option : [1] 3 - "C:\ToolBar SD\TB_3.txt" - 12/01/2009|18:36 - Option : [1] -----------\\ Fin du rapport a 18:36:09,87
  15. Jibione
    Tout d'abord, un grand merci à toi de te pencher sur mon problème. C'est vraiment nice Voici donc le rapport de combofix : ComboFix 09-01-09.03 - Jibione 2009-01-11 23:05:23.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.547 [GMT 1:00] Lancé depuis: c:\documents and settings\Jibione\Desktop\TRALALA.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-11 au 2009-01-11 )))))))))))))))))))))))))))))))))))) . 2009-01-10 13:02 . 2009-01-10 13:24 <DIR> d-------- c:\program files\Navilog1 2009-01-10 12:57 . 2009-01-10 12:57 <DIR> d-------- c:\documents and settings\Jibione\Application Data\AVSMedia 2009-01-10 12:55 . 2009-01-10 12:55 <DIR> d-------- c:\program files\AVSMedia 2009-01-10 12:55 . 2007-02-27 19:36 261,632 --a------ c:\windows\system32\mcdvd_32.dll 2009-01-10 12:55 . 2007-02-27 19:36 221,215 --a------ c:\windows\system32\divxdec.ax 2009-01-10 12:55 . 2007-02-27 19:36 156,910 --a------ c:\windows\WMSysPr8.prx 2009-01-10 12:55 . 2007-02-27 19:36 82,944 --a------ c:\windows\system32\vct3216.acm 2009-01-10 12:55 . 2007-02-27 19:36 53,248 --a------ c:\windows\system32\xvid.ax 2009-01-10 12:55 . 2007-02-27 19:36 38,912 --a------ c:\windows\system32\alf2cd.acm 2009-01-10 12:55 . 2007-02-27 19:36 13,239 --a------ c:\windows\system32\Scg726.acm 2009-01-09 18:25 . 2009-01-10 12:33 <DIR> d-------- C:\ToolBar SD 2009-01-09 17:38 . 2009-01-11 04:20 <DIR> d--h----- c:\documents and settings\Jibione\Application Data\drivers 2009-01-09 17:32 . 2009-01-09 18:49 <DIR> d-------- C:\VideoFiles 2009-01-09 17:31 . 2009-01-09 17:31 <DIR> d-------- c:\program files\AliveMedia 2009-01-09 17:31 . 2002-05-23 20:40 110,080 --a------ c:\windows\system32\nLame.dll 2009-01-09 17:31 . 2001-06-23 21:20 23,040 --a------ c:\windows\system32\auth.dll 2009-01-09 17:23 . 2009-01-09 17:23 <DIR> d-------- c:\program files\DivX 2009-01-09 17:23 . 2009-01-09 17:23 <DIR> d-------- c:\documents and settings\Jibione\.drdivx2 2009-01-08 20:07 . 2009-01-08 20:08 <DIR> d-------- c:\program files\RaPiZ PSP Software 2009-01-08 20:00 . 2009-01-08 20:12 <DIR> d-------- c:\program files\WinAVI Video Converter 2009-01-07 04:28 . 2009-01-07 04:28 <DIR> d-------- c:\documents and settings\Jibione\Application Data\Search Settings 2009-01-06 07:14 . 2009-01-08 20:13 <DIR> d-------- C:\Virtual-DivX 2009-01-05 20:34 . 2009-01-05 20:35 <DIR> d-------- c:\program files\E.M. DVD Copy 2009-01-05 20:25 . 2009-01-08 19:53 <DIR> d-------- c:\program files\HT MPEG Encoder 7.0 Trial 2009-01-05 20:19 . 2009-01-05 20:19 <DIR> d-------- c:\program files\Search Settings 2009-01-05 20:19 . 2009-01-05 20:19 <DIR> d-------- c:\program files\Dealio 2009-01-05 20:19 . 2009-01-05 20:19 <DIR> d-------- c:\documents and settings\Jibione\Application Data\Dealio 2009-01-05 20:18 . 2009-01-05 20:18 <DIR> d-------- c:\program files\Ipod Video Converter 2009-01-05 20:18 . 2005-05-14 20:09 2,179,072 --a------ c:\windows\system32\mfc71d.dll 2009-01-05 20:18 . 2006-07-11 18:06 544,768 --a------ c:\windows\system32\msvcr71d.dll 2009-01-05 20:18 . 2006-05-12 08:37 490,496 --a------ c:\windows\system32\MP4Splitter.ax 2009-01-05 20:18 . 2004-01-10 17:02 258,048 --a------ c:\windows\system32\GplMpgDec.ax 2009-01-05 20:18 . 1998-06-24 00:00 164,144 --a------ c:\windows\system32\COMCT232.OCX 2009-01-05 20:18 . 2005-09-28 01:31 24,576 --a------ c:\windows\system32\ControlSubX.ocx 2009-01-05 20:18 . 1998-07-13 00:00 20,992 --a------ c:\windows\system32\CMCT2FR.DLL 2008-12-31 18:27 . 2008-12-31 18:27 <DIR> d-------- c:\documents and settings\Jibione\Application Data\AVS4YOU 2008-12-31 18:26 . 2008-12-31 18:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU 2008-12-31 18:24 . 2009-01-10 12:57 <DIR> d-------- c:\program files\Common Files\AVSMedia 2008-12-31 18:24 . 2008-12-31 18:25 <DIR> d-------- c:\program files\AVS4YOU 2008-12-31 18:24 . 2007-02-27 18:36 1,700,352 --a------ c:\windows\system32\GdiPlus.dll 2008-12-31 18:24 . 2007-02-27 18:36 974,848 --a------ c:\windows\system32\mfc70.dll 2008-12-31 18:24 . 2007-02-27 18:36 487,424 --a------ c:\windows\system32\msvcp70.dll 2008-12-31 18:24 . 2007-02-27 18:36 24,576 --a------ c:\windows\system32\msxml3a.dll 2008-12-28 14:25 . 2008-12-28 14:25 268 --ah----- C:\sqmdata16.sqm 2008-12-28 14:25 . 2008-12-28 14:25 244 --ah----- C:\sqmnoopt16.sqm 2008-12-28 00:16 . 2008-12-28 00:16 268 --ah----- C:\sqmdata15.sqm 2008-12-28 00:16 . 2008-12-28 00:16 244 --ah----- C:\sqmnoopt15.sqm 2008-12-25 23:48 . 2008-12-25 23:48 268 --ah----- C:\sqmdata14.sqm 2008-12-25 23:48 . 2008-12-25 23:48 244 --ah----- C:\sqmnoopt14.sqm 2008-12-14 11:56 . 2008-12-16 07:21 <DIR> d-------- c:\program files\UltraVNC 2008-12-13 20:00 . 2008-12-13 20:47 <DIR> d-------- c:\documents and settings\Jibione\Application Data\DiskAid 2008-12-13 19:53 . 2008-12-13 19:53 <DIR> d-------- c:\program files\DigiDNA . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-10 18:37 --------- d-----w c:\program files\eMule 2009-01-08 19:14 --------- d-----w c:\program files\Return to Castle Wolfenstein 2009-01-08 18:53 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-05 21:35 --------- d-----w c:\documents and settings\Jibione\Application Data\dvdcss 2008-12-31 16:44 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink 2008-11-26 07:05 --------- d-----w c:\program files\QuickTime 2008-11-26 07:03 --------- d-----w c:\program files\Java 2008-11-26 06:33 --------- d-----w c:\program files\Google 2008-11-25 17:06 --------- d-----w c:\program files\PacificPoker 2008-11-25 17:06 --------- d-----w c:\documents and settings\Jibione\Application Data\PacificPoker 2008-11-25 17:04 --------- d-----w c:\program files\MeuhMeuhTV Alpha 2008-11-24 19:07 --------- d-----w c:\documents and settings\All Users\Application Data\wmp 2008-11-23 11:22 --------- d-----w c:\program files\AskBarDis 2008-11-22 18:54 --------- d-----w c:\program files\Common Files\DirectX 2008-11-22 15:07 --------- d-----w c:\program files\Common Files\DVDVIDEOSOFT 2008-11-22 15:06 --------- d-----w c:\program files\DVDVIDEOSOFT 2008-11-22 10:56 --------- d-----w c:\program files\WinSCP 2008-11-22 09:47 --------- d-----w c:\program files\iTunes 2008-11-22 09:47 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-11-22 09:46 --------- d-----w c:\program files\iPod 2008-11-22 09:46 --------- d-----w c:\program files\Common Files\Apple 2008-11-15 11:21 --------- d-----w c:\documents and settings\Jibione\Application Data\Apple Computer . ((((((((((((((((((((((((((((( snapshot@2009-01-11_ 4.26.04.53 ))))))))))))))))))))))))))))))))))))))))) . + 2009-01-11 22:08:54 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7a8.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "flockbox"="c:\program files\My Lockbox\flockbox.exe" [2007-12-15 1071472] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-26 136600] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-01-10 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "au"="c:\program files\Dealio\DealioAU.exe" [2008-05-26 595296] "SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584] "RTHDCPL"="RTHDCPL.EXE" [2007-11-06 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Outil de mise à jour Google.lnk backup=c:\windows\pss\Outil de mise à jour Google.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5900:TCP"= 5900:TCP:vnc5900 "5800:TCP"= 5800:TCP:vnc5800 R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [2008-01-10 17264] R4 AMDRAIDXpert;AMD RAIDXpert;c:\program files\AMD\RAIDXpert\jetty\extra\win32\Wrapper.exe [2003-09-29 110592] R4 uvnc_service;uvnc_service;c:\program files\UltraVNC\winvnc.exe [2008-12-14 1608256] S1 aswSP;avast! Self Protection; [x] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-01-16 16512] S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2008-03-16 21344] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064] S4 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cdd83a2-bffb-11dc-af5e-be0ac0faea2a}] \Shell\AutoRun\command - D:\Autorun.exe /run \Shell\Shell00\Command - D:\Autorun.exe /run \Shell\Shell01\Command - D:\Autorun.exe /action \Shell\Shell02\Command - D:\Autorun.exe /uninstall . Contenu du dossier 'Tâches planifiées' 2009-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . - - - - ORPHELINS SUPPRIMES - - - - URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://yahoo.fr/ uInternet Settings,ProxyOverride = *.local IE: Compare Prices with &Dealio - c:\documents and settings\Jibione\Application Data\Dealio\kb127\res\DealioSearch.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {45BCFF62-AB81-4033-A84F-C015C618050B} = 212.27.53.252,212.27.54.252 FF - ProfilePath - c:\documents and settings\Jibione\Application Data\Mozilla\Firefox\Profiles\3qb0duha.default\ FF - prefs.js: browser.startup.homepage - hxxp://yahoo.fr/ FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-11 23:10:47 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver] "ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•A~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(884) c:\windows\system32\Ati2evxx.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe c:\program files\AMD\RAIDXpert\_jvm\bin\java.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\notepad.exe . ************************************************************************** . Heure de fin: 2009-01-11 23:13:44 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-11 22:13:41 ComboFix2.txt 2009-01-11 03:30:24 Avant-CF: 20 276 199 424 bytes free Après-CF: 20,274,470,912 bytes free 217 --- E O F --- 2008-12-19 06:03:18
  16. Jibione
    Bonjour à tous, Je me suis un peu promené sur les différents forums traitant de ce nouveau type d'infection, mais j'ai l'impression que chaque type de réparation/supression de ces infections sont à chaque fois bien propres a chaque PC. J'ai donc sorti sur les conseils de noppp un rapport SD Toolbar que je colle ci-dessous. Si l'un d'entre vous aurait le courage et la patience d'y jeter un oeil, ce serait vraiment cool. Merci d'avance. -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Genuine Intel® CPU 2140 @ 1.60GHz ) BIOS : Phoenix - AwardBIOS v6.00PG USER : Jibione ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090108-0] 4.8.1296 (Not Activated) C:\ (Local Disk) - NTFS - Total:111 Go (Free:12 Go) D:\ (Local Disk) - FAT32 - Total:232 Go (Free:160 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (Local Disk) - NTFS - Total:111 Go (Free:13 Go) J:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go) L:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 10/01/2009|12:30 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\PopSwatter C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\0077F6F0 C:\Program Files\AskBarDis\bar\Cache\0077FAB8.bin C:\Program Files\AskBarDis\bar\Cache\0077FC8D.bin C:\Program Files\AskBarDis\bar\Cache\0077FE43.bin C:\Program Files\AskBarDis\bar\Cache\0077FFE8.bin C:\Program Files\AskBarDis\bar\Cache\00780121.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\Program Files\AskBarDis\PopSwatter\History C:\Program Files\AskBarDis\PopSwatter\History\allowed C:\Program Files\AskBarDis\PopSwatter\History\notallow C:\DOCUME~1\Jibione\APPLIC~1\Dealio C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_rec.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\chevron-small.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\DealioSearch.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\deal_report.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\ebay_login.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\err_mainwindow.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\err_toolbar.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\global_scripts.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\highlight-bg.png C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\logo.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\logo_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.css C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.html C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbar.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\man_toolbarl.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\post-this-deal.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\scripts.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\scroller.js C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search-chevron.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\separator.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\settings.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\settings_over.gif C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\res\yahoo-search.png C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\index.76.35 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.10.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.109.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.110.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.12.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.13.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.130.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.135.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.153.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.155.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.156.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.16.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.161.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.178.66 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.184.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.188.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.189.45 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.196.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.198.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.199.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.200.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.201.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.202.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.203.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.205.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.213.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.214.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.215.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.216.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.217.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.218.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.219.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.220.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.221.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.222.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.223.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.226.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.227.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.228.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.229.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.23.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.239.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.24.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.240.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.241.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.242.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.243.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.244.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.245.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.247.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.248.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.249.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.250.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.251.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.252.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.253.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.254.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.255.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.256.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.257.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.279.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.28.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.282.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.283.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.284.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.289.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.290.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.291.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.296.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.297.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.304.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.307.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.308.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.31.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.310.46 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.311.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.315.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.316.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.317.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.318.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.319.49 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.32.48 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.334.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.335.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.336.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.337.44 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.338.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.339.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.34.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.340.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.341.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.349.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.35.48 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.350.50 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.351.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.352.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.353.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.354.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.357.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.358.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.359.52 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.360.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.361.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.362.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.363.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.364.54 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.365.53 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.367.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.368.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.369.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.370.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.371.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.372.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.373.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.375.56 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.376.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.377.55 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.378.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.384.58 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.386.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.387.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.388.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.389.59 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.390.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.391.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.392.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.393.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.394.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.396.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.397.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.398.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.399.60 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.403.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.404.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.405.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.406.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.407.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.408.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.409.61 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.412.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.413.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.414.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.415.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.416.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.417.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.418.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.419.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.420.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.421.62 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.423.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.424.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.425.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.426.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.427.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.428.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.429.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.430.63 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.432.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.433.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.434.65 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.435.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.436.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.437.64 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.438.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.439.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.440.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.442.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.443.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.444.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.445.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.446.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.450.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.451.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.452.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.453.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.454.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.456.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.457.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.458.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.459.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.460.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.462.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.463.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.464.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.465.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.468.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.469.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.470.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.471.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.472.70 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.478.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.479.73 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.480.68 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.481.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.482.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.49.67 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.50.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.500.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.501.74 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.502.71 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.51.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.52.72 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.520.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.521.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.522.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.53.51 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.531.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.532.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.534.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.54.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.55.45 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.56.69 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.57.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.58.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.593.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.595.76 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.63.57 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.66.47 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.70.75 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dealio-14251.log C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dealio-14254.log C:\DOCUME~1\Jibione\APPLIC~1\Dealio\kb127\temp\dod_cache.xml C:\Program Files\Dealio C:\Program Files\Dealio\DealioAU.exe C:\Program Files\Dealio\kb127 C:\Program Files\Dealio\SearchSettingsKit.exe C:\Program Files\Dealio\kb127\Dealio Deskbar.exe C:\Program Files\Dealio\kb127\Dealio.dll C:\Program Files\Dealio\kb127\DealioRes409.dll C:\Program Files\Dealio\kb127\res C:\Program Files\Dealio\kb127\resDN C:\Program Files\Dealio\kb127\rules C:\Program Files\Dealio\kb127\temp C:\Program Files\Dealio\kb127\res\alerts.gif C:\Program Files\Dealio\kb127\res\alerts_over.gif C:\Program Files\Dealio\kb127\res\alerts_rec.gif C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif C:\Program Files\Dealio\kb127\res\chevron-small.gif C:\Program Files\Dealio\kb127\res\DealioSearch.html C:\Program Files\Dealio\kb127\res\deals-leftcap.gif C:\Program Files\Dealio\kb127\res\deal_report.jpg C:\Program Files\Dealio\kb127\res\ebay_login.jpg C:\Program Files\Dealio\kb127\res\err_mainwindow.html C:\Program Files\Dealio\kb127\res\err_toolbar.html C:\Program Files\Dealio\kb127\res\global_scripts.js C:\Program Files\Dealio\kb127\res\headerbgthin.jpg C:\Program Files\Dealio\kb127\res\highlight-bg.png C:\Program Files\Dealio\kb127\res\logo.gif C:\Program Files\Dealio\kb127\res\logo_over.gif C:\Program Files\Dealio\kb127\res\man_toolbar.css C:\Program Files\Dealio\kb127\res\man_toolbar.html C:\Program Files\Dealio\kb127\res\man_toolbar.js C:\Program Files\Dealio\kb127\res\man_toolbarl.js C:\Program Files\Dealio\kb127\res\post-this-deal.gif C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif C:\Program Files\Dealio\kb127\res\scripts.js C:\Program Files\Dealio\kb127\res\scroller.js C:\Program Files\Dealio\kb127\res\search-chevron.gif C:\Program Files\Dealio\kb127\res\search-chevron_over.gif C:\Program Files\Dealio\kb127\res\search_bg_blink.gif C:\Program Files\Dealio\kb127\res\separator.gif C:\Program Files\Dealio\kb127\res\settings.gif C:\Program Files\Dealio\kb127\res\settings_over.gif C:\Program Files\Dealio\kb127\res\yahoo-search.png C:\Program Files\Dealio\kb127\resDN\bottom.gif C:\Program Files\Dealio\kb127\resDN\chevron_down.gif C:\Program Files\Dealio\kb127\resDN\chevron_up.gif C:\Program Files\Dealio\kb127\resDN\close.gif C:\Program Files\Dealio\kb127\resDN\deskbar.css C:\Program Files\Dealio\kb127\resDN\deskbar.js C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg C:\Program Files\Dealio\kb127\resDN\logo.gif C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif C:\Program Files\Dealio\kb127\resDN\losing.gif C:\Program Files\Dealio\kb127\resDN\lost.gif C:\Program Files\Dealio\kb127\resDN\man_deskbar.html C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif C:\Program Files\Dealio\kb127\resDN\menu_check.gif C:\Program Files\Dealio\kb127\resDN\no_image.gif C:\Program Files\Dealio\kb127\resDN\prod_img.gif C:\Program Files\Dealio\kb127\resDN\search_chevron.gif C:\Program Files\Dealio\kb127\resDN\spacer.gif C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif C:\Program Files\Dealio\kb127\resDN\top.gif C:\Program Files\Dealio\kb127\resDN\unknown.gif C:\Program Files\Dealio\kb127\resDN\winning.gif C:\Program Files\Dealio\kb127\resDN\won.gif C:\Program Files\Dealio\kb127\rules\index.76.35 C:\Program Files\Dealio\kb127\rules\rules.1.10.76 C:\Program Files\Dealio\kb127\rules\rules.1.109.43 C:\Program Files\Dealio\kb127\rules\rules.1.110.43 C:\Program Files\Dealio\kb127\rules\rules.1.12.52 C:\Program Files\Dealio\kb127\rules\rules.1.13.58 C:\Program Files\Dealio\kb127\rules\rules.1.130.58 C:\Program Files\Dealio\kb127\rules\rules.1.135.50 C:\Program Files\Dealio\kb127\rules\rules.1.153.44 C:\Program Files\Dealio\kb127\rules\rules.1.155.43 C:\Program Files\Dealio\kb127\rules\rules.1.156.49 C:\Program Files\Dealio\kb127\rules\rules.1.16.60 C:\Program Files\Dealio\kb127\rules\rules.1.161.52 C:\Program Files\Dealio\kb127\rules\rules.1.178.66 C:\Program Files\Dealio\kb127\rules\rules.1.184.55 C:\Program Files\Dealio\kb127\rules\rules.1.188.52 C:\Program Files\Dealio\kb127\rules\rules.1.189.45 C:\Program Files\Dealio\kb127\rules\rules.1.196.43 C:\Program Files\Dealio\kb127\rules\rules.1.198.56 C:\Program Files\Dealio\kb127\rules\rules.1.199.43 C:\Program Files\Dealio\kb127\rules\rules.1.200.53 C:\Program Files\Dealio\kb127\rules\rules.1.201.43 C:\Program Files\Dealio\kb127\rules\rules.1.202.43 C:\Program Files\Dealio\kb127\rules\rules.1.203.71 C:\Program Files\Dealio\kb127\rules\rules.1.205.62 C:\Program Files\Dealio\kb127\rules\rules.1.213.71 C:\Program Files\Dealio\kb127\rules\rules.1.214.49 C:\Program Files\Dealio\kb127\rules\rules.1.215.43 C:\Program Files\Dealio\kb127\rules\rules.1.216.67 C:\Program Files\Dealio\kb127\rules\rules.1.217.67 C:\Program Files\Dealio\kb127\rules\rules.1.218.52 C:\Program Files\Dealio\kb127\rules\rules.1.219.43 C:\Program Files\Dealio\kb127\rules\rules.1.220.43 C:\Program Files\Dealio\kb127\rules\rules.1.221.57 C:\Program Files\Dealio\kb127\rules\rules.1.222.43 C:\Program Files\Dealio\kb127\rules\rules.1.223.68 C:\Program Files\Dealio\kb127\rules\rules.1.226.68 C:\Program Files\Dealio\kb127\rules\rules.1.227.43 C:\Program Files\Dealio\kb127\rules\rules.1.228.62 C:\Program Files\Dealio\kb127\rules\rules.1.229.76 C:\Program Files\Dealio\kb127\rules\rules.1.23.63 C:\Program Files\Dealio\kb127\rules\rules.1.239.43 C:\Program Files\Dealio\kb127\rules\rules.1.24.43 C:\Program Files\Dealio\kb127\rules\rules.1.240.43 C:\Program Files\Dealio\kb127\rules\rules.1.241.43 C:\Program Files\Dealio\kb127\rules\rules.1.242.43 C:\Program Files\Dealio\kb127\rules\rules.1.243.43 C:\Program Files\Dealio\kb127\rules\rules.1.244.63 C:\Program Files\Dealio\kb127\rules\rules.1.245.43 C:\Program Files\Dealio\kb127\rules\rules.1.247.43 C:\Program Files\Dealio\kb127\rules\rules.1.248.43 C:\Program Files\Dealio\kb127\rules\rules.1.249.43 C:\Program Files\Dealio\kb127\rules\rules.1.250.43 C:\Program Files\Dealio\kb127\rules\rules.1.251.43 C:\Program Files\Dealio\kb127\rules\rules.1.252.43 C:\Program Files\Dealio\kb127\rules\rules.1.253.43 C:\Program Files\Dealio\kb127\rules\rules.1.254.43 C:\Program Files\Dealio\kb127\rules\rules.1.255.43 C:\Program Files\Dealio\kb127\rules\rules.1.256.43 C:\Program Files\Dealio\kb127\rules\rules.1.257.43 C:\Program Files\Dealio\kb127\rules\rules.1.279.43 C:\Program Files\Dealio\kb127\rules\rules.1.28.58 C:\Program Files\Dealio\kb127\rules\rules.1.282.75 C:\Program Files\Dealio\kb127\rules\rules.1.283.43 C:\Program Files\Dealio\kb127\rules\rules.1.284.43 C:\Program Files\Dealio\kb127\rules\rules.1.289.67 C:\Program Files\Dealio\kb127\rules\rules.1.290.62 C:\Program Files\Dealio\kb127\rules\rules.1.291.61 C:\Program Files\Dealio\kb127\rules\rules.1.296.43 C:\Program Files\Dealio\kb127\rules\rules.1.297.43 C:\Program Files\Dealio\kb127\rules\rules.1.304.43 C:\Program Files\Dealio\kb127\rules\rules.1.307.43 C:\Program Files\Dealio\kb127\rules\rules.1.308.75 C:\Program Files\Dealio\kb127\rules\rules.1.31.47 C:\Program Files\Dealio\kb127\rules\rules.1.310.46 C:\Program Files\Dealio\kb127\rules\rules.1.311.43 C:\Program Files\Dealio\kb127\rules\rules.1.315.43 C:\Program Files\Dealio\kb127\rules\rules.1.316.43 C:\Program Files\Dealio\kb127\rules\rules.1.317.43 C:\Program Files\Dealio\kb127\rules\rules.1.318.43 C:\Program Files\Dealio\kb127\rules\rules.1.319.49 C:\Program Files\Dealio\kb127\rules\rules.1.32.48 C:\Program Files\Dealio\kb127\rules\rules.1.334.44 C:\Program Files\Dealio\kb127\rules\rules.1.335.60 C:\Program Files\Dealio\kb127\rules\rules.1.336.44 C:\Program Files\Dealio\kb127\rules\rules.1.337.44 C:\Program Files\Dealio\kb127\rules\rules.1.338.75 C:\Program Files\Dealio\kb127\rules\rules.1.339.47 C:\Program Files\Dealio\kb127\rules\rules.1.34.43 C:\Program Files\Dealio\kb127\rules\rules.1.340.47 C:\Program Files\Dealio\kb127\rules\rules.1.341.47 C:\Program Files\Dealio\kb127\rules\rules.1.349.50 C:\Program Files\Dealio\kb127\rules\rules.1.35.48 C:\Program Files\Dealio\kb127\rules\rules.1.350.50 C:\Program Files\Dealio\kb127\rules\rules.1.351.51 C:\Program Files\Dealio\kb127\rules\rules.1.352.54 C:\Program Files\Dealio\kb127\rules\rules.1.353.51 C:\Program Files\Dealio\kb127\rules\rules.1.354.51 C:\Program Files\Dealio\kb127\rules\rules.1.357.62 C:\Program Files\Dealio\kb127\rules\rules.1.358.52 C:\Program Files\Dealio\kb127\rules\rules.1.359.52 C:\Program Files\Dealio\kb127\rules\rules.1.360.53 C:\Program Files\Dealio\kb127\rules\rules.1.361.54 C:\Program Files\Dealio\kb127\rules\rules.1.362.68 C:\Program Files\Dealio\kb127\rules\rules.1.363.58 C:\Program Files\Dealio\kb127\rules\rules.1.364.54 C:\Program Files\Dealio\kb127\rules\rules.1.365.53 C:\Program Files\Dealio\kb127\rules\rules.1.367.56 C:\Program Files\Dealio\kb127\rules\rules.1.368.58 C:\Program Files\Dealio\kb127\rules\rules.1.369.55 C:\Program Files\Dealio\kb127\rules\rules.1.370.56 C:\Program Files\Dealio\kb127\rules\rules.1.371.56 C:\Program Files\Dealio\kb127\rules\rules.1.372.57 C:\Program Files\Dealio\kb127\rules\rules.1.373.55 C:\Program Files\Dealio\kb127\rules\rules.1.375.56 C:\Program Files\Dealio\kb127\rules\rules.1.376.57 C:\Program Files\Dealio\kb127\rules\rules.1.377.55 C:\Program Files\Dealio\kb127\rules\rules.1.378.65 C:\Program Files\Dealio\kb127\rules\rules.1.384.58 C:\Program Files\Dealio\kb127\rules\rules.1.386.71 C:\Program Files\Dealio\kb127\rules\rules.1.387.59 C:\Program Files\Dealio\kb127\rules\rules.1.388.59 C:\Program Files\Dealio\kb127\rules\rules.1.389.59 C:\Program Files\Dealio\kb127\rules\rules.1.390.60 C:\Program Files\Dealio\kb127\rules\rules.1.391.60 C:\Program Files\Dealio\kb127\rules\rules.1.392.60 C:\Program Files\Dealio\kb127\rules\rules.1.393.60 C:\Program Files\Dealio\kb127\rules\rules.1.394.60 C:\Program Files\Dealio\kb127\rules\rules.1.396.61 C:\Program Files\Dealio\kb127\rules\rules.1.397.61 C:\Program Files\Dealio\kb127\rules\rules.1.398.60 C:\Program Files\Dealio\kb127\rules\rules.1.399.60 C:\Program Files\Dealio\kb127\rules\rules.1.403.61 C:\Program Files\Dealio\kb127\rules\rules.1.404.63 C:\Program Files\Dealio\kb127\rules\rules.1.405.61 C:\Program Files\Dealio\kb127\rules\rules.1.406.61 C:\Program Files\Dealio\kb127\rules\rules.1.407.76 C:\Program Files\Dealio\kb127\rules\rules.1.408.63 C:\Program Files\Dealio\kb127\rules\rules.1.409.61 C:\Program Files\Dealio\kb127\rules\rules.1.412.62 C:\Program Files\Dealio\kb127\rules\rules.1.413.62 C:\Program Files\Dealio\kb127\rules\rules.1.414.62 C:\Program Files\Dealio\kb127\rules\rules.1.415.62 C:\Program Files\Dealio\kb127\rules\rules.1.416.62 C:\Program Files\Dealio\kb127\rules\rules.1.417.62 C:\Program Files\Dealio\kb127\rules\rules.1.418.62 C:\Program Files\Dealio\kb127\rules\rules.1.419.62 C:\Program Files\Dealio\kb127\rules\rules.1.420.62 C:\Program Files\Dealio\kb127\rules\rules.1.421.62 C:\Program Files\Dealio\kb127\rules\rules.1.423.63 C:\Program Files\Dealio\kb127\rules\rules.1.424.63 C:\Program Files\Dealio\kb127\rules\rules.1.425.63 C:\Program Files\Dealio\kb127\rules\rules.1.426.63 C:\Program Files\Dealio\kb127\rules\rules.1.427.63 C:\Program Files\Dealio\kb127\rules\rules.1.428.65 C:\Program Files\Dealio\kb127\rules\rules.1.429.63 C:\Program Files\Dealio\kb127\rules\rules.1.430.63 C:\Program Files\Dealio\kb127\rules\rules.1.432.65 C:\Program Files\Dealio\kb127\rules\rules.1.433.64 C:\Program Files\Dealio\kb127\rules\rules.1.434.65 C:\Program Files\Dealio\kb127\rules\rules.1.435.64 C:\Program Files\Dealio\kb127\rules\rules.1.436.76 C:\Program Files\Dealio\kb127\rules\rules.1.437.64 C:\Program Files\Dealio\kb127\rules\rules.1.438.71 C:\Program Files\Dealio\kb127\rules\rules.1.439.71 C:\Program Files\Dealio\kb127\rules\rules.1.440.75 C:\Program Files\Dealio\kb127\rules\rules.1.442.73 C:\Program Files\Dealio\kb127\rules\rules.1.443.73 C:\Program Files\Dealio\kb127\rules\rules.1.444.73 C:\Program Files\Dealio\kb127\rules\rules.1.445.68 C:\Program Files\Dealio\kb127\rules\rules.1.446.69 C:\Program Files\Dealio\kb127\rules\rules.1.450.67 C:\Program Files\Dealio\kb127\rules\rules.1.451.67 C:\Program Files\Dealio\kb127\rules\rules.1.452.68 C:\Program Files\Dealio\kb127\rules\rules.1.453.68 C:\Program Files\Dealio\kb127\rules\rules.1.454.69 C:\Program Files\Dealio\kb127\rules\rules.1.456.69 C:\Program Files\Dealio\kb127\rules\rules.1.457.75 C:\Program Files\Dealio\kb127\rules\rules.1.458.70 C:\Program Files\Dealio\kb127\rules\rules.1.459.70 C:\Program Files\Dealio\kb127\rules\rules.1.460.69 C:\Program Files\Dealio\kb127\rules\rules.1.462.74 C:\Program Files\Dealio\kb127\rules\rules.1.463.69 C:\Program Files\Dealio\kb127\rules\rules.1.464.70 C:\Program Files\Dealio\kb127\rules\rules.1.465.68 C:\Program Files\Dealio\kb127\rules\rules.1.468.70 C:\Program Files\Dealio\kb127\rules\rules.1.469.70 C:\Program Files\Dealio\kb127\rules\rules.1.470.70 C:\Program Files\Dealio\kb127\rules\rules.1.471.73 C:\Program Files\Dealio\kb127\rules\rules.1.472.70 C:\Program Files\Dealio\kb127\rules\rules.1.478.74 C:\Program Files\Dealio\kb127\rules\rules.1.479.73 C:\Program Files\Dealio\kb127\rules\rules.1.480.68 C:\Program Files\Dealio\kb127\rules\rules.1.481.71 C:\Program Files\Dealio\kb127\rules\rules.1.482.74 C:\Program Files\Dealio\kb127\rules\rules.1.49.67 C:\Program Files\Dealio\kb127\rules\rules.1.50.43 C:\Program Files\Dealio\kb127\rules\rules.1.500.71 C:\Program Files\Dealio\kb127\rules\rules.1.501.74 C:\Program Files\Dealio\kb127\rules\rules.1.502.71 C:\Program Files\Dealio\kb127\rules\rules.1.51.69 C:\Program Files\Dealio\kb127\rules\rules.1.52.72 C:\Program Files\Dealio\kb127\rules\rules.1.520.76 C:\Program Files\Dealio\kb127\rules\rules.1.521.76 C:\Program Files\Dealio\kb127\rules\rules.1.522.76 C:\Program Files\Dealio\kb127\rules\rules.1.53.51 C:\Program Files\Dealio\kb127\rules\rules.1.531.76 C:\Program Files\Dealio\kb127\rules\rules.1.532.75 C:\Program Files\Dealio\kb127\rules\rules.1.534.75 C:\Program Files\Dealio\kb127\rules\rules.1.54.47 C:\Program Files\Dealio\kb127\rules\rules.1.55.45 C:\Program Files\Dealio\kb127\rules\rules.1.56.69 C:\Program Files\Dealio\kb127\rules\rules.1.57.43 C:\Program Files\Dealio\kb127\rules\rules.1.58.47 C:\Program Files\Dealio\kb127\rules\rules.1.593.76 C:\Program Files\Dealio\kb127\rules\rules.1.595.76 C:\Program Files\Dealio\kb127\rules\rules.1.63.57 C:\Program Files\Dealio\kb127\rules\rules.1.66.47 C:\Program Files\Dealio\kb127\rules\rules.1.70.75 C:\Program Files\Dealio\kb127\rules\rules.1.71.43 C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Dealio C:\DOCUME~1\Jibione\APPLIC~1\Search Settings C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127 C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\res C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14251.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14252.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14253.log C:\DOCUME~1\Jibione\APPLIC~1\Search Settings\kb127\temp\ws-14254.log C:\Program Files\Search Settings C:\Program Files\Search Settings\kb127 C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Search Settings\kb127\res C:\Program Files\Search Settings\kb127\SearchSettings.dll C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll C:\Program Files\Search Settings\kb127\temp -----------\\ Extensions (Jibione) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://yahoo.fr/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections C:\Program Files\WebMediaPlayer C:\Program Files\WebMediaPlayer\resources C:\Program Files\WebMediaPlayer\skins C:\Program Files\WebMediaPlayer\sqlite3.dll C:\Program Files\WebMediaPlayer\uninst.exe C:\Program Files\WebMediaPlayer\updates C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Conditions g‚n‚rales.url C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Confidentialit‚.url C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\D‚sinstaller.lnk C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\WebMediaPlayer.lnk C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Website.url C:\DOCUME~1\Jibione\LOCALS~1\APPLIC~1\giwmqwy.dat C:\DOCUME~1\Jibione\LOCALS~1\APPLIC~1\giwmqwy.exe C:\DOCUME~1\Jibione\LOCALS~1\APPLIC~1\giwmqwy_nav.dat C:\DOCUME~1\Jibione\LOCALS~1\APPLIC~1\giwmqwy_navps.dat ==> EGDACCESS <== C:\WINDOWS\system32\ban_list.txt ==> BAGLE <== --------------------\\ ROOTKIT !! Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA] Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SROSA] Rootkit Bagle ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA] --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Jibione\Desktop\Prg\Adobe Photoshop CS 9 + Keygen.iso C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack C:\DOCUME~1\Jibione\My Documents\My Games\wolf\Crack\Return to Castle Wolfenstein Key Generator.exe C:\DOCUME~1\Jibione\My Documents\My Music\I am\De La Planete Mars [uK]\06 Crack.wma C:\DOCUME~1\Jibione\My Documents\My Music\Iam\De La Planete Mars [uK]\06 Crack.mp3 C:\DOCUME~1\Jibione\My Documents\My Music\iTunes\iTunes Music\Kanye West_The Game\Late Registration\08 Crack Music.mp3 C:\DOCUME~1\Jibione\Recent\Adobe Photoshop CS3 [Key.Serial.Crack.Keygen].txt.lnk C:\DOCUME~1\Jibione\Recent\avs-video-converter-6.2.keygen.jpg.lnk C:\DOCUME~1\Jibione\Recent\Return to The Castle of Wolfenstein + patch v1.41 + Keygen.ISO.lnk C:\DOCUME~1\Jibione\Recent\Windows.Xp.Sp2.Keygen.with.auto.key.changer.rar.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 09/01/2009|18:31 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 10/01/2009|12:33 - Option : [1] -----------\\ Fin du rapport a 12:33:15,82
×
×
  • Créer...