Sujet Précédent Sujet Suivant

Pc lent, infecté, besoin d'aide

skyalex Messages postés 95 Statut Membre -  
skyalex Messages postés 95 Statut Membre -
Bonjour,

J'ai remarquer la présence de virus, mais je ne suis pas sur, pour commencer un log HJT :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:11, on 10/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://get.adobe.com/flashplayer/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Alex.HUGO1/My Documents/Streamy/workspace/.metadata/.plugins/com.migniot.streamy.Browser/proxy.pac
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - Disabled:{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - Disabled:{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: (no name) - {0088D930-A89A-4EBE-B19F-C4B1183C4892} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D8FC249-BBAB-429F-ADCD-50501603B798} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: (no name) - {5B75533D-9FF2-488E-AAAC-C3B956FD9A61} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8C5FA754-D56F-4381-ABFA-9567D3D0A4F7} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Personal 4.0 - {039036AA-7710-11D7-ACDA-00B0D094B576} - E:\systran4\IEPlugin.dll (file missing)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\navman 550\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\system32\fservice.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Alex.HUGO1\Application Data\Dealio\kb126\res\DealioSearch.html
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - e:\navman 550\inetrepl.dll (file missing)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - e:\navman 550\inetrepl.dll (file missing)
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - e:\navman 550\inetrepl.dll (file missing)
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: hzumru.dll
O20 - Winlogon Notify: khfFYOGA - khfFYOGA.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
A voir également:

37 réponses

  • 1
  • 2
Réponse 1 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Salut, tu es en effet infecté.

On va commencer par ceci :

-+-+-+-> Toolbar S&D <-+-+-+-

[x]Télécharge Toolbar S&D Ici : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

[x] Suis le tutoriel disponible à cette adresse : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/

[x] Lance l'option 1 ( Recherche )

[x] Puis copie/colle le rapport dans ton prochain message ( Il se trouve sous C:\TB.txt )
0
Réponse 2 / 37
skyalex Messages postés 95 Statut Membre
 
Merci,
voilà le rapport :

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Alex ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:1 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( sam. 10/10/2009|10:49 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\temp
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\chevron-small.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\DealioSearch.html
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\deals-leftcap.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\deal_report.jpg
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\ebay_login.jpg
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\err_mainwindow.html
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\err_toolbar.html
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\global_scripts.js
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\headerbgthin.jpg
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\highlight-bg.png
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\logo.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\logo_over.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\man_toolbar.html
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\man_toolbar.js
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\post-this-deal.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\post-this-deal_over.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\scripts.js
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\scroller.js
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\search-chevron.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\search-chevron_over.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\search_bg_blink.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\separator.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\settings.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\settings_over.gif
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\res\yahoo-search.png
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\index.76.35
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.10.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.109.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.110.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.12.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.13.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.130.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.135.50
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.153.44
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.155.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.156.49
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.16.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.161.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.178.66
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.184.55
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.188.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.189.45
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.196.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.198.56
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.199.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.200.53
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.201.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.202.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.203.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.205.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.213.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.214.49
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.215.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.216.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.217.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.218.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.219.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.220.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.221.57
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.222.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.223.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.226.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.227.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.228.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.229.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.23.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.239.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.24.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.240.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.241.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.242.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.243.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.244.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.245.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.247.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.248.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.249.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.250.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.251.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.252.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.253.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.254.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.255.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.256.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.257.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.279.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.28.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.282.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.283.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.284.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.289.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.290.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.291.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.296.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.297.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.304.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.307.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.308.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.31.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.310.46
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.311.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.315.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.316.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.317.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.318.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.319.49
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.32.48
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.334.44
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.335.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.336.44
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.337.44
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.338.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.339.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.34.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.340.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.341.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.349.50
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.35.48
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.350.50
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.351.51
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.352.54
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.353.51
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.354.51
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.357.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.358.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.359.52
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.360.53
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.361.54
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.362.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.363.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.364.54
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.365.53
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.367.56
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.368.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.369.55
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.370.56
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.371.56
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.372.57
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.373.55
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.375.56
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.376.57
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.377.55
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.378.65
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.384.58
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.386.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.387.59
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.388.59
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.389.59
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.390.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.391.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.392.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.393.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.394.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.396.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.397.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.398.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.399.60
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.403.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.404.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.405.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.406.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.407.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.408.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.409.61
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.412.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.413.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.414.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.415.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.416.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.417.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.418.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.419.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.420.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.421.62
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.423.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.424.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.425.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.426.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.427.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.428.65
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.429.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.430.63
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.432.65
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.433.64
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.434.65
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.435.64
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.436.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.437.64
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.438.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.439.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.440.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.442.73
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.443.73
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.444.73
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.445.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.446.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.450.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.451.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.452.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.453.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.454.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.456.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.457.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.458.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.459.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.460.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.462.74
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.463.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.464.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.465.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.468.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.469.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.470.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.471.73
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.472.70
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.478.74
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.479.73
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.480.68
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.481.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.482.74
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.49.67
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.50.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.500.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.501.74
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.502.71
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.51.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.52.72
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.520.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.521.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.522.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.53.51
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.531.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.532.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.534.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.54.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.55.45
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.56.69
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.57.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.58.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.593.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.595.76
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.63.57
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.66.47
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.70.75
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\rules\rules.1.71.43
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\temp\dealio-14521.log
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126\temp\dod_cache.xml
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb126
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb126\Dealio Deskbar.exe
C:\Program Files\Dealio\kb126\Dealio Deskbar.exe-up.txt
C:\Program Files\Dealio\kb126\Dealio.dll
C:\Program Files\Dealio\kb126\res
C:\Program Files\Dealio\kb126\resFF
C:\Program Files\Dealio\kb126\rules
C:\Program Files\Dealio\kb126\rulesFF
C:\Program Files\Dealio\kb126\temp
C:\Program Files\Dealio\kb126\res\chevron-small.gif
C:\Program Files\Dealio\kb126\res\DealioSearch.html
C:\Program Files\Dealio\kb126\res\deals-leftcap.gif
C:\Program Files\Dealio\kb126\res\deal_report.jpg
C:\Program Files\Dealio\kb126\res\ebay_login.jpg
C:\Program Files\Dealio\kb126\res\err_mainwindow.html
C:\Program Files\Dealio\kb126\res\err_toolbar.html
C:\Program Files\Dealio\kb126\res\global_scripts.js
C:\Program Files\Dealio\kb126\res\headerbgthin.jpg
C:\Program Files\Dealio\kb126\res\highlight-bg.png
C:\Program Files\Dealio\kb126\res\logo.gif
C:\Program Files\Dealio\kb126\res\logo_over.gif
C:\Program Files\Dealio\kb126\res\man_toolbar.html
C:\Program Files\Dealio\kb126\res\man_toolbar.js
C:\Program Files\Dealio\kb126\res\post-this-deal.gif
C:\Program Files\Dealio\kb126\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb126\res\scripts.js
C:\Program Files\Dealio\kb126\res\scroller.js
C:\Program Files\Dealio\kb126\res\search-chevron.gif
C:\Program Files\Dealio\kb126\res\search-chevron_over.gif
C:\Program Files\Dealio\kb126\res\search_bg_blink.gif
C:\Program Files\Dealio\kb126\res\separator.gif
C:\Program Files\Dealio\kb126\res\settings.gif
C:\Program Files\Dealio\kb126\res\settings_over.gif
C:\Program Files\Dealio\kb126\res\yahoo-search.png
C:\Program Files\Dealio\kb126\resFF\deal_report.jpg
C:\Program Files\Dealio\kb126\resFF\ebay_login.jpg
C:\Program Files\Dealio\kb126\rules\index.76.35
C:\Program Files\Dealio\kb126\rules\rules.1.10.76
C:\Program Files\Dealio\kb126\rules\rules.1.109.43
C:\Program Files\Dealio\kb126\rules\rules.1.110.43
C:\Program Files\Dealio\kb126\rules\rules.1.12.52
C:\Program Files\Dealio\kb126\rules\rules.1.13.58
C:\Program Files\Dealio\kb126\rules\rules.1.130.58
C:\Program Files\Dealio\kb126\rules\rules.1.135.50
C:\Program Files\Dealio\kb126\rules\rules.1.153.44
C:\Program Files\Dealio\kb126\rules\rules.1.155.43
C:\Program Files\Dealio\kb126\rules\rules.1.156.49
C:\Program Files\Dealio\kb126\rules\rules.1.16.60
C:\Program Files\Dealio\kb126\rules\rules.1.161.52
C:\Program Files\Dealio\kb126\rules\rules.1.178.66
C:\Program Files\Dealio\kb126\rules\rules.1.184.55
C:\Program Files\Dealio\kb126\rules\rules.1.188.52
C:\Program Files\Dealio\kb126\rules\rules.1.189.45
C:\Program Files\Dealio\kb126\rules\rules.1.196.43
C:\Program Files\Dealio\kb126\rules\rules.1.198.56
C:\Program Files\Dealio\kb126\rules\rules.1.199.43
C:\Program Files\Dealio\kb126\rules\rules.1.200.53
C:\Program Files\Dealio\kb126\rules\rules.1.201.43
C:\Program Files\Dealio\kb126\rules\rules.1.202.43
C:\Program Files\Dealio\kb126\rules\rules.1.203.71
C:\Program Files\Dealio\kb126\rules\rules.1.205.62
C:\Program Files\Dealio\kb126\rules\rules.1.213.71
C:\Program Files\Dealio\kb126\rules\rules.1.214.49
C:\Program Files\Dealio\kb126\rules\rules.1.215.43
C:\Program Files\Dealio\kb126\rules\rules.1.216.67
C:\Program Files\Dealio\kb126\rules\rules.1.217.67
C:\Program Files\Dealio\kb126\rules\rules.1.218.52
C:\Program Files\Dealio\kb126\rules\rules.1.219.43
C:\Program Files\Dealio\kb126\rules\rules.1.220.43
C:\Program Files\Dealio\kb126\rules\rules.1.221.57
C:\Program Files\Dealio\kb126\rules\rules.1.222.43
C:\Program Files\Dealio\kb126\rules\rules.1.223.68
C:\Program Files\Dealio\kb126\rules\rules.1.226.68
C:\Program Files\Dealio\kb126\rules\rules.1.227.43
C:\Program Files\Dealio\kb126\rules\rules.1.228.62
C:\Program Files\Dealio\kb126\rules\rules.1.229.76
C:\Program Files\Dealio\kb126\rules\rules.1.23.63
C:\Program Files\Dealio\kb126\rules\rules.1.239.43
C:\Program Files\Dealio\kb126\rules\rules.1.24.43
C:\Program Files\Dealio\kb126\rules\rules.1.240.43
C:\Program Files\Dealio\kb126\rules\rules.1.241.43
C:\Program Files\Dealio\kb126\rules\rules.1.242.43
C:\Program Files\Dealio\kb126\rules\rules.1.243.43
C:\Program Files\Dealio\kb126\rules\rules.1.244.63
C:\Program Files\Dealio\kb126\rules\rules.1.245.43
C:\Program Files\Dealio\kb126\rules\rules.1.247.43
C:\Program Files\Dealio\kb126\rules\rules.1.248.43
C:\Program Files\Dealio\kb126\rules\rules.1.249.43
C:\Program Files\Dealio\kb126\rules\rules.1.250.43
C:\Program Files\Dealio\kb126\rules\rules.1.251.43
C:\Program Files\Dealio\kb126\rules\rules.1.252.43
C:\Program Files\Dealio\kb126\rules\rules.1.253.43
C:\Program Files\Dealio\kb126\rules\rules.1.254.43
C:\Program Files\Dealio\kb126\rules\rules.1.255.43
C:\Program Files\Dealio\kb126\rules\rules.1.256.43
C:\Program Files\Dealio\kb126\rules\rules.1.257.43
C:\Program Files\Dealio\kb126\rules\rules.1.279.43
C:\Program Files\Dealio\kb126\rules\rules.1.28.58
C:\Program Files\Dealio\kb126\rules\rules.1.282.75
C:\Program Files\Dealio\kb126\rules\rules.1.283.43
C:\Program Files\Dealio\kb126\rules\rules.1.284.43
C:\Program Files\Dealio\kb126\rules\rules.1.289.67
C:\Program Files\Dealio\kb126\rules\rules.1.290.62
C:\Program Files\Dealio\kb126\rules\rules.1.291.61
C:\Program Files\Dealio\kb126\rules\rules.1.296.43
C:\Program Files\Dealio\kb126\rules\rules.1.297.43
C:\Program Files\Dealio\kb126\rules\rules.1.304.43
C:\Program Files\Dealio\kb126\rules\rules.1.307.43
C:\Program Files\Dealio\kb126\rules\rules.1.308.75
C:\Program Files\Dealio\kb126\rules\rules.1.31.47
C:\Program Files\Dealio\kb126\rules\rules.1.310.46
C:\Program Files\Dealio\kb126\rules\rules.1.311.43
C:\Program Files\Dealio\kb126\rules\rules.1.315.43
C:\Program Files\Dealio\kb126\rules\rules.1.316.43
C:\Program Files\Dealio\kb126\rules\rules.1.317.43
C:\Program Files\Dealio\kb126\rules\rules.1.318.43
C:\Program Files\Dealio\kb126\rules\rules.1.319.49
C:\Program Files\Dealio\kb126\rules\rules.1.32.48
C:\Program Files\Dealio\kb126\rules\rules.1.334.44
C:\Program Files\Dealio\kb126\rules\rules.1.335.60
C:\Program Files\Dealio\kb126\rules\rules.1.336.44
C:\Program Files\Dealio\kb126\rules\rules.1.337.44
C:\Program Files\Dealio\kb126\rules\rules.1.338.75
C:\Program Files\Dealio\kb126\rules\rules.1.339.47
C:\Program Files\Dealio\kb126\rules\rules.1.34.43
C:\Program Files\Dealio\kb126\rules\rules.1.340.47
C:\Program Files\Dealio\kb126\rules\rules.1.341.47
C:\Program Files\Dealio\kb126\rules\rules.1.349.50
C:\Program Files\Dealio\kb126\rules\rules.1.35.48
C:\Program Files\Dealio\kb126\rules\rules.1.350.50
C:\Program Files\Dealio\kb126\rules\rules.1.351.51
C:\Program Files\Dealio\kb126\rules\rules.1.352.54
C:\Program Files\Dealio\kb126\rules\rules.1.353.51
C:\Program Files\Dealio\kb126\rules\rules.1.354.51
C:\Program Files\Dealio\kb126\rules\rules.1.357.62
C:\Program Files\Dealio\kb126\rules\rules.1.358.52
C:\Program Files\Dealio\kb126\rules\rules.1.359.52
C:\Program Files\Dealio\kb126\rules\rules.1.360.53
C:\Program Files\Dealio\kb126\rules\rules.1.361.54
C:\Program Files\Dealio\kb126\rules\rules.1.362.68
C:\Program Files\Dealio\kb126\rules\rules.1.363.58
C:\Program Files\Dealio\kb126\rules\rules.1.364.54
C:\Program Files\Dealio\kb126\rules\rules.1.365.53
C:\Program Files\Dealio\kb126\rules\rules.1.367.56
C:\Program Files\Dealio\kb126\rules\rules.1.368.58
C:\Program Files\Dealio\kb126\rules\rules.1.369.55
C:\Program Files\Dealio\kb126\rules\rules.1.370.56
C:\Program Files\Dealio\kb126\rules\rules.1.371.56
C:\Program Files\Dealio\kb126\rules\rules.1.372.57
C:\Program Files\Dealio\kb126\rules\rules.1.373.55
C:\Program Files\Dealio\kb126\rules\rules.1.375.56
C:\Program Files\Dealio\kb126\rules\rules.1.376.57
C:\Program Files\Dealio\kb126\rules\rules.1.377.55
C:\Program Files\Dealio\kb126\rules\rules.1.378.65
C:\Program Files\Dealio\kb126\rules\rules.1.384.58
C:\Program Files\Dealio\kb126\rules\rules.1.386.71
C:\Program Files\Dealio\kb126\rules\rules.1.387.59
C:\Program Files\Dealio\kb126\rules\rules.1.388.59
C:\Program Files\Dealio\kb126\rules\rules.1.389.59
C:\Program Files\Dealio\kb126\rules\rules.1.390.60
C:\Program Files\Dealio\kb126\rules\rules.1.391.60
C:\Program Files\Dealio\kb126\rules\rules.1.392.60
C:\Program Files\Dealio\kb126\rules\rules.1.393.60
C:\Program Files\Dealio\kb126\rules\rules.1.394.60
C:\Program Files\Dealio\kb126\rules\rules.1.396.61
C:\Program Files\Dealio\kb126\rules\rules.1.397.61
C:\Program Files\Dealio\kb126\rules\rules.1.398.60
C:\Program Files\Dealio\kb126\rules\rules.1.399.60
C:\Program Files\Dealio\kb126\rules\rules.1.403.61
C:\Program Files\Dealio\kb126\rules\rules.1.404.63
C:\Program Files\Dealio\kb126\rules\rules.1.405.61
C:\Program Files\Dealio\kb126\rules\rules.1.406.61
C:\Program Files\Dealio\kb126\rules\rules.1.407.76
C:\Program Files\Dealio\kb126\rules\rules.1.408.63
C:\Program Files\Dealio\kb126\rules\rules.1.409.61
C:\Program Files\Dealio\kb126\rules\rules.1.412.62
C:\Program Files\Dealio\kb126\rules\rules.1.413.62
C:\Program Files\Dealio\kb126\rules\rules.1.414.62
C:\Program Files\Dealio\kb126\rules\rules.1.415.62
C:\Program Files\Dealio\kb126\rules\rules.1.416.62
C:\Program Files\Dealio\kb126\rules\rules.1.417.62
C:\Program Files\Dealio\kb126\rules\rules.1.418.62
C:\Program Files\Dealio\kb126\rules\rules.1.419.62
C:\Program Files\Dealio\kb126\rules\rules.1.420.62
C:\Program Files\Dealio\kb126\rules\rules.1.421.62
C:\Program Files\Dealio\kb126\rules\rules.1.423.63
C:\Program Files\Dealio\kb126\rules\rules.1.424.63
C:\Program Files\Dealio\kb126\rules\rules.1.425.63
C:\Program Files\Dealio\kb126\rules\rules.1.426.63
C:\Program Files\Dealio\kb126\rules\rules.1.427.63
C:\Program Files\Dealio\kb126\rules\rules.1.428.65
C:\Program Files\Dealio\kb126\rules\rules.1.429.63
C:\Program Files\Dealio\kb126\rules\rules.1.430.63
C:\Program Files\Dealio\kb126\rules\rules.1.432.65
C:\Program Files\Dealio\kb126\rules\rules.1.433.64
C:\Program Files\Dealio\kb126\rules\rules.1.434.65
C:\Program Files\Dealio\kb126\rules\rules.1.435.64
C:\Program Files\Dealio\kb126\rules\rules.1.436.76
C:\Program Files\Dealio\kb126\rules\rules.1.437.64
C:\Program Files\Dealio\kb126\rules\rules.1.438.71
C:\Program Files\Dealio\kb126\rules\rules.1.439.71
C:\Program Files\Dealio\kb126\rules\rules.1.440.75
C:\Program Files\Dealio\kb126\rules\rules.1.442.73
C:\Program Files\Dealio\kb126\rules\rules.1.443.73
C:\Program Files\Dealio\kb126\rules\rules.1.444.73
C:\Program Files\Dealio\kb126\rules\rules.1.445.68
C:\Program Files\Dealio\kb126\rules\rules.1.446.69
C:\Program Files\Dealio\kb126\rules\rules.1.450.67
C:\Program Files\Dealio\kb126\rules\rules.1.451.67
C:\Program Files\Dealio\kb126\rules\rules.1.452.68
C:\Program Files\Dealio\kb126\rules\rules.1.453.68
C:\Program Files\Dealio\kb126\rules\rules.1.454.69
C:\Program Files\Dealio\kb126\rules\rules.1.456.69
C:\Program Files\Dealio\kb126\rules\rules.1.457.75
C:\Program Files\Dealio\kb126\rules\rules.1.458.70
C:\Program Files\Dealio\kb126\rules\rules.1.459.70
C:\Program Files\Dealio\kb126\rules\rules.1.460.69
C:\Program Files\Dealio\kb126\rules\rules.1.462.74
C:\Program Files\Dealio\kb126\rules\rules.1.463.69
C:\Program Files\Dealio\kb126\rules\rules.1.464.70
C:\Program Files\Dealio\kb126\rules\rules.1.465.68
C:\Program Files\Dealio\kb126\rules\rules.1.468.70
C:\Program Files\Dealio\kb126\rules\rules.1.469.70
C:\Program Files\Dealio\kb126\rules\rules.1.470.70
C:\Program Files\Dealio\kb126\rules\rules.1.471.73
C:\Program Files\Dealio\kb126\rules\rules.1.472.70
C:\Program Files\Dealio\kb126\rules\rules.1.478.74
C:\Program Files\Dealio\kb126\rules\rules.1.479.73
C:\Program Files\Dealio\kb126\rules\rules.1.480.68
C:\Program Files\Dealio\kb126\rules\rules.1.481.71
C:\Program Files\Dealio\kb126\rules\rules.1.482.74
C:\Program Files\Dealio\kb126\rules\rules.1.49.67
C:\Program Files\Dealio\kb126\rules\rules.1.50.43
C:\Program Files\Dealio\kb126\rules\rules.1.500.71
C:\Program Files\Dealio\kb126\rules\rules.1.501.74
C:\Program Files\Dealio\kb126\rules\rules.1.502.71
C:\Program Files\Dealio\kb126\rules\rules.1.51.69
C:\Program Files\Dealio\kb126\rules\rules.1.52.72
C:\Program Files\Dealio\kb126\rules\rules.1.520.76
C:\Program Files\Dealio\kb126\rules\rules.1.521.76
C:\Program Files\Dealio\kb126\rules\rules.1.522.76
C:\Program Files\Dealio\kb126\rules\rules.1.53.51
C:\Program Files\Dealio\kb126\rules\rules.1.531.76
C:\Program Files\Dealio\kb126\rules\rules.1.532.75
C:\Program Files\Dealio\kb126\rules\rules.1.534.75
C:\Program Files\Dealio\kb126\rules\rules.1.54.47
C:\Program Files\Dealio\kb126\rules\rules.1.55.45
C:\Program Files\Dealio\kb126\rules\rules.1.56.69
C:\Program Files\Dealio\kb126\rules\rules.1.57.43
C:\Program Files\Dealio\kb126\rules\rules.1.58.47
C:\Program Files\Dealio\kb126\rules\rules.1.593.76
C:\Program Files\Dealio\kb126\rules\rules.1.595.76
C:\Program Files\Dealio\kb126\rules\rules.1.63.57
C:\Program Files\Dealio\kb126\rules\rules.1.66.47
C:\Program Files\Dealio\kb126\rules\rules.1.70.75
C:\Program Files\Dealio\kb126\rules\rules.1.71.43
C:\Program Files\Dealio\kb126\rulesFF\index.3.67.22
C:\Program Files\Dealio\kb126\rulesFF\rules.3.109.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.178.66
C:\Program Files\Dealio\kb126\rulesFF\rules.3.198.56
C:\Program Files\Dealio\kb126\rulesFF\rules.3.245.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.247.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.279.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.283.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.284.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.289.67
C:\Program Files\Dealio\kb126\rulesFF\rules.3.290.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.297.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.315.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.319.49
C:\Program Files\Dealio\kb126\rulesFF\rules.3.335.60
C:\Program Files\Dealio\kb126\rulesFF\rules.3.337.44
C:\Program Files\Dealio\kb126\rulesFF\rules.3.340.47
C:\Program Files\Dealio\kb126\rulesFF\rules.3.360.53
C:\Program Files\Dealio\kb126\rulesFF\rules.3.386.59
C:\Program Files\Dealio\kb126\rulesFF\rules.3.388.59
C:\Program Files\Dealio\kb126\rulesFF\rules.3.391.60
C:\Program Files\Dealio\kb126\rulesFF\rules.3.398.60
C:\Program Files\Dealio\kb126\rulesFF\rules.3.399.60
C:\Program Files\Dealio\kb126\rulesFF\rules.3.403.61
C:\Program Files\Dealio\kb126\rulesFF\rules.3.404.63
C:\Program Files\Dealio\kb126\rulesFF\rules.3.405.61
C:\Program Files\Dealio\kb126\rulesFF\rules.3.406.61
C:\Program Files\Dealio\kb126\rulesFF\rules.3.407.61
C:\Program Files\Dealio\kb126\rulesFF\rules.3.408.63
C:\Program Files\Dealio\kb126\rulesFF\rules.3.409.61
C:\Program Files\Dealio\kb126\rulesFF\rules.3.412.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.413.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.414.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.415.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.416.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.417.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.418.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.419.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.420.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.421.62
C:\Program Files\Dealio\kb126\rulesFF\rules.3.424.63
C:\Program Files\Dealio\kb126\rulesFF\rules.3.427.63
C:\Program Files\Dealio\kb126\rulesFF\rules.3.432.65
C:\Program Files\Dealio\kb126\rulesFF\rules.3.49.67
C:\Program Files\Dealio\kb126\rulesFF\rules.3.51.46
C:\Program Files\Dealio\kb126\rulesFF\rules.3.52.57
C:\Program Files\Dealio\kb126\rulesFF\rules.3.53.51
C:\Program Files\Dealio\kb126\rulesFF\rules.3.54.47
C:\Program Files\Dealio\kb126\rulesFF\rules.3.57.43
C:\Program Files\Dealio\kb126\rulesFF\rules.3.58.47
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\LOCALE\EN-US\dealio.properties
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_winxp_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_act.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\CHROME\SKIN\dealio_win_hot.ico
C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com\COMPONENTS\DealioFF.dll
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dtt16.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dtt32.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\favicon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameSA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hide.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ImageS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ImageSA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rbcheck.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rbtxt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssA.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssA1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\s2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\show.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\WebS.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\WebSa.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi14.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.js
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\CONTENT\searchsettingsplugin.xul
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS\SearchSettingsFF.dll
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings\kb126
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings\kb126\res
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings\kb126\temp
C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings\kb126\temp\ws-14521.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb126\res
C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\kb126\temp

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(LocalService) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\WebMediaPlayer.lnk
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\ALEX~1.HUG\My Documents\Ableton\Library\Presets\Audio Effects\Vinyl Distortion\Crack.adv
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Ableton_Suite_v8.0.3__Crack_Only_.rar
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Euro_Truck_simulator_crack.rar

1 - "C:\ToolBar SD\TB_1.txt" - sam. 10/10/2009|10:51 - Option : [1]

-----------\\ Fin du rapport a 10:51:23,01
0
Réponse 3 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 

C:\DOCUME~1\ALEX~1.HUG\My Documents\Ableton\Library\Presets\Audio Effects\Vinyl Distortion\Crack.adv
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Ableton_Suite_v8.0.3__Crack_Only_.rar
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Euro_Truck_simulator_crack.rar


A supprimer, source d'infection.

-+-+-+-> Toolbar S&D - Nettoyage <-+-+-+-

[x] Relance Toolbar S&D et choisi l'option 2 ( Suppression ).

[x] Ne fait rien pendant la procédure.

[x] Copie/Colle le rapport dans ton prochain message.

-+-+-+-> Navilog <-+-+-+-

[x] Télécharge Navilog1.exe (IL-MAFIOSO) à cette adresse : http://il.mafioso.pagesperso-orange.fr/Navifix/Navilog1.exe

[x] Enregistre-le sur ton Bureau !!

[x] Lance le en double cliquant dessus.

[x] Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.

[x] A l'écran principal, choisis l'option n°1 puis laisse l'outil scanner.

[x] Patiente jusqu'à l'apparition de ce message :

"*** Analyse Termine le ..... ***"

[x] Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

Nb : Le rapport se trouve également ici : C:\cleannavi.txt

------> Si jamais tu as besoin d'aide un tuto est disponible ici : http://www.malekal.com/Adware.Magic_Control.php
0
Réponse 4 / 37
skyalex Messages postés 95 Statut Membre
 
Le log :
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Alex ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:1 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( sam. 10/10/2009|10:54 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio\kb126
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\kb126
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\Program Files\Mozilla Firefox\extensions\toolbar@dealio.com
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
Supprime! - C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\kb126
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Dealio
Supprime! - C:\Program Files\Dealio
Supprime! - C:\Program Files\DAEMON Tools Toolbar
Supprime! - C:\DOCUME~1\ALEX~1.HUG\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(LocalService) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"

--------------------\\ Recherche d'autres infections

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\WebMediaPlayer.lnk
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\WebMediaPlayer\Website.url
[b]==> EGDACCESS <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\ALEX~1.HUG\My Documents\Ableton\Library\Presets\Audio Effects\Vinyl Distortion\Crack.adv
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Ableton_Suite_v8.0.3__Crack_Only_.rar
C:\DOCUME~1\ALEX~1.HUG\My Documents\Downloads\Euro_Truck_simulator_crack.rar

1 - "C:\ToolBar SD\TB_1.txt" - sam. 10/10/2009|10:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - sam. 10/10/2009|10:58 - Option : [2]

-----------\\ Fin du rapport a 10:58:02,89
Et l'autre :
ça ma indiqué qu'il fallait le faire en mode sans échec, ...

C'est normal qu'a chaque fois que je clique pour ouvrir un dossier ou autre a partir du menu j'ai une fenetre search setting 1.1 qui s'ouvre?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Normalement plus maintenant vu que toolbar sd s'en ai chargé.

J'attend ton rapport navilog
0
Réponse 6 / 37
skyalex Messages postés 95 Statut Membre
 
Le soucis cest que j'ai aussi un message d'erreur : generic host process for win32 services, et ça redemarre mon pc toute les 2 minutes, pas moyen de faire un scan :/
0
Réponse 7 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
lorsque tu as le message, clique sur démarrer -> executer puis tapes shutdown -a puis entrée.
0
Réponse 8 / 37
skyalex Messages postés 95 Statut Membre
 
Fix Navipromo version 4.0.2 commencé le dim. 11/10/2009 20:46:11,06

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Alex ( Administrator )
BOOT : Normal boot

Antivirus : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.429 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:1 Go)
D:\ (CD or DVD)

Recherche executée en mode normal
0
Réponse 9 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Le rapport n'est pas complet..
0
Réponse 10 / 37
skyalex Messages postés 95 Statut Membre
 
Le mode sans echec ne se lance pas sur xp pro :/
0
Réponse 11 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Reposte le rapport navilog, il n'est pas complet..
0
Réponse 12 / 37
skyalex Messages postés 95 Statut Membre
 
Il est tel quel dans mon fichier cleannavi, et navilog se ferme d'un coup sans que je puisse faire quoi que ce soit ni voie quoi que ce soit
0
Réponse 13 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Ok, refais un log RSIT maintenant
0
Réponse 14 / 37
skyalex Messages postés 95 Statut Membre
 
rsit?
0
Réponse 15 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Oups je pensais t'avoir demandé ça en début de topic.

La procédure :

-+-+-+-> RSIT <-+-+-+-

[x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

[x] Double clique sur " RSIT.exe ".

[x] Clique sur " Continue ".

[x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

[x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

[x] Copie colle le contenu des deux rapports dans ton prochain message

[o] Si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
0
Réponse 16 / 37
skyalex Messages postés 95 Statut Membre
 
j'ai un message d'erreur :

line -1:

error : variable used whithout beign declared
0
Réponse 17 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Reposte un log hijack alors
0
Réponse 18 / 37
skyalex Messages postés 95 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:28:44, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://get.adobe.com/flashplayer/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Alex.HUGO1/My Documents/Streamy/workspace/.metadata/.plugins/com.migniot.streamy.Browser/proxy.pac
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {0088D930-A89A-4EBE-B19F-C4B1183C4892} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D8FC249-BBAB-429F-ADCD-50501603B798} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: (no name) - {5B75533D-9FF2-488E-AAAC-C3B956FD9A61} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8C5FA754-D56F-4381-ABFA-9567D3D0A4F7} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Personal 4.0 - {039036AA-7710-11D7-ACDA-00B0D094B576} - E:\systran4\IEPlugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\navman 550\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [Google Update] "C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: hzumru.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
0
Réponse 19 / 37
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Relance hijackthis puis coche ces lignes :


R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=
O2 - BHO: (no name) - {0088D930-A89A-4EBE-B19F-C4B1183C4892} - (no file)
O2 - BHO: (no name) - {4D8FC249-BBAB-429F-ADCD-50501603B798} - (no file)
O2 - BHO: (no name) - {5B75533D-9FF2-488E-AAAC-C3B956FD9A61} - (no file)
O2 - BHO: (no name) - {8C5FA754-D56F-4381-ABFA-9567D3D0A4F7} - (no file)
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)


Puis clique sur " Fix Checked " et reposte ensuite un nouveau log hijack
0
Réponse 20 / 37
skyalex Messages postés 95 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:32, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://get.adobe.com/flashplayer/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Alex.HUGO1/My Documents/Streamy/workspace/.metadata/.plugins/com.migniot.streamy.Browser/proxy.pac
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: (no name) - {5B75533D-9FF2-488E-AAAC-C3B956FD9A61} - (no file)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SYSTRAN Personal 4.0 - {039036AA-7710-11D7-ACDA-00B0D094B576} - E:\systran4\IEPlugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\navman 550\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [Google Update] "C:\Documents and Settings\Alex.HUGO1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?')
O4 - HKUS\S-1-5-21-515967899-926492609-839522115-1005\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: hzumru.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
0