Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

mon fichier Iastor a disparu

didouille05

Par didouille05
dans Analyses et éradication malwares

 Partager

Messages recommandés

didouille05 Member

didouille05

Posté(e)
  • Auteur
Posté(e)

je n'ai que le rapport log.txt est ce normal?

 

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Propriétaire at 2008-11-26 13:20:37

Microsoft Windows XP Édition familiale Service Pack 2

System drive C: has 108 GB (57%) free of 191 GB

Total RAM: 511 MB (17% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:20:41, on 26/11/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe

C:\Program Files\trend micro\Propriétaire.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)

O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll

O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [uyikc] c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Propriétaire\Application Data\Dealio\kb127\res\DealioSearch.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab

O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab

O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

 

--

End of file - 10315 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]

DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe []

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]

"uyikc"=c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc []

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

 

C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"

"C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe:*:Enabled:eMule"

"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"

"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"

"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"

""=""

"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Media"

"C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe:*:Enabled:eMule"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"X:\Codemasters\Insane\Game.exe"="X:\Codemasters\Insane\Game.exe:*:Disabled:Game.exe"

"X:\Games\Supreme\Supreme.exe"="X:\Games\Supreme\Supreme.exe:*:Disabled:Supreme.exe"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{296641ea-d4e6-11dc-80b4-0060b3e764c5}]

shell\Auto\command - cmd /C launch.bat

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

 

 

======List of files/folders created in the last 1 months======

 

2008-11-25 22:34:00 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes

2008-11-25 22:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-11-25 22:33:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-11-25 10:43:32 ----A---- C:\cleannavi.txt

2008-11-24 23:11:36 ----A---- C:\fixnavi.txt

2008-11-24 22:02:23 ----D---- C:\Program Files\Navilog1

2008-11-23 17:25:13 ----D---- C:\Program Files\trend micro

2008-11-23 17:25:03 ----D---- C:\rsit

2008-11-22 22:26:46 ----D---- C:\Documents and Settings\Propriétaire\Application Data\CVitae

2008-11-21 22:54:24 ----SHD---- C:\Config.Msi

2008-11-12 17:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-11-12 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-11-08 13:41:44 ----A---- C:\memory.txt

2008-11-08 13:16:13 ----A---- C:\WINDOWS\system32\CmdLineExt.dll

2008-11-08 12:07:23 ----A---- C:\WINDOWS\system32\IYVU9_32.DLL

2008-11-08 12:07:22 ----A---- C:\WINDOWS\system32\IACENC.DLL

2008-11-06 17:47:32 ----D---- C:\Temp

2008-11-05 22:47:16 ----D---- C:\Program Files\AIDA32 - Personal System Information

2008-11-05 19:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli

2008-11-05 19:06:45 ----D---- C:\Remote Programs

2008-11-05 19:06:28 ----N---- C:\WINDOWS\ExentInfo.exe

2008-11-05 19:06:20 ----D---- C:\Program Files\Player Metaboli

2008-11-02 21:24:29 ----D---- C:\Program Files\Oberon Media

2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs\Oberon Media

 

======List of files/folders modified in the last 1 months======

 

2008-11-26 13:13:59 ----D---- C:\WINDOWS\Temp

2008-11-26 13:12:51 ----D---- C:\Program Files\Wanadoo

2008-11-26 11:18:31 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-11-26 10:45:27 ----D---- C:\Program Files\eMule

2008-11-26 09:32:08 ----D---- C:\WINDOWS\Prefetch

2008-11-26 09:24:52 ----D---- C:\WINDOWS\system32\drivers

2008-11-25 23:54:29 ----D---- C:\WINDOWS\system32\CatRoot2

2008-11-25 22:33:14 ----RD---- C:\Program Files

2008-11-25 22:04:41 ----A---- C:\WINDOWS\NeroDigital.ini

2008-11-25 10:47:10 ----D---- C:\WINDOWS\system32

2008-11-25 10:46:11 ----D---- C:\WINDOWS

2008-11-23 15:00:15 ----D---- C:\Program Files\CONEXANT

2008-11-21 22:59:31 ----SHD---- C:\WINDOWS\Installer

2008-11-21 22:56:07 ----D---- C:\Program Files\Windows Live

2008-11-21 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-11-21 22:52:22 ----RSD---- C:\WINDOWS\assembly

2008-11-19 10:51:20 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-11-19 10:22:21 ----HD---- C:\WINDOWS\inf

2008-11-19 10:22:21 ----D---- C:\WINDOWS\Help

2008-11-18 15:19:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent

2008-11-12 17:01:24 ----HD---- C:\WINDOWS\$hf_mig$

2008-11-12 17:01:22 ----A---- C:\WINDOWS\imsins.BAK

2008-11-12 17:00:32 ----D---- C:\WINDOWS\WinSxS

2008-11-07 13:53:59 ----D---- C:\WINDOWS\Microsoft.NET

2008-11-07 12:55:36 ----D---- C:\WINDOWS\system32\DirectX

2008-11-05 19:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-11-05 19:06:20 ----HD---- C:\Program Files\InstallShield Installation Information

2008-11-05 17:42:45 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Dealio

2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe

2008-11-03 16:45:37 ----D---- C:\Program Files\GamesBar

2008-11-02 22:02:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2008-11-02 21:24:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]

R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]

R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]

R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970]

R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys []

R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]

R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]

R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]

R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]

R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]

R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632]

R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]

R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664]

S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]

S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []

S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]

S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]

S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]

S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]

S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]

S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]

S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]

S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []

S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []

S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]

R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]

R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408]

R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]

R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-07 138168]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe []

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

 

-----------------EOF-----------------

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Désactive TeaTimer dans spybot dès maintenant, ça peut empêcher la désinfection. :P

A faire en passant par les options de Spybot: il faut aller dans le menu "Mode"=> coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" .

 

 

Clique sur ce lien pour télécharger HijackThis 2.0.2 :

http://www.trendsecure.com/portal/en-US/_d.../HiJackThis.exe

Cette version est sans installateur ou Zip à décompresser, choisis de l'enregistrer sur le bureau.

 

Double-clique sur l'icône HijackThis :

img-202120na4kx.gif

 

Clique sur "Do a system scan only" puis coche ceci et clique sur le bouton "Fix checked", en bas à gauche :

O4 - HKCU\..\Run: [uyikc] c:\documents and settings\propriétaire\local settings\application data\uyikc.exe uyikc

 

-+------------

 

 

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Double-clique maintenant sur le fichier téléchargé.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

didouille05 Member

didouille05

Posté(e)
  • Auteur
Posté(e)

je viens de faire toutes les manipulations, voila le résultat :

 

 

 

-----------\\ ToolBar S&D 1.2.5 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )

BIOS : BIOS Date: 07/11/05 10:45:41 Ver: 08.00.10

USER : Propriétaire ( Administrator )

BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1229 [VPS 081126-0] 4.8.1229 (Activated)

C:\ (Local Disk) - NTFS - Total:186 Go (Free:105 Go)

D:\ (CD or DVD)

E:\ (USB)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (Local Disk) - NTFS - Total:465 Go (Free:329 Go)

 

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )

Option : [1] ( 26/11/2008|20:24 )

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\chevron-small.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\DealioSearch.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\deal_report.jpg

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\ebay_login.jpg

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_mainwindow.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\err_toolbar.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\global_scripts.js

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\highlight-bg.png

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\logo_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.css

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbar.js

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\man_toolbarl.js

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scripts.js

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\scroller.js

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\separator.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\settings_over.gif

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\res\yahoo-search.png

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\index.76.35

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.10.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.109.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.110.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.12.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.13.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.130.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.135.50

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.153.44

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.155.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.156.49

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.16.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.161.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.178.66

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.184.55

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.188.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.189.45

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.196.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.198.56

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.199.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.200.53

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.201.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.202.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.203.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.205.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.213.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.214.49

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.215.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.216.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.217.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.218.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.219.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.220.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.221.57

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.222.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.223.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.226.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.227.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.228.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.229.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.23.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.239.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.24.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.240.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.241.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.242.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.243.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.244.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.245.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.247.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.248.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.249.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.250.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.251.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.252.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.253.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.254.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.255.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.256.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.257.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.279.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.28.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.282.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.283.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.284.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.289.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.290.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.291.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.296.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.297.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.304.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.307.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.308.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.31.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.310.46

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.311.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.315.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.316.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.317.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.318.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.319.49

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.32.48

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.334.44

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.335.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.336.44

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.337.44

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.338.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.339.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.34.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.340.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.341.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.349.50

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.35.48

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.350.50

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.351.51

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.352.54

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.353.51

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.354.51

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.357.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.358.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.359.52

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.360.53

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.361.54

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.362.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.363.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.364.54

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.365.53

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.367.56

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.368.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.369.55

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.370.56

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.371.56

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.372.57

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.373.55

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.375.56

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.376.57

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.377.55

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.378.65

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.384.58

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.386.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.387.59

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.388.59

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.389.59

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.390.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.391.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.392.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.393.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.394.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.396.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.397.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.398.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.399.60

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.403.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.404.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.405.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.406.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.407.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.408.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.409.61

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.412.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.413.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.414.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.415.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.416.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.417.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.418.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.419.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.420.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.421.62

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.423.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.424.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.425.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.426.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.427.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.428.65

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.429.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.430.63

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.432.65

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.433.64

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.434.65

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.435.64

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.436.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.437.64

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.438.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.439.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.440.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.442.73

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.443.73

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.444.73

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.445.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.446.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.450.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.451.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.452.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.453.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.454.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.456.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.457.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.458.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.459.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.460.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.462.74

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.463.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.464.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.465.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.468.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.469.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.470.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.471.73

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.472.70

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.478.74

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.479.73

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.480.68

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.481.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.482.74

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.49.67

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.50.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.500.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.501.74

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.502.71

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.51.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.52.72

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.520.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.521.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.522.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.53.51

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.531.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.532.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.534.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.54.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.55.45

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.56.69

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.57.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.58.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.593.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.595.76

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.63.57

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.66.47

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.70.75

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\rules\rules.1.71.43

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dealio-14207.log

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\dod_cache.xml

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1408_2132_25.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1632_4032_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1668_2720_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1704_2944_1.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1704_2944_2.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_1744_3812_97.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2128_2984_23.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2324_3316_50.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2460_1060_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2640_3692_12.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3124_96.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3516_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3868_111.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2712_3992_102.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_280_2004_13.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_280_3864_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2884_3480_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2896_232_35.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2900_1696_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2900_1936_8.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2944_1676_18.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2944_2072_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2968_1444_1.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2968_1444_2.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2980_3476_82.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3068_3592_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3104_1740_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3104_2104_15.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_3188_26.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_3912_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3252_988_18.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_1620_28.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_1956_22.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3336_2936_12.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3360_3952_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_1604_15.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_2276_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_3604_12.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3380_564_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_2692_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_5132_13.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3720_5132_14.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_2376_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_304_21.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3924_4024_30.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_3928_2708_70.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_4008_1540_6.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_1016_15.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_1996_9.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_2352_3.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_5356_2968_21.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_1764_64.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_3660_53.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_720_4012_67.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_2208_25.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_2436_12.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_292_24.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3056_69.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3628_27.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3648_26.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3672_36.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3864_81.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_3920_35.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_4028_23.html

C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_760_4052_34.html

C:\Program Files\Dealio

C:\Program Files\Dealio\DealioAU.exe

C:\Program Files\Dealio\kb127

C:\Program Files\Dealio\SearchSettingsKit.exe

C:\Program Files\Dealio\kb127\Dealio Deskbar.exe

C:\Program Files\Dealio\kb127\Dealio.dll

C:\Program Files\Dealio\kb127\DealioRes409.dll

C:\Program Files\Dealio\kb127\res

C:\Program Files\Dealio\kb127\resDN

C:\Program Files\Dealio\kb127\rules

C:\Program Files\Dealio\kb127\temp

C:\Program Files\Dealio\kb127\res\alerts.gif

C:\Program Files\Dealio\kb127\res\alerts_over.gif

C:\Program Files\Dealio\kb127\res\alerts_rec.gif

C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif

C:\Program Files\Dealio\kb127\res\chevron-small.gif

C:\Program Files\Dealio\kb127\res\DealioSearch.html

C:\Program Files\Dealio\kb127\res\deals-leftcap.gif

C:\Program Files\Dealio\kb127\res\deal_report.jpg

C:\Program Files\Dealio\kb127\res\ebay_login.jpg

C:\Program Files\Dealio\kb127\res\err_mainwindow.html

C:\Program Files\Dealio\kb127\res\err_toolbar.html

C:\Program Files\Dealio\kb127\res\global_scripts.js

C:\Program Files\Dealio\kb127\res\headerbgthin.jpg

C:\Program Files\Dealio\kb127\res\highlight-bg.png

C:\Program Files\Dealio\kb127\res\logo.gif

C:\Program Files\Dealio\kb127\res\logo_over.gif

C:\Program Files\Dealio\kb127\res\man_toolbar.css

C:\Program Files\Dealio\kb127\res\man_toolbar.html

C:\Program Files\Dealio\kb127\res\man_toolbar.js

C:\Program Files\Dealio\kb127\res\man_toolbarl.js

C:\Program Files\Dealio\kb127\res\post-this-deal.gif

C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif

C:\Program Files\Dealio\kb127\res\scripts.js

C:\Program Files\Dealio\kb127\res\scroller.js

C:\Program Files\Dealio\kb127\res\search-chevron.gif

C:\Program Files\Dealio\kb127\res\search-chevron_over.gif

C:\Program Files\Dealio\kb127\res\search_bg_blink.gif

C:\Program Files\Dealio\kb127\res\separator.gif

C:\Program Files\Dealio\kb127\res\settings.gif

C:\Program Files\Dealio\kb127\res\settings_over.gif

C:\Program Files\Dealio\kb127\res\yahoo-search.png

C:\Program Files\Dealio\kb127\resDN\bottom.gif

C:\Program Files\Dealio\kb127\resDN\chevron_down.gif

C:\Program Files\Dealio\kb127\resDN\chevron_up.gif

C:\Program Files\Dealio\kb127\resDN\close.gif

C:\Program Files\Dealio\kb127\resDN\deskbar.css

C:\Program Files\Dealio\kb127\resDN\deskbar.js

C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js

C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg

C:\Program Files\Dealio\kb127\resDN\logo.gif

C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif

C:\Program Files\Dealio\kb127\resDN\losing.gif

C:\Program Files\Dealio\kb127\resDN\lost.gif

C:\Program Files\Dealio\kb127\resDN\man_deskbar.html

C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif

C:\Program Files\Dealio\kb127\resDN\menu_check.gif

C:\Program Files\Dealio\kb127\resDN\no_image.gif

C:\Program Files\Dealio\kb127\resDN\prod_img.gif

C:\Program Files\Dealio\kb127\resDN\search_chevron.gif

C:\Program Files\Dealio\kb127\resDN\spacer.gif

C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif

C:\Program Files\Dealio\kb127\resDN\top.gif

C:\Program Files\Dealio\kb127\resDN\unknown.gif

C:\Program Files\Dealio\kb127\resDN\winning.gif

C:\Program Files\Dealio\kb127\resDN\won.gif

C:\Program Files\Dealio\kb127\rules\index.76.35

C:\Program Files\Dealio\kb127\rules\rules.1.10.76

C:\Program Files\Dealio\kb127\rules\rules.1.109.43

C:\Program Files\Dealio\kb127\rules\rules.1.110.43

C:\Program Files\Dealio\kb127\rules\rules.1.12.52

C:\Program Files\Dealio\kb127\rules\rules.1.13.58

C:\Program Files\Dealio\kb127\rules\rules.1.130.58

C:\Program Files\Dealio\kb127\rules\rules.1.135.50

C:\Program Files\Dealio\kb127\rules\rules.1.153.44

C:\Program Files\Dealio\kb127\rules\rules.1.155.43

C:\Program Files\Dealio\kb127\rules\rules.1.156.49

C:\Program Files\Dealio\kb127\rules\rules.1.16.60

C:\Program Files\Dealio\kb127\rules\rules.1.161.52

C:\Program Files\Dealio\kb127\rules\rules.1.178.66

C:\Program Files\Dealio\kb127\rules\rules.1.184.55

C:\Program Files\Dealio\kb127\rules\rules.1.188.52

C:\Program Files\Dealio\kb127\rules\rules.1.189.45

C:\Program Files\Dealio\kb127\rules\rules.1.196.43

C:\Program Files\Dealio\kb127\rules\rules.1.198.56

C:\Program Files\Dealio\kb127\rules\rules.1.199.43

C:\Program Files\Dealio\kb127\rules\rules.1.200.53

C:\Program Files\Dealio\kb127\rules\rules.1.201.43

C:\Program Files\Dealio\kb127\rules\rules.1.202.43

C:\Program Files\Dealio\kb127\rules\rules.1.203.71

C:\Program Files\Dealio\kb127\rules\rules.1.205.62

C:\Program Files\Dealio\kb127\rules\rules.1.213.71

C:\Program Files\Dealio\kb127\rules\rules.1.214.49

C:\Program Files\Dealio\kb127\rules\rules.1.215.43

C:\Program Files\Dealio\kb127\rules\rules.1.216.67

C:\Program Files\Dealio\kb127\rules\rules.1.217.67

C:\Program Files\Dealio\kb127\rules\rules.1.218.52

C:\Program Files\Dealio\kb127\rules\rules.1.219.43

C:\Program Files\Dealio\kb127\rules\rules.1.220.43

C:\Program Files\Dealio\kb127\rules\rules.1.221.57

C:\Program Files\Dealio\kb127\rules\rules.1.222.43

C:\Program Files\Dealio\kb127\rules\rules.1.223.68

C:\Program Files\Dealio\kb127\rules\rules.1.226.68

C:\Program Files\Dealio\kb127\rules\rules.1.227.43

C:\Program Files\Dealio\kb127\rules\rules.1.228.62

C:\Program Files\Dealio\kb127\rules\rules.1.229.76

C:\Program Files\Dealio\kb127\rules\rules.1.23.63

C:\Program Files\Dealio\kb127\rules\rules.1.239.43

C:\Program Files\Dealio\kb127\rules\rules.1.24.43

C:\Program Files\Dealio\kb127\rules\rules.1.240.43

C:\Program Files\Dealio\kb127\rules\rules.1.241.43

C:\Program Files\Dealio\kb127\rules\rules.1.242.43

C:\Program Files\Dealio\kb127\rules\rules.1.243.43

C:\Program Files\Dealio\kb127\rules\rules.1.244.63

C:\Program Files\Dealio\kb127\rules\rules.1.245.43

C:\Program Files\Dealio\kb127\rules\rules.1.247.43

C:\Program Files\Dealio\kb127\rules\rules.1.248.43

C:\Program Files\Dealio\kb127\rules\rules.1.249.43

C:\Program Files\Dealio\kb127\rules\rules.1.250.43

C:\Program Files\Dealio\kb127\rules\rules.1.251.43

C:\Program Files\Dealio\kb127\rules\rules.1.252.43

C:\Program Files\Dealio\kb127\rules\rules.1.253.43

C:\Program Files\Dealio\kb127\rules\rules.1.254.43

C:\Program Files\Dealio\kb127\rules\rules.1.255.43

C:\Program Files\Dealio\kb127\rules\rules.1.256.43

C:\Program Files\Dealio\kb127\rules\rules.1.257.43

C:\Program Files\Dealio\kb127\rules\rules.1.279.43

C:\Program Files\Dealio\kb127\rules\rules.1.28.58

C:\Program Files\Dealio\kb127\rules\rules.1.282.75

C:\Program Files\Dealio\kb127\rules\rules.1.283.43

C:\Program Files\Dealio\kb127\rules\rules.1.284.43

C:\Program Files\Dealio\kb127\rules\rules.1.289.67

C:\Program Files\Dealio\kb127\rules\rules.1.290.62

C:\Program Files\Dealio\kb127\rules\rules.1.291.61

C:\Program Files\Dealio\kb127\rules\rules.1.296.43

C:\Program Files\Dealio\kb127\rules\rules.1.297.43

C:\Program Files\Dealio\kb127\rules\rules.1.304.43

C:\Program Files\Dealio\kb127\rules\rules.1.307.43

C:\Program Files\Dealio\kb127\rules\rules.1.308.75

C:\Program Files\Dealio\kb127\rules\rules.1.31.47

C:\Program Files\Dealio\kb127\rules\rules.1.310.46

C:\Program Files\Dealio\kb127\rules\rules.1.311.43

C:\Program Files\Dealio\kb127\rules\rules.1.315.43

C:\Program Files\Dealio\kb127\rules\rules.1.316.43

C:\Program Files\Dealio\kb127\rules\rules.1.317.43

C:\Program Files\Dealio\kb127\rules\rules.1.318.43

C:\Program Files\Dealio\kb127\rules\rules.1.319.49

C:\Program Files\Dealio\kb127\rules\rules.1.32.48

C:\Program Files\Dealio\kb127\rules\rules.1.334.44

C:\Program Files\Dealio\kb127\rules\rules.1.335.60

C:\Program Files\Dealio\kb127\rules\rules.1.336.44

C:\Program Files\Dealio\kb127\rules\rules.1.337.44

C:\Program Files\Dealio\kb127\rules\rules.1.338.75

C:\Program Files\Dealio\kb127\rules\rules.1.339.47

C:\Program Files\Dealio\kb127\rules\rules.1.34.43

C:\Program Files\Dealio\kb127\rules\rules.1.340.47

C:\Program Files\Dealio\kb127\rules\rules.1.341.47

C:\Program Files\Dealio\kb127\rules\rules.1.349.50

C:\Program Files\Dealio\kb127\rules\rules.1.35.48

C:\Program Files\Dealio\kb127\rules\rules.1.350.50

C:\Program Files\Dealio\kb127\rules\rules.1.351.51

C:\Program Files\Dealio\kb127\rules\rules.1.352.54

C:\Program Files\Dealio\kb127\rules\rules.1.353.51

C:\Program Files\Dealio\kb127\rules\rules.1.354.51

C:\Program Files\Dealio\kb127\rules\rules.1.357.62

C:\Program Files\Dealio\kb127\rules\rules.1.358.52

C:\Program Files\Dealio\kb127\rules\rules.1.359.52

C:\Program Files\Dealio\kb127\rules\rules.1.360.53

C:\Program Files\Dealio\kb127\rules\rules.1.361.54

C:\Program Files\Dealio\kb127\rules\rules.1.362.68

C:\Program Files\Dealio\kb127\rules\rules.1.363.58

C:\Program Files\Dealio\kb127\rules\rules.1.364.54

C:\Program Files\Dealio\kb127\rules\rules.1.365.53

C:\Program Files\Dealio\kb127\rules\rules.1.367.56

C:\Program Files\Dealio\kb127\rules\rules.1.368.58

C:\Program Files\Dealio\kb127\rules\rules.1.369.55

C:\Program Files\Dealio\kb127\rules\rules.1.370.56

C:\Program Files\Dealio\kb127\rules\rules.1.371.56

C:\Program Files\Dealio\kb127\rules\rules.1.372.57

C:\Program Files\Dealio\kb127\rules\rules.1.373.55

C:\Program Files\Dealio\kb127\rules\rules.1.375.56

C:\Program Files\Dealio\kb127\rules\rules.1.376.57

C:\Program Files\Dealio\kb127\rules\rules.1.377.55

C:\Program Files\Dealio\kb127\rules\rules.1.378.65

C:\Program Files\Dealio\kb127\rules\rules.1.384.58

C:\Program Files\Dealio\kb127\rules\rules.1.386.71

C:\Program Files\Dealio\kb127\rules\rules.1.387.59

C:\Program Files\Dealio\kb127\rules\rules.1.388.59

C:\Program Files\Dealio\kb127\rules\rules.1.389.59

C:\Program Files\Dealio\kb127\rules\rules.1.390.60

C:\Program Files\Dealio\kb127\rules\rules.1.391.60

C:\Program Files\Dealio\kb127\rules\rules.1.392.60

C:\Program Files\Dealio\kb127\rules\rules.1.393.60

C:\Program Files\Dealio\kb127\rules\rules.1.394.60

C:\Program Files\Dealio\kb127\rules\rules.1.396.61

C:\Program Files\Dealio\kb127\rules\rules.1.397.61

C:\Program Files\Dealio\kb127\rules\rules.1.398.60

C:\Program Files\Dealio\kb127\rules\rules.1.399.60

C:\Program Files\Dealio\kb127\rules\rules.1.403.61

C:\Program Files\Dealio\kb127\rules\rules.1.404.63

C:\Program Files\Dealio\kb127\rules\rules.1.405.61

C:\Program Files\Dealio\kb127\rules\rules.1.406.61

C:\Program Files\Dealio\kb127\rules\rules.1.407.76

C:\Program Files\Dealio\kb127\rules\rules.1.408.63

C:\Program Files\Dealio\kb127\rules\rules.1.409.61

C:\Program Files\Dealio\kb127\rules\rules.1.412.62

C:\Program Files\Dealio\kb127\rules\rules.1.413.62

C:\Program Files\Dealio\kb127\rules\rules.1.414.62

C:\Program Files\Dealio\kb127\rules\rules.1.415.62

C:\Program Files\Dealio\kb127\rules\rules.1.416.62

C:\Program Files\Dealio\kb127\rules\rules.1.417.62

C:\Program Files\Dealio\kb127\rules\rules.1.418.62

C:\Program Files\Dealio\kb127\rules\rules.1.419.62

C:\Program Files\Dealio\kb127\rules\rules.1.420.62

C:\Program Files\Dealio\kb127\rules\rules.1.421.62

C:\Program Files\Dealio\kb127\rules\rules.1.423.63

C:\Program Files\Dealio\kb127\rules\rules.1.424.63

C:\Program Files\Dealio\kb127\rules\rules.1.425.63

C:\Program Files\Dealio\kb127\rules\rules.1.426.63

C:\Program Files\Dealio\kb127\rules\rules.1.427.63

C:\Program Files\Dealio\kb127\rules\rules.1.428.65

C:\Program Files\Dealio\kb127\rules\rules.1.429.63

C:\Program Files\Dealio\kb127\rules\rules.1.430.63

C:\Program Files\Dealio\kb127\rules\rules.1.432.65

C:\Program Files\Dealio\kb127\rules\rules.1.433.64

C:\Program Files\Dealio\kb127\rules\rules.1.434.65

C:\Program Files\Dealio\kb127\rules\rules.1.435.64

C:\Program Files\Dealio\kb127\rules\rules.1.436.76

C:\Program Files\Dealio\kb127\rules\rules.1.437.64

C:\Program Files\Dealio\kb127\rules\rules.1.438.71

C:\Program Files\Dealio\kb127\rules\rules.1.439.71

C:\Program Files\Dealio\kb127\rules\rules.1.440.75

C:\Program Files\Dealio\kb127\rules\rules.1.442.73

C:\Program Files\Dealio\kb127\rules\rules.1.443.73

C:\Program Files\Dealio\kb127\rules\rules.1.444.73

C:\Program Files\Dealio\kb127\rules\rules.1.445.68

C:\Program Files\Dealio\kb127\rules\rules.1.446.69

C:\Program Files\Dealio\kb127\rules\rules.1.450.67

C:\Program Files\Dealio\kb127\rules\rules.1.451.67

C:\Program Files\Dealio\kb127\rules\rules.1.452.68

C:\Program Files\Dealio\kb127\rules\rules.1.453.68

C:\Program Files\Dealio\kb127\rules\rules.1.454.69

C:\Program Files\Dealio\kb127\rules\rules.1.456.69

C:\Program Files\Dealio\kb127\rules\rules.1.457.75

C:\Program Files\Dealio\kb127\rules\rules.1.458.70

C:\Program Files\Dealio\kb127\rules\rules.1.459.70

C:\Program Files\Dealio\kb127\rules\rules.1.460.69

C:\Program Files\Dealio\kb127\rules\rules.1.462.74

C:\Program Files\Dealio\kb127\rules\rules.1.463.69

C:\Program Files\Dealio\kb127\rules\rules.1.464.70

C:\Program Files\Dealio\kb127\rules\rules.1.465.68

C:\Program Files\Dealio\kb127\rules\rules.1.468.70

C:\Program Files\Dealio\kb127\rules\rules.1.469.70

C:\Program Files\Dealio\kb127\rules\rules.1.470.70

C:\Program Files\Dealio\kb127\rules\rules.1.471.73

C:\Program Files\Dealio\kb127\rules\rules.1.472.70

C:\Program Files\Dealio\kb127\rules\rules.1.478.74

C:\Program Files\Dealio\kb127\rules\rules.1.479.73

C:\Program Files\Dealio\kb127\rules\rules.1.480.68

C:\Program Files\Dealio\kb127\rules\rules.1.481.71

C:\Program Files\Dealio\kb127\rules\rules.1.482.74

C:\Program Files\Dealio\kb127\rules\rules.1.49.67

C:\Program Files\Dealio\kb127\rules\rules.1.50.43

C:\Program Files\Dealio\kb127\rules\rules.1.500.71

C:\Program Files\Dealio\kb127\rules\rules.1.501.74

C:\Program Files\Dealio\kb127\rules\rules.1.502.71

C:\Program Files\Dealio\kb127\rules\rules.1.51.69

C:\Program Files\Dealio\kb127\rules\rules.1.52.72

C:\Program Files\Dealio\kb127\rules\rules.1.520.76

C:\Program Files\Dealio\kb127\rules\rules.1.521.76

C:\Program Files\Dealio\kb127\rules\rules.1.522.76

C:\Program Files\Dealio\kb127\rules\rules.1.53.51

C:\Program Files\Dealio\kb127\rules\rules.1.531.76

C:\Program Files\Dealio\kb127\rules\rules.1.532.75

C:\Program Files\Dealio\kb127\rules\rules.1.534.75

C:\Program Files\Dealio\kb127\rules\rules.1.54.47

C:\Program Files\Dealio\kb127\rules\rules.1.55.45

C:\Program Files\Dealio\kb127\rules\rules.1.56.69

C:\Program Files\Dealio\kb127\rules\rules.1.57.43

C:\Program Files\Dealio\kb127\rules\rules.1.58.47

C:\Program Files\Dealio\kb127\rules\rules.1.593.76

C:\Program Files\Dealio\kb127\rules\rules.1.595.76

C:\Program Files\Dealio\kb127\rules\rules.1.63.57

C:\Program Files\Dealio\kb127\rules\rules.1.66.47

C:\Program Files\Dealio\kb127\rules\rules.1.70.75

C:\Program Files\Dealio\kb127\rules\rules.1.71.43

C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio

C:\Program Files\GamesBar

C:\Program Files\GamesBar\oberontb.dll

C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings

C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127

C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\res

C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp

C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127\temp\ws-14207.log

C:\Program Files\Search Settings

C:\Program Files\Search Settings\kb127

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\Search Settings\kb127\res

C:\Program Files\Search Settings\kb127\SearchSettings.dll

C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll

C:\Program Files\Search Settings\kb127\temp

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://www.orange.fr/"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://home.sweetim.com"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Zuma Deluxe + Crack.zip.torrent

C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Zuma Deluxe + Crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack\Jewel Quest Solitaire crack.txt

 

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 26/11/2008|20:32 - Option : [1]

 

-----------\\ Fin du rapport a 20:32:48,98

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Des cracks, voilà un vecteur classique d'infection...

 

 

SweetIm, il faudra le désinstaller, c'est un de ces programmes douteux (conditions d'utilisation vraiment orientées collecte de données statistiques). Occupons nous des toolbars :

 

Relance Toolbar-S&D. Choisis cette fois l'option "suppression" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

 

Un rapport sera généré, poste son contenu ici + un nouveau rapoprt HijackThis stp.

didouille05 Member

didouille05

Posté(e)
  • Auteur
Posté(e)

rapport TOOLBAR S&D après suppression :

 

-----------\\ ToolBar S&D 1.2.5 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )

BIOS : BIOS Date: 07/11/05 10:45:41 Ver: 08.00.10

USER : Propriétaire ( Administrator )

BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1229 [VPS 081126-0] 4.8.1229 (Activated)

C:\ (Local Disk) - NTFS - Total:186 Go (Free:105 Go)

D:\ (CD or DVD)

E:\ (USB)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (Local Disk) - NTFS - Total:465 Go (Free:329 Go)

 

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )

Option : [2] ( 26/11/2008|21:16 )

 

-----------\\ SUPPRESSION

 

Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio\kb127

Supprime! - C:\Program Files\Dealio\DealioAU.exe

Supprime! - C:\Program Files\Dealio\kb127

Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe

Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Dealio

Supprime! - C:\Program Files\GamesBar\oberontb.dll

Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127

Supprime! - C:\Program Files\Search Settings\kb127

Supprime! - C:\Program Files\Search Settings\SearchSettings.exe

Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Dealio

Supprime! - C:\Program Files\Dealio

Supprime! - C:\Program Files\GamesBar

Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings

Supprime! - C:\Program Files\Search Settings

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\WINDOWS\\system32\\blank.htm"

"Start Page"="http://www.orange.fr/"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.msn.com/"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Zuma Deluxe + Crack.zip.torrent

C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Zuma Deluxe + Crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack.zip

C:\DOCUME~1\PROPRI~1\Mes documents\Ma musique\Jewel Quest Solitaire crack\Jewel Quest Solitaire crack.txt

 

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 26/11/2008|20:32 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 26/11/2008|21:20 - Option : [2]

 

-----------\\ Fin du rapport a 21:20:10,26

didouille05 Member

didouille05

Posté(e)
  • Auteur
Posté(e)

Logfile of random's system information tool 1.04 (written by random/random)

Run by Propriétaire at 2008-11-26 21:24:04

Microsoft Windows XP Édition familiale Service Pack 2

System drive C: has 108 GB (57%) free of 191 GB

Total RAM: 511 MB (44% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:24:13, on 26/11/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe

C:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB50} (Sony SNC-CS3 Image Viewer) - http://82.127.17.206/home/SonySncCs3View.cab

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab

O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} - http://copainsdavant.linternaute.com/html_...geUploader5.cab

O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

 

--

End of file - 9099 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

"WOOKIT"=C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe []

"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

 

C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"

"C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Lydie\installer\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\9N3OBXOV\eMulev0.48a.-MorphXTv10.1-bin[1]\emule\eMule.exe:*:Enabled:eMule"

"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"

"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"

"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"

""=""

"C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Media"

"C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Jerome CAILLAULT\emulev0.45b-MorphXTv6.7-bin\emule\emule.exe:*:Enabled:eMule"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"X:\Codemasters\Insane\Game.exe"="X:\Codemasters\Insane\Game.exe:*:Disabled:Game.exe"

"X:\Games\Supreme\Supreme.exe"="X:\Games\Supreme\Supreme.exe:*:Disabled:Supreme.exe"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{296641ea-d4e6-11dc-80b4-0060b3e764c5}]

shell\Auto\command - cmd /C launch.bat

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

 

 

======List of files/folders created in the last 1 months======

 

2008-11-26 20:24:09 ----A---- C:\TB.txt

2008-11-26 20:23:04 ----D---- C:\ToolBar SD

2008-11-25 22:34:00 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes

2008-11-25 22:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-11-25 22:33:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-11-25 10:43:32 ----A---- C:\cleannavi.txt

2008-11-24 23:11:36 ----A---- C:\fixnavi.txt

2008-11-24 22:02:23 ----D---- C:\Program Files\Navilog1

2008-11-23 17:25:13 ----D---- C:\Program Files\trend micro

2008-11-23 17:25:03 ----D---- C:\rsit

2008-11-22 22:26:46 ----D---- C:\Documents and Settings\Propriétaire\Application Data\CVitae

2008-11-21 22:54:24 ----SHD---- C:\Config.Msi

2008-11-12 17:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-11-12 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-11-08 13:41:44 ----A---- C:\memory.txt

2008-11-08 13:16:13 ----A---- C:\WINDOWS\system32\CmdLineExt.dll

2008-11-08 12:07:23 ----A---- C:\WINDOWS\system32\IYVU9_32.DLL

2008-11-08 12:07:22 ----A---- C:\WINDOWS\system32\IACENC.DLL

2008-11-06 17:47:32 ----D---- C:\Temp

2008-11-05 22:47:16 ----D---- C:\Program Files\AIDA32 - Personal System Information

2008-11-05 19:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\Player Metaboli

2008-11-05 19:06:45 ----D---- C:\Remote Programs

2008-11-05 19:06:28 ----N---- C:\WINDOWS\ExentInfo.exe

2008-11-05 19:06:20 ----D---- C:\Program Files\Player Metaboli

2008-11-02 21:24:29 ----D---- C:\Program Files\Oberon Media

2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs\Oberon Media

 

======List of files/folders modified in the last 1 months======

 

2008-11-26 21:19:03 ----RD---- C:\Program Files

2008-11-26 21:18:16 ----D---- C:\WINDOWS\Prefetch

2008-11-26 20:25:51 ----D---- C:\WINDOWS\Temp

2008-11-26 19:04:34 ----D---- C:\Program Files\eMule

2008-11-26 13:12:51 ----D---- C:\Program Files\Wanadoo

2008-11-26 11:18:31 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-11-26 09:24:52 ----D---- C:\WINDOWS\system32\drivers

2008-11-25 23:54:29 ----D---- C:\WINDOWS\system32\CatRoot2

2008-11-25 22:04:41 ----A---- C:\WINDOWS\NeroDigital.ini

2008-11-25 10:47:10 ----D---- C:\WINDOWS\system32

2008-11-25 10:46:11 ----D---- C:\WINDOWS

2008-11-23 15:00:15 ----D---- C:\Program Files\CONEXANT

2008-11-21 22:59:31 ----SHD---- C:\WINDOWS\Installer

2008-11-21 22:56:07 ----D---- C:\Program Files\Windows Live

2008-11-21 22:55:52 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2008-11-21 22:52:22 ----RSD---- C:\WINDOWS\assembly

2008-11-19 10:51:20 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-11-19 10:22:21 ----HD---- C:\WINDOWS\inf

2008-11-19 10:22:21 ----D---- C:\WINDOWS\Help

2008-11-18 15:19:37 ----D---- C:\Documents and Settings\Propriétaire\Application Data\uTorrent

2008-11-12 17:01:24 ----HD---- C:\WINDOWS\$hf_mig$

2008-11-12 17:01:22 ----A---- C:\WINDOWS\imsins.BAK

2008-11-12 17:00:32 ----D---- C:\WINDOWS\WinSxS

2008-11-07 13:53:59 ----D---- C:\WINDOWS\Microsoft.NET

2008-11-07 12:55:36 ----D---- C:\WINDOWS\system32\DirectX

2008-11-05 19:06:36 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-11-05 19:06:20 ----HD---- C:\Program Files\InstallShield Installation Information

2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe

2008-11-02 22:02:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2008-11-02 21:24:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-11-02 21:24:29 ----D---- C:\Program Files\Fichiers communs

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]

R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]

R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]

R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-01-16 12970]

R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys []

R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]

R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]

R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]

R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]

R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]

R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]

R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632]

R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376]

R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]

R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]

R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-12-06 1963680]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]

R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664]

S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]

S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []

S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]

S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]

S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]

S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]

S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]

S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]

S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]

S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []

S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []

S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]

R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]

R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-04 240408]

R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]

R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S2 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-07 138168]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe []

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

 

-----------------EOF-----------------

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Le rapport est ok. Plus de symptômes ?

 

 

Je te conseille de changer d'antivirus. Avast est devenu une passoire et laisse passer tous les gros trucs, + les trucs récents (dommage).

Antivir est tout aussi gratuit (bientôt disponible en français) et surtout bien plus efficace.

Tu peux désinstaller avast par le panneau de configuration / ajout-suppression de programmes.

Si ça ne marche pas bien, il y a aussi (au cas où mais normalement pas besoin) cet utilitaire officiel :

http://www.avast.com/fre/avast-uninstall-utility.html

Au besoin en mode sans échec, si ça rouspète.

 

Pour Antivir voici un lien de téléchargement direct :

http://dl1.avgate.net/down/windows/antivir...n_winu_en_h.exe

Tuto : http://www.libellules.ch/tuto_antivir.php

didouille05 Member

didouille05

Posté(e)
  • Auteur
Posté(e)

merci pour le nétoyage :P mais mon problème n'est pas résolu :'(

 

j'ai le fichier Iastor qui a disparu, du coup pour démarer mon pc normalement il faut que quand je l'allume je reste devant pour pouvoir mettre le choix me connecter sur windows sinon il fait une recherche et trouve que le fichier iastor a disparu et me met un écran tout bleu

 

ma protection windows me dit que antivir est périmé (je viens juste de l'intaller et j'ai redémaré mon ordi)

 

et j'ai ausssi un message d'erreur qui s'affiche quand j'arrive sur mon bureau quand j'allume mon ordi

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...