virus virus virus !!!!!!!
Dernière réponse : dans Sécurité
Bjr au helper, g un gros probleme !!! mon ordi ram a mort !! luc est tjr a 100 % !!
merci de m'aider svp !
g essayé de telecharg hijackthis mais jpe mm plus ouvrir internet !! sa se ferme automatikment !
merci de m'aider svp !
g essayé de telecharg hijackthis mais jpe mm plus ouvrir internet !! sa se ferme automatikment !
Autres pages sur : virus virus virus
Lassé par la pub ? Créez un compte
Je ne pense pas à un virus.
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Ok, certainement une infection Bagle.
Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
AIDE : Comment supprimer Bagle ?
Télécharge ELIBAGLA en bas de cette page.
Clique sur le bouton Descargar Elibagla, cela va télécharger le fichier, place-le sur ton Bureau.
Double-clique dessus pour l'ouvrir.
Assure-toi que dans le menu déroulant Unidad, vous ayez bien C:\
Vérifie aussi aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
Clique sur le bouton Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
AIDE : Comment supprimer Bagle ?
désole en fait, après avoir fermer le logiciel, j'ai u un message.
voila le fichier :
"
Sun Apr 20 18:14:45 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.
Sun Apr 20 18:16:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1207
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:26:25 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Apr 20 18:26:46 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 18:26:58 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:29:38 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1"
voila le fichier :
"
Sun Apr 20 18:14:45 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.
Sun Apr 20 18:16:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1207
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:26:25 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Apr 20 18:26:46 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 18:26:58 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:29:38 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1"
Re,
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur combofix.exe afin de le lancer.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
re,
meme message que pour hijackthis au debut !!![:(]( ":(")
"elibagla" se lance au demarrage de l'odintateur, voila le rapport :
"
Sun Apr 20 18:14:45 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.
Sun Apr 20 18:16:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1207
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:26:25 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Apr 20 18:26:46 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 18:26:58 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:29:38 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 19:18:01 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 19:18:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 19:25:36 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 19:26:18 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\MessengerSkinner\MESSENGERSKINNER.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
"
meme message que pour hijackthis au debut !!
"elibagla" se lance au demarrage de l'odintateur, voila le rapport :
"
Sun Apr 20 18:14:45 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.
Sun Apr 20 18:16:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1207
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:26:25 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Sun Apr 20 18:26:46 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 18:26:58 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 18:29:38 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15659
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 19:18:01 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 19:18:50 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1
Sun Apr 20 19:25:36 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BOOBFAN\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sun Apr 20 19:26:18 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\MessengerSkinner\MESSENGERSKINNER.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\MDELK.EXE --> Acceso Denegado, Bagle (Reiniciar para completar la Limpieza)
Nº Total de Directorios: 1208
Nº Total de Ficheros: 15660
Nº de Ficheros Analizados: 4648
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2
"
!! AVANT DENREGISTRER COMBOFIX RENOMME LE EN Combo-fix.exe !!
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
re
j'ai du faire bcp de choses !!
sa ne marchait pas au debut, mon ordi a redemarre presque tout de suite, jai repasse elibagla qui se mettait au demarrage, j'ai ressayé tjr pareil !
jai donc redemarre en mode sans echec sur conseil d'un ami, et la sa a marche apres un nouveau scan avec elibagl![:)]( ":)")
voici le rapport ::
" ComboFix 08-04-20.2 - BoobFan 2008-04-21 0:08:50.3 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\Documents and Settings\All Users\Application Data\HotbarSA
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAau.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht
C:\Documents and Settings\All Users\Bureau\internetgamebox.lnk
C:\Documents and Settings\All Users\Bureau\sudoplanet.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\About Hotbar.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Customer Support Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Reset Cursor.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Uninstall Hotbar.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Weather.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\InternetGameBox.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Website.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Website.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\SudoPlanet.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Website.url
C:\Documents and Settings\BoobFan\Application Data\Hotbar
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte10_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte11_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte12_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte13_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte14_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte19_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte20_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte21_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte9_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030203lib_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102angel_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102bigluf_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102birthday_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102cheers_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102flo_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102good_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102jump_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102king_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102lough_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102luf_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102smile_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102smiled_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102sor_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102thanx_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102uhu_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040103ahh_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040103wow_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040104_emi2_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\042102_1134_112_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103big_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103gig_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103hm_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103norm_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema15_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema16_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema17_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema18_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema19_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema20_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema21_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema24_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema25_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema26_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema30_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema33_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema34_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\062802hippi_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\062802jumpie_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402argh_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402oops_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402ouch_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\082502no_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\082502yes_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_boring1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_confused_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_heehee_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_ign_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_lol_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_peace_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_smashing_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\blocked2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_add-but.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\business_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css_cattree.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css_flashpreview.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_main.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_pagingmodule.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_topbuttons.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-511745-514279.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-people.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-tell.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp_OI.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-text.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-voice.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-premium-email-premium.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-premium-email-premium_OI.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-t1-bg.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-temp-bg.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\estatationery.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\flashpatch.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\flashpreview.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\fs3.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\hotbar_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_checked_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_preview.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_send.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_flash_preview.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_recently_used.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_sand-clock2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tree_null.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout4.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_corner_left.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_local_logo.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_basetemplate.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbgroups.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobject3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobjectset3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hotbarwrapper.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_texts3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_xmltree3nf.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\layout.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\linkpathlegal.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\more.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\n.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_b_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_bb_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_f_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_ff_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\progress.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\searchbtn.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\submit.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bg.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bga.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bgia.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_l.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_la.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_lia.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_r.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ra.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ria.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_dots.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_minus.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_plus.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_animations.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_backgrounds.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_ecards.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_emoticons.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_notifiers.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_text.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\business_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\buttondir.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\code.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-def.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-temp-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\images.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\layout.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\localcontent.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\more.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\progress.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\treexml.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1022703.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1032719.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1049051.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055568.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1056027.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1057289.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1057608.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1060233.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1067625.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383356.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1384577.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387584.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388550.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388934.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389265.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389800.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389869.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1390732.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392593.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1394204.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1396993.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\140256.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1410585.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1414875.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1416761.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1429769.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1575822.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\199738.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2066842.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2872470.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2884480.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2884484.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2885069.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2899636.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2904096.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\290977.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3340762.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3693329.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\369344.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3720897.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3730731.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3736273.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781275.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781281.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781317.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781333.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3783087.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3786291.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3853038.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3855249.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893174.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893192.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893424.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893455.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893506.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893670.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893785.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894050.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894078.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894512.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\48657.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\566217.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\600583.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\608910.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\645857.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\991767.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023840
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023894
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023910
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024254
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024388
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024478
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000025073
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000025775
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026100
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026149
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026569
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000027929
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000028063
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000029227
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000030876
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000033079
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000037294
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000044868
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000047410
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000047858
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000051979
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052008
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052118
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052228
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052451
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052615
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052678
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052995
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053072
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053430
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053498
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000054458
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055040
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055472
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055538
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055539
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055540
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000056376
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000057212
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000057533
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000059558
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000059581
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060572
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060947
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060948
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000061533
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063198
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063625
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063820
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000064073
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000065154
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000066776
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067231
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067243
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067446
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067680
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067792
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068382
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068393
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068689
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068837
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069523
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069695
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069767
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000074423
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000078855
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000079032
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000079884
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000081733
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082117
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082129
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082727
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082825
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10807
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\116977
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\117731
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\118874
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11891
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12435
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12457
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13031
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13596
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1372
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1405
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1410
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14435
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14716
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1491
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15040
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15596
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\156150
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15737
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16087
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17025
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17656
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\183539
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19052
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19650
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\198406
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\199345
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20106
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\2021
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20516
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20517
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20549
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20570
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20898
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20997
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21119
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\211386
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\212398
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21846
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22254
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22459
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\224717
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22657
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22913
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23111
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23616
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\238276
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\24337
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\244515
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\244605
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\247895
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25063
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25469
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25803
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26335
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26340
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26664
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\270600
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27414
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27505
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27515
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28383
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\286256
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28812
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\289368
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\290893
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29115
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29135
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\299892
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30597
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\306
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30860
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32137
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32418
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32887
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3338
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33548
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33695
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33912
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33916
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3405
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34140
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34150
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34174
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34237
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34911
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35000
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35015
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35047
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\352526
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\356013
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35941
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36039
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36079
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\361427
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36489
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36625
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36735
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\370293
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\37122
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\374830
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\37616
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\376299
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\378128
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\385942
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39232
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39280
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41115
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4142
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41641
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41858
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41980
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\427148
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\432058
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\437353
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44100
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44228
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44276
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44293
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44303
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44313
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4442
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44878
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\450471
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\451453
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45437
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\459338
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\461329
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\46258
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\463818
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\472390
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\475788
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49442
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49512
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49587
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\505911
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51495
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\520094
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5204
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52253
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\528757
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\533670
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5358
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\53842
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\540999
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5411
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54469
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54984
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\553177
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\560770
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\568061
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\569262
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\571530
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57973
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5828
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59297
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\594881
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59632
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59844
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59873
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59923
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60386
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61207
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61779
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6292
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64404
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64414
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64429
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64446
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64467
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64484
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64736
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\652325
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6559
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\658110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66274
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66836
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6745
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\67567
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68028
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68055
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68241
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68597
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68903
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\69235
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\69866
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7014
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705022
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70608
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70611
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70650
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70907
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\709245
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71149
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71340
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\715879
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\715916
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716280
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716418
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716912
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\733622
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73415
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73560
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\738022
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\738232
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73861
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\742065
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\744920
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\745356
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\746390
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\746887
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747234
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747585
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747663
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747672
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\749298
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750357
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750500
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750891
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7521
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752361
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752614
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752733
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752947
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753017
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753197
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753198
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753199
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753300
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753309
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753311
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753327
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753331
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753350
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\76113
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78600
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78778
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79257
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79432
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79769
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79805
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79972
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79977
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79986
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79989
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80670
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80689
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81010
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81551
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82222
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82292
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82646
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\8282
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83209
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83210
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83211
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83634
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83821
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85365
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85878
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86379
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86587
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87323
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87481
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87594
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90358
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90371
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9313
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93857
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93921
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95610
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95615
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95704
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95818
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95825
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95917
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97494
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97546
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\98732
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\992
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99483
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99739
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans.idx
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans1.dat
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
C:\Docu
j'ai du faire bcp de choses !!
sa ne marchait pas au debut, mon ordi a redemarre presque tout de suite, jai repasse elibagla qui se mettait au demarrage, j'ai ressayé tjr pareil !
jai donc redemarre en mode sans echec sur conseil d'un ami, et la sa a marche apres un nouveau scan avec elibagl
voici le rapport ::
" ComboFix 08-04-20.2 - BoobFan 2008-04-21 0:08:50.3 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\Documents and Settings\All Users\Application Data\HotbarSA
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAau.dat
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht
C:\Documents and Settings\All Users\Bureau\internetgamebox.lnk
C:\Documents and Settings\All Users\Bureau\sudoplanet.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\About Hotbar.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Hotbar Customer Support Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Reset Cursor.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Uninstall Hotbar.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hotbar\Weather.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\InternetGameBox.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InternetGameBox\Website.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Website.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\SudoPlanet.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SudoPlanet\Website.url
C:\Documents and Settings\BoobFan\Application Data\Hotbar
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte10_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte11_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte12_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte13_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte14_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte19_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte20_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte21_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030104_emte9_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\030203lib_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102angel_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102bigluf_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102birthday_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102cheers_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102flo_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102good_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102jump_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102king_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102lough_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102luf_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102smile_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102smiled_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102sor_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102thanx_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\033102uhu_1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040103ahh_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040103wow_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\040104_emi2_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\042102_1134_112_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103big_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103gig_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103hm_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\050103norm_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema15_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema16_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema17_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema18_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema19_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema20_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema21_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema24_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema25_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema26_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema30_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema33_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\060104_ema34_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\062802hippi_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\062802jumpie_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402argh_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402oops_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\080402ouch_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\082502no_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\082502yes_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_boring1_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_confused_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_fantastic_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_feel_better_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_heehee_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_ign_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_lol_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_no_comment_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_peace_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_smashing_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\blocked2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_add-but.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\business_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css_cattree.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css_flashpreview.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_main.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_pagingmodule.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\css2_topbuttons.css
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-511745-514279.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-backgrounds.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-people.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-tell.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp_OI.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-text.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-voice.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-premium-email-premium.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-premium-email-premium_OI.mnu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-t1-bg.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\email-temp-bg.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\estatationery.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\flashpatch.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\flashpreview.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\fs3.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\hotbar_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_checked_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_preview.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_send.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_flash_preview.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_recently_used.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_sand-clock2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tree_null.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout4.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_corner_left.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\img_local_logo.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_basetemplate.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbgroups.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobject3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobjectset3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hotbarwrapper.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_texts3.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\js2_xmltree3nf.js
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\layout.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\linkpathlegal.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\more.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\n.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_b_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_bb_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_f_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\nav_ff_2.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\progress.res
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\searchbtn.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\submit.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bg.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bga.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bgia.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_l.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_la.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_lia.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_r.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ra.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ria.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_dots.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_minus.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\tree_plus.gif
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_animations.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_backgrounds.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_ecards.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_emoticons.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_notifiers.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_text.xml
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\business_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\buttondir.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\code.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-def.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\email-temp-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\images.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\layout.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\localcontent.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\more.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\progress.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\HostOI\static\DownLoad\treexml.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1022703.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1032719.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1049051.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055568.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1056027.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1057289.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1057608.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1060233.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1067625.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383356.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1384577.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387584.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388550.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388934.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389265.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389800.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389869.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1390732.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1392593.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1394204.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1396993.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\140256.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1410585.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1414875.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1416761.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1429769.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\1575822.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\199738.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2066842.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2872470.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2884480.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2884484.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2885069.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2899636.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\2904096.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\290977.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3340762.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3693329.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\369344.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3720897.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3730731.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3736273.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781275.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781281.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781317.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3781333.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3783087.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3786291.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3853038.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3855249.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893174.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893192.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893424.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893455.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893506.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893670.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3893785.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894050.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894078.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\3894512.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\48657.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\566217.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\600583.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\608910.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\645857.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\991767.sdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023840
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023894
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000023910
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024254
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024388
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000024478
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000025073
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000025775
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026100
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026149
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000026569
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000027929
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000028063
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000029227
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000030876
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000033079
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000037294
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000044868
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000047410
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000047858
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000051979
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052008
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052118
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052228
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052451
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052615
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052678
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000052995
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053072
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053430
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000053498
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000054458
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055040
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055472
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055538
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055539
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000055540
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000056376
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000057212
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000057533
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000059558
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000059581
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060572
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060947
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000060948
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000061533
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063198
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063625
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000063820
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000064073
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000065154
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000066776
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067231
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067243
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067446
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067680
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000067792
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068382
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068393
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068689
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000068837
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069523
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069695
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000069767
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000074423
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000078855
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000079032
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000079884
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000081733
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082117
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082129
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082727
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1000082825
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10807
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\116977
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\117731
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\118874
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11891
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12435
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12457
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13031
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13596
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1372
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1405
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1410
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14435
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14716
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1491
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15040
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15596
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\156150
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15737
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16087
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17025
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17656
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\183539
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19052
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19650
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\198406
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\199345
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20106
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\2021
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20516
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20517
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20549
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20570
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20898
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20997
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21119
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\211386
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\212398
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21846
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22254
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22459
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\224717
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22657
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22913
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23111
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23616
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\238276
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\24337
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\244515
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\244605
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\247895
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25063
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25469
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\25803
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26335
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26340
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26664
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\270600
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27414
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27505
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27515
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28383
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\286256
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28812
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\289368
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\290893
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29115
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29135
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\299892
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30597
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\306
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30860
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32137
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32418
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32887
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3338
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33548
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33695
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33912
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33916
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3405
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34140
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34150
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34174
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34237
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34911
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35000
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35015
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35047
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\352526
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\356013
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35941
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36039
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36079
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\361427
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36489
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36625
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36735
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\370293
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\37122
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\374830
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\37616
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\376299
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\378128
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\385942
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39232
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39280
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41115
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4142
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41641
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41858
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41980
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\427148
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\432058
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\437353
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44100
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44228
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44276
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44293
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44303
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44313
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4442
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44878
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\450471
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\451453
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45437
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\459338
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\461329
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\46258
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\463818
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\472390
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\475788
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49442
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49512
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49587
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\505911
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51495
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\520094
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5204
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52253
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\528757
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\533670
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5358
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\53842
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\540999
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5411
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54469
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54984
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\553177
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\560770
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\568061
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\569262
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\571530
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57973
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5828
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59297
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\594881
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59632
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59844
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59873
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59923
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60386
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61207
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61779
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6292
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64404
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64414
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64429
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64446
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64467
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64484
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64736
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\652325
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6559
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\658110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66274
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66836
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6745
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\67567
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68028
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68055
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68241
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68597
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68903
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\69235
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\69866
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7014
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705022
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70608
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70611
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70650
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70907
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\709245
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71149
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71340
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\715879
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\715916
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716280
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716418
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\716912
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\733622
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73415
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73560
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\738022
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\738232
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73861
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\742065
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\744920
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\745356
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\746390
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\746887
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747234
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747585
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747663
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\747672
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\749298
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750357
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750500
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\750891
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7521
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752361
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752614
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752733
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\752947
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753017
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753197
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753198
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753199
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753300
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753309
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753311
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753327
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753331
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\753350
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\76113
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78600
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78778
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79257
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79432
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79769
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79805
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79972
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79977
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79986
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79989
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80670
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80689
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81010
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81551
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82222
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82292
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82646
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\8282
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83209
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83210
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83211
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83634
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83821
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85365
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85878
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86379
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86587
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87323
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87481
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87594
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90358
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90371
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93110
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9313
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93857
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93921
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95610
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95615
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95704
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95818
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95825
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95917
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97494
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97546
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\98732
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\992
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99483
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99739
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\ads.cdf
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans.idx
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\btntrans1.dat
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
C:\Docu
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\cursors.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\editblbuttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\gamesmenu.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hb_ie_menu.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_games_icon.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_video.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\more.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\sdfmodifier.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\weathericon.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons\3bSoftware_icon_1.ico
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons\Registryrepair.ico
C:\Documents and Settings\BoobFan\Application Data\install.dat
C:\Documents and Settings\BoobFan\Application Data\MessengerSkinner
C:\Documents and Settings\BoobFan\Application Data\MessengerSkinner\Userdata\pack1.cab
C:\Documents and Settings\BoobFan\Application Data\printer.exe
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\BoobFan\Application Data\WeatherDPA
C:\Documents and Settings\BoobFan\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo.dat
c:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo_nav.dat
C:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo_navps.dat
C:\Documents and Settings\BoobFan\Menu Démarrer\MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\Démarrage\findfast.exe
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\MalwareCrush 3.7 Website.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\Uninstall MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\real.txt
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\PopSwatr\History\allowed
C:\Program Files\FunWebProducts\PopSwatr\History\notallow
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\Hotbar
C:\Program Files\Hotbar\bin\10.2.197.0\arrow.ico
C:\Program Files\Hotbar\bin\10.2.197.0\Cml.exe
C:\Program Files\Hotbar\bin\10.2.197.0\CntntCntr.dll
C:\Program Files\Hotbar\bin\10.2.197.0\copyright.txt
C:\Program Files\Hotbar\bin\10.2.197.0\CoreSrv.dll
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\components\npclntax.xpt
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\install.rdf
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\plugins\npclntax_HotbarSA.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostOE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostOL.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSA.exe
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSAAX.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSADF.exe
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSAHook.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarUninstaller.exe
C:\Program Files\Hotbar\bin\10.2.197.0\InstIE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\link.ico
C:\Program Files\Hotbar\bin\10.2.197.0\OEAddOn.exe
C:\Program Files\Hotbar\bin\10.2.197.0\Srv.exe
C:\Program Files\Hotbar\bin\10.2.197.0\Toolbar.dll
C:\Program Files\Hotbar\bin\10.2.197.0\Wallpaper.dll
C:\Program Files\Hotbar\bin\10.2.197.0\Weather.exe
C:\Program Files\Hotbar\bin\10.2.197.0\WeSkin.dll
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\internetgamebox
C:\Program Files\internetgamebox\InternetGameBox.exe
C:\Program Files\internetgamebox\language
C:\Program Files\internetgamebox\ressources\AttenteOff.html
C:\Program Files\internetgamebox\ressources\AttenteOn.html
C:\Program Files\internetgamebox\ressources\configv2_en.xml
C:\Program Files\internetgamebox\ressources\configv2_es.xml
C:\Program Files\internetgamebox\ressources\configv2_fr.xml
C:\Program Files\internetgamebox\ressources\favoris\defaultv2.swf
C:\Program Files\internetgamebox\ressources\NoS2F.bin
C:\Program Files\internetgamebox\skins\skinv2.skn
C:\Program Files\internetgamebox\uninst.exe
C:\Program Files\mailskinner
C:\Program Files\mailskinner\anim_0.gif
C:\Program Files\mailskinner\anim_help.gif
C:\Program Files\mailskinner\MailSkinner.exe
C:\Program Files\mailskinner\OLSkinner.dll
C:\Program Files\mailskinner\uninst.exe
C:\Program Files\MalwareCrush
C:\Program Files\MalwareCrush\blacklist.txt
C:\Program Files\MalwareCrush\ignored.lst
C:\Program Files\MalwareCrush\Lang\English.ini
C:\Program Files\MalwareCrush\MalwareCrush.exe
C:\Program Files\MalwareCrush\MalwareCrush.url
C:\Program Files\MalwareCrush\mc.ini
C:\Program Files\MalwareCrush\msvcp71.dll
C:\Program Files\MalwareCrush\msvcr71.dll
C:\Program Files\MalwareCrush\ref.dat
C:\Program Files\MalwareCrush\uninst.exe
C:\Program Files\messengerskinner
C:\Program Files\messengerskinner\download\defaultPack.cab
C:\Program Files\messengerskinner\MessengerSkinnerDll.dll
C:\Program Files\messengerskinner\resources\appconfig.xml
C:\Program Files\messengerskinner\resources\btn.rgn
C:\Program Files\messengerskinner\resources\btnBnr.rgn
C:\Program Files\messengerskinner\resources\btnIn.rgn
C:\Program Files\messengerskinner\resources\btnInNormal.bmp
C:\Program Files\messengerskinner\resources\btnInOver.bmp
C:\Program Files\messengerskinner\resources\btnNormal.bmp
C:\Program Files\messengerskinner\resources\btnNormal.gif
C:\Program Files\messengerskinner\resources\btnNormalBnr.bmp
C:\Program Files\messengerskinner\resources\btnNormalBnr.gif
C:\Program Files\messengerskinner\resources\btnOver.bmp
C:\Program Files\messengerskinner\resources\btnOver.gif
C:\Program Files\messengerskinner\resources\btnOverBnr.bmp
C:\Program Files\messengerskinner\resources\btnOverBnr.gif
C:\Program Files\messengerskinner\resources\languages_v2.xml
C:\Program Files\messengerskinner\uninst.exe
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Cache\000469F1
C:\Program Files\MyWebSearch\bar\Cache\00046FE4
C:\Program Files\MyWebSearch\bar\Cache\00047283.bin
C:\Program Files\MyWebSearch\bar\Cache\0005EFC3
C:\Program Files\MyWebSearch\bar\Cache\00329E70.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A0E7.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A2EF.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A430.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A64D.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A7A1.bin
C:\Program Files\MyWebSearch\bar\Cache\00468EED.bin
C:\Program Files\MyWebSearch\bar\Cache\0046DD01.bin
C:\Program Files\MyWebSearch\bar\Cache\0046EA44.bin
C:\Program Files\MyWebSearch\bar\Cache\0046EBAD.bin
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\icons\CM.ICO
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
C:\Program Files\MyWebSearch\bar\icons\WB.ICO
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
C:\Program Files\MyWebSearch\bar\Settings\settings.dat
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
C:\Program Files\ShoppingReport\Uninst.exe
C:\Program Files\sudoplanet
C:\Program Files\sudoplanet\SudoPlanet.dll
C:\Program Files\sudoplanet\SudoPlanet.exe
C:\Program Files\sudoplanet\uninst.exe
C:\Program Files\SystemDefender
C:\Program Files\Ultimate Defender
C:\WINDOWS\Fonts\acrsecB.fon
C:\WINDOWS\Fonts\acrsecI.fon
C:\WINDOWS\msskinner
C:\WINDOWS\msskinner\msbackup.dat
C:\WINDOWS\shell.exe
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100224.exe
C:\WINDOWS\system32\drivers\down\101886.exe
C:\WINDOWS\system32\drivers\down\104940.exe
C:\WINDOWS\system32\drivers\down\109187.exe
C:\WINDOWS\system32\drivers\down\111710.exe
C:\WINDOWS\system32\drivers\down\114003.exe
C:\WINDOWS\system32\drivers\down\114184.exe
C:\WINDOWS\system32\drivers\down\115365.exe
C:\WINDOWS\system32\drivers\down\116988.exe
C:\WINDOWS\system32\drivers\down\117148.exe
C:\WINDOWS\system32\drivers\down\120092.exe
C:\WINDOWS\system32\drivers\down\121324.exe
C:\WINDOWS\system32\drivers\down\128364.exe
C:\WINDOWS\system32\drivers\down\129135.exe
C:\WINDOWS\system32\drivers\down\130046.exe
C:\WINDOWS\system32\drivers\down\130727.exe
C:\WINDOWS\system32\drivers\down\132380.exe
C:\WINDOWS\system32\drivers\down\133481.exe
C:\WINDOWS\system32\drivers\down\135254.exe
C:\WINDOWS\system32\drivers\down\135364.exe
C:\WINDOWS\system32\drivers\down\137377.exe
C:\WINDOWS\system32\drivers\down\138378.exe
C:\WINDOWS\system32\drivers\down\142074.exe
C:\WINDOWS\system32\drivers\down\142204.exe
C:\WINDOWS\system32\drivers\down\148012.exe
C:\WINDOWS\system32\drivers\down\150706.exe
C:\WINDOWS\system32\drivers\down\156565.exe
C:\WINDOWS\system32\drivers\down\159088.exe
C:\WINDOWS\system32\drivers\down\159939.exe
C:\WINDOWS\system32\drivers\down\167400.exe
C:\WINDOWS\system32\drivers\down\171496.exe
C:\WINDOWS\system32\drivers\down\172197.exe
C:\WINDOWS\system32\drivers\down\172808.exe
C:\WINDOWS\system32\drivers\down\174470.exe
C:\WINDOWS\system32\drivers\down\174601.exe
C:\WINDOWS\system32\drivers\down\174611.exe
C:\WINDOWS\system32\drivers\down\177355.exe
C:\WINDOWS\system32\drivers\down\180058.exe
C:\WINDOWS\system32\drivers\down\180860.exe
C:\WINDOWS\system32\drivers\down\181140.exe
C:\WINDOWS\system32\drivers\down\1886873.exe
C:\WINDOWS\system32\drivers\down\1889787.exe
C:\WINDOWS\system32\drivers\down\189552.exe
C:\WINDOWS\system32\drivers\down\190333.exe
C:\WINDOWS\system32\drivers\down\1915143.exe
C:\WINDOWS\system32\drivers\down\1918288.exe
C:\WINDOWS\system32\drivers\down\199897.exe
C:\WINDOWS\system32\drivers\down\200227.exe
C:\WINDOWS\system32\drivers\down\2040664.exe
C:\WINDOWS\system32\drivers\down\207989.exe
C:\WINDOWS\system32\drivers\down\210001.exe
C:\WINDOWS\system32\drivers\down\211203.exe
C:\WINDOWS\system32\drivers\down\214037.exe
C:\WINDOWS\system32\drivers\down\216361.exe
C:\WINDOWS\system32\drivers\down\216391.exe
C:\WINDOWS\system32\drivers\down\2170561.exe
C:\WINDOWS\system32\drivers\down\225344.exe
C:\WINDOWS\system32\drivers\down\229540.exe
C:\WINDOWS\system32\drivers\down\231482.exe
C:\WINDOWS\system32\drivers\down\2356678.exe
C:\WINDOWS\system32\drivers\down\2358200.exe
C:\WINDOWS\system32\drivers\down\248877.exe
C:\WINDOWS\system32\drivers\down\256398.exe
C:\WINDOWS\system32\drivers\down\274484.exe
C:\WINDOWS\system32\drivers\down\278270.exe
C:\WINDOWS\system32\drivers\down\293802.exe
C:\WINDOWS\system32\drivers\down\295755.exe
C:\WINDOWS\system32\drivers\down\316064.exe
C:\WINDOWS\system32\drivers\down\319219.exe
C:\WINDOWS\system32\drivers\down\322603.exe
C:\WINDOWS\system32\drivers\down\325077.exe
C:\WINDOWS\system32\drivers\down\325758.exe
C:\WINDOWS\system32\drivers\down\330555.exe
C:\WINDOWS\system32\drivers\down\333108.exe
C:\WINDOWS\system32\drivers\down\335592.exe
C:\WINDOWS\system32\drivers\down\338136.exe
C:\WINDOWS\system32\drivers\down\374067.exe
C:\WINDOWS\system32\drivers\down\451218.exe
C:\WINDOWS\system32\drivers\down\453902.exe
C:\WINDOWS\system32\drivers\down\454583.exe
C:\WINDOWS\system32\drivers\down\459480.exe
C:\WINDOWS\system32\drivers\down\462294.exe
C:\WINDOWS\system32\drivers\down\464477.exe
C:\WINDOWS\system32\drivers\down\470576.exe
C:\WINDOWS\system32\drivers\down\54578.exe
C:\WINDOWS\system32\drivers\down\560235.exe
C:\WINDOWS\system32\drivers\down\56080.exe
C:\WINDOWS\system32\drivers\down\572262.exe
C:\WINDOWS\system32\drivers\down\57522.exe
C:\WINDOWS\system32\drivers\down\57773.exe
C:\WINDOWS\system32\drivers\down\59545.exe
C:\WINDOWS\system32\drivers\down\60416.exe
C:\WINDOWS\system32\drivers\down\66495.exe
C:\WINDOWS\system32\drivers\down\82108.exe
C:\WINDOWS\system32\drivers\down\83480.exe
C:\WINDOWS\system32\drivers\down\86324.exe
C:\WINDOWS\system32\drivers\down\88587.exe
C:\WINDOWS\system32\drivers\down\89989.exe
C:\WINDOWS\system32\drivers\down\91060.exe
C:\WINDOWS\system32\drivers\down\92312.exe
C:\WINDOWS\system32\drivers\down\94916.exe
C:\WINDOWS\system32\drivers\down\97540.exe
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\kdhsp.exe
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\real.txt
C:\WINDOWS\system32\spoolvs.exe
C:\WINDOWS\system32\wowfx.dll
C:\windows\xpupdate.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_msdirect
-------\Legacy_SROSA
-------\Service_msdirect
((((((((((((((((((((((((((((( Fichiers créés 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:32 . 2008-04-12 16:32 <REP> d-------- C:\WINDOWS\photo album
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 16:31 . 2008-04-12 08:55 561,152 -r-hs---- C:\WINDOWS\LBTWiz.exe
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 11:13 . 2008-04-12 11:13 <REP> d-------- C:\Program Files\Files-Secure
2008-04-12 11:11 . 2008-03-15 21:27 389,120 -r-hsc--- C:\WINDOWS\system32\dllcache\wintcps.exe
2008-04-12 11:11 . 2008-04-12 11:11 10,240 --a------ C:\WINDOWS\system\bpmdm32.dll
2008-04-12 11:09 . 2008-03-15 21:28 333,532 -r-hsc--- C:\WINDOWS\system32\dllcache\mlqm.exe
2008-04-12 11:08 . 2008-04-12 11:08 <REP> d-------- C:\Program Files\VideoKey
2008-04-12 11:07 . 2008-04-12 11:07 90,344 --a------ C:\WINDOWS\system32\ipv6motp.dll
2008-04-12 11:01 . 2008-04-12 10:58 90,112 --a------ C:\WINDOWS\system32\36.tmp
2008-04-12 11:01 . 2008-04-12 11:01 12,288 --a------ C:\flvm.exe
2008-04-12 11:01 . 2008-04-12 11:01 10,000 --a------ C:\WINDOWS\system32\jfiehayd.dll
2008-04-12 11:01 . 2008-04-12 11:01 0 --a------ C:\d1.exe
2008-04-12 10:58 . 2008-04-12 11:01 90,112 --a------ C:\WINDOWS\system32\crehcjid.dll
2008-04-12 10:58 . 2008-04-21 00:04 16,768 --a------ C:\WINDOWS\system32\tcpip_patcher.sys
2008-04-12 10:58 . 2008-04-12 10:58 12,288 --a------ C:\flvm.exe~
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:57 . 2008-04-12 10:57 58,880 --a------ C:\prplu.exe
2008-04-12 10:57 . 2008-04-12 10:57 55,218 --a------ C:\WINDOWS\zeqbqwp.sys
2008-04-12 10:57 . 2008-04-12 10:58 44,544 --a------ C:\qbptb.exe~
2008-04-12 10:56 . 2008-04-12 10:56 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-04-12 10:56 . 2008-04-12 10:56 79,872 --a------ C:\xx7c7c3n5d8d.exe
2008-04-12 10:55 . 2008-04-21 00:05 561,298 --a------ C:\WINDOWS\Nokia_19_jpg.zip
2008-04-12 10:55 . 2007-10-05 15:18 561,152 -rahs---- C:\WINDOWS\LBTWiz.exe~
2008-04-12 10:55 . 2008-04-12 16:32 24,908 --a------ C:\WINDOWS\photo album.zip
2008-04-12 10:55 . 2008-04-12 10:55 22,016 --a------ C:\WINDOWS\system32\rdihost.dll
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 19:22 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Spyware-Secure
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\WINDOWS\cdmxtras
2008-03-23 15:22 . 2008-03-23 17:43 <REP> d-------- C:\Program Files\RXToolBar
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Need2Find
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Instafinder
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-23 15:21 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Warez
2008-03-23 15:20 . 2008-03-23 15:20 <REP> d-------- C:\WINDOWS\system32\P2P Networking
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Kazaa
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Altnet
2008-03-23 15:20 . 2008-03-23 15:20 77,312 --a------ C:\WINDOWS\system32\P2P Networking v126.cpl
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Program Files\ErrorSmart
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:59 . 2008-03-22 19:59 <REP> d-------- C:\Program Files\3B Software
2008-03-22 19:57 . 2008-04-20 23:33 <REP> d-------- C:\Program Files\GamesBar
2008-03-22 19:57 . 2008-04-12 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GamesBar
2008-03-22 19:28 . 2008-03-23 18:39 81 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-22 19:27 . 2008-03-22 19:27 <REP> d-------- C:\Program Files\YesMessenger
2008-03-22 19:27 . 2007-11-26 14:46 316 --a------ C:\WINDOWS\yes_messenger.ini
2008-03-22 19:21 . 2008-03-22 21:31 <REP> d-------- C:\Program Files\TorrentSoftware
2008-03-22 19:19 . 2008-03-22 19:19 <REP> d-------- C:\Program Files\TorrentQ
2008-03-22 19:15 . 2008-03-22 21:52 <REP> d-------- C:\Program Files\BitRoll
2008-03-22 19:12 . 2008-03-22 19:12 <REP> d-------- C:\Program Files\WinZix
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Program Files\NetPumper
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-12 10:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:59 . 2008-03-22 18:59 <REP> d-------- C:\Program Files\DivoPlayer
2008-03-22 18:53 . 2008-03-22 18:53 <REP> d-------- C:\Program Files\DivoCodec
2008-03-22 18:49 . 2008-03-22 18:50 <REP> d-------- C:\Program Files\BitGrabber
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 18:09 . 2008-03-22 18:09 <REP> d-------- C:\Program Files\BitDownload
2008-03-22 18:08 . 2008-03-22 18:08 <REP> d-------- C:\Program Files\Web Media Player
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-20 22:05 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-20 22:05 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2004-08-05 12:00 66,560 --sh--r C:\WINDOWS\system32\alm7tas.exe
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-20 22:04:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-20 22:05:11 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-20 22:05:11 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
2008-04-12 11:01 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= "C:\Program Files\RXToolBar\RXToolBar.dll" [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"= C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll [ ]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= C:\Program Files\RXToolBar\RXToolBar.dll [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[HKEY_CLASSES_ROOT\HostIE.Bho]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [2008-03-23 15:20 468152]
"Instafinder"="C:\Program Files\Instafinder\instafinder.exe" [2007-07-12 22:32 311296]
"LBTWiz.exe"="C:\WINDOWS\LBTWiz.exe" [2008-04-12 08:55 561152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"="C:\WINDOWS\system32\alm7tas.exe" [2004-08-05 14:00 66560]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"= C:\WINDOWS\system32\jfiehayd.dll [2008-04-12 11:01 10000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"rdihost"= {BF8DB406-0372-4793-AF11-13DF79B340E2} - rdihost.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
crehcjid.dll 2008-04-12 11:01 90112 C:\WINDOWS\system32\crehcjid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\alm7tas.exe"=
"C:\\WINDOWS\\system32\\dllcache\\mlqm.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-20 17:31:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 00:11:47
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Instafinder\instafinder.dll
.
Temps d'accomplissement: 2008-04-21 0:13:18
ComboFix-quarantined-files.txt 2008-04-20 22:13:09
Pre-Run: 7,955,701,760 octets libres
Post-Run: 7,948,750,848 octets libres
1443
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\editblbuttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\gamesmenu.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hb_ie_menu.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_games_icon.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_video.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\more.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\sdfmodifier.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\weathericon.xip
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons\3bSoftware_icon_1.ico
C:\Documents and Settings\BoobFan\Application Data\Hotbar_Icons\Registryrepair.ico
C:\Documents and Settings\BoobFan\Application Data\install.dat
C:\Documents and Settings\BoobFan\Application Data\MessengerSkinner
C:\Documents and Settings\BoobFan\Application Data\MessengerSkinner\Userdata\pack1.cab
C:\Documents and Settings\BoobFan\Application Data\printer.exe
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\BoobFan\Application Data\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\BoobFan\Application Data\WeatherDPA
C:\Documents and Settings\BoobFan\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo.dat
c:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo_nav.dat
C:\Documents and Settings\BoobFan\Local Settings\Application Data\viadrcuo_navps.dat
C:\Documents and Settings\BoobFan\Menu Démarrer\MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\Démarrage\findfast.exe
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\MalwareCrush 3.7 Website.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\Menu Démarrer\Programmes\MalwareCrush\Uninstall MalwareCrush 3.7.lnk
C:\Documents and Settings\BoobFan\real.txt
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\PopSwatr\History\allowed
C:\Program Files\FunWebProducts\PopSwatr\History\notallow
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\Hotbar
C:\Program Files\Hotbar\bin\10.2.197.0\arrow.ico
C:\Program Files\Hotbar\bin\10.2.197.0\Cml.exe
C:\Program Files\Hotbar\bin\10.2.197.0\CntntCntr.dll
C:\Program Files\Hotbar\bin\10.2.197.0\copyright.txt
C:\Program Files\Hotbar\bin\10.2.197.0\CoreSrv.dll
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\components\npclntax.xpt
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\install.rdf
C:\Program Files\Hotbar\bin\10.2.197.0\firefox\extensions\plugins\npclntax_HotbarSA.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostOE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HostOL.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSA.exe
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSAAX.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSADF.exe
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarSAHook.dll
C:\Program Files\Hotbar\bin\10.2.197.0\HotbarUninstaller.exe
C:\Program Files\Hotbar\bin\10.2.197.0\InstIE.dll
C:\Program Files\Hotbar\bin\10.2.197.0\link.ico
C:\Program Files\Hotbar\bin\10.2.197.0\OEAddOn.exe
C:\Program Files\Hotbar\bin\10.2.197.0\Srv.exe
C:\Program Files\Hotbar\bin\10.2.197.0\Toolbar.dll
C:\Program Files\Hotbar\bin\10.2.197.0\Wallpaper.dll
C:\Program Files\Hotbar\bin\10.2.197.0\Weather.exe
C:\Program Files\Hotbar\bin\10.2.197.0\WeSkin.dll
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\internetgamebox
C:\Program Files\internetgamebox\InternetGameBox.exe
C:\Program Files\internetgamebox\language
C:\Program Files\internetgamebox\ressources\AttenteOff.html
C:\Program Files\internetgamebox\ressources\AttenteOn.html
C:\Program Files\internetgamebox\ressources\configv2_en.xml
C:\Program Files\internetgamebox\ressources\configv2_es.xml
C:\Program Files\internetgamebox\ressources\configv2_fr.xml
C:\Program Files\internetgamebox\ressources\favoris\defaultv2.swf
C:\Program Files\internetgamebox\ressources\NoS2F.bin
C:\Program Files\internetgamebox\skins\skinv2.skn
C:\Program Files\internetgamebox\uninst.exe
C:\Program Files\mailskinner
C:\Program Files\mailskinner\anim_0.gif
C:\Program Files\mailskinner\anim_help.gif
C:\Program Files\mailskinner\MailSkinner.exe
C:\Program Files\mailskinner\OLSkinner.dll
C:\Program Files\mailskinner\uninst.exe
C:\Program Files\MalwareCrush
C:\Program Files\MalwareCrush\blacklist.txt
C:\Program Files\MalwareCrush\ignored.lst
C:\Program Files\MalwareCrush\Lang\English.ini
C:\Program Files\MalwareCrush\MalwareCrush.exe
C:\Program Files\MalwareCrush\MalwareCrush.url
C:\Program Files\MalwareCrush\mc.ini
C:\Program Files\MalwareCrush\msvcp71.dll
C:\Program Files\MalwareCrush\msvcr71.dll
C:\Program Files\MalwareCrush\ref.dat
C:\Program Files\MalwareCrush\uninst.exe
C:\Program Files\messengerskinner
C:\Program Files\messengerskinner\download\defaultPack.cab
C:\Program Files\messengerskinner\MessengerSkinnerDll.dll
C:\Program Files\messengerskinner\resources\appconfig.xml
C:\Program Files\messengerskinner\resources\btn.rgn
C:\Program Files\messengerskinner\resources\btnBnr.rgn
C:\Program Files\messengerskinner\resources\btnIn.rgn
C:\Program Files\messengerskinner\resources\btnInNormal.bmp
C:\Program Files\messengerskinner\resources\btnInOver.bmp
C:\Program Files\messengerskinner\resources\btnNormal.bmp
C:\Program Files\messengerskinner\resources\btnNormal.gif
C:\Program Files\messengerskinner\resources\btnNormalBnr.bmp
C:\Program Files\messengerskinner\resources\btnNormalBnr.gif
C:\Program Files\messengerskinner\resources\btnOver.bmp
C:\Program Files\messengerskinner\resources\btnOver.gif
C:\Program Files\messengerskinner\resources\btnOverBnr.bmp
C:\Program Files\messengerskinner\resources\btnOverBnr.gif
C:\Program Files\messengerskinner\resources\languages_v2.xml
C:\Program Files\messengerskinner\uninst.exe
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Cache\000469F1
C:\Program Files\MyWebSearch\bar\Cache\00046FE4
C:\Program Files\MyWebSearch\bar\Cache\00047283.bin
C:\Program Files\MyWebSearch\bar\Cache\0005EFC3
C:\Program Files\MyWebSearch\bar\Cache\00329E70.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A0E7.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A2EF.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A430.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A64D.bin
C:\Program Files\MyWebSearch\bar\Cache\0032A7A1.bin
C:\Program Files\MyWebSearch\bar\Cache\00468EED.bin
C:\Program Files\MyWebSearch\bar\Cache\0046DD01.bin
C:\Program Files\MyWebSearch\bar\Cache\0046EA44.bin
C:\Program Files\MyWebSearch\bar\Cache\0046EBAD.bin
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\icons\CM.ICO
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
C:\Program Files\MyWebSearch\bar\icons\WB.ICO
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
C:\Program Files\MyWebSearch\bar\Settings\settings.dat
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
C:\Program Files\ShoppingReport\Uninst.exe
C:\Program Files\sudoplanet
C:\Program Files\sudoplanet\SudoPlanet.dll
C:\Program Files\sudoplanet\SudoPlanet.exe
C:\Program Files\sudoplanet\uninst.exe
C:\Program Files\SystemDefender
C:\Program Files\Ultimate Defender
C:\WINDOWS\Fonts\acrsecB.fon
C:\WINDOWS\Fonts\acrsecI.fon
C:\WINDOWS\msskinner
C:\WINDOWS\msskinner\msbackup.dat
C:\WINDOWS\shell.exe
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100224.exe
C:\WINDOWS\system32\drivers\down\101886.exe
C:\WINDOWS\system32\drivers\down\104940.exe
C:\WINDOWS\system32\drivers\down\109187.exe
C:\WINDOWS\system32\drivers\down\111710.exe
C:\WINDOWS\system32\drivers\down\114003.exe
C:\WINDOWS\system32\drivers\down\114184.exe
C:\WINDOWS\system32\drivers\down\115365.exe
C:\WINDOWS\system32\drivers\down\116988.exe
C:\WINDOWS\system32\drivers\down\117148.exe
C:\WINDOWS\system32\drivers\down\120092.exe
C:\WINDOWS\system32\drivers\down\121324.exe
C:\WINDOWS\system32\drivers\down\128364.exe
C:\WINDOWS\system32\drivers\down\129135.exe
C:\WINDOWS\system32\drivers\down\130046.exe
C:\WINDOWS\system32\drivers\down\130727.exe
C:\WINDOWS\system32\drivers\down\132380.exe
C:\WINDOWS\system32\drivers\down\133481.exe
C:\WINDOWS\system32\drivers\down\135254.exe
C:\WINDOWS\system32\drivers\down\135364.exe
C:\WINDOWS\system32\drivers\down\137377.exe
C:\WINDOWS\system32\drivers\down\138378.exe
C:\WINDOWS\system32\drivers\down\142074.exe
C:\WINDOWS\system32\drivers\down\142204.exe
C:\WINDOWS\system32\drivers\down\148012.exe
C:\WINDOWS\system32\drivers\down\150706.exe
C:\WINDOWS\system32\drivers\down\156565.exe
C:\WINDOWS\system32\drivers\down\159088.exe
C:\WINDOWS\system32\drivers\down\159939.exe
C:\WINDOWS\system32\drivers\down\167400.exe
C:\WINDOWS\system32\drivers\down\171496.exe
C:\WINDOWS\system32\drivers\down\172197.exe
C:\WINDOWS\system32\drivers\down\172808.exe
C:\WINDOWS\system32\drivers\down\174470.exe
C:\WINDOWS\system32\drivers\down\174601.exe
C:\WINDOWS\system32\drivers\down\174611.exe
C:\WINDOWS\system32\drivers\down\177355.exe
C:\WINDOWS\system32\drivers\down\180058.exe
C:\WINDOWS\system32\drivers\down\180860.exe
C:\WINDOWS\system32\drivers\down\181140.exe
C:\WINDOWS\system32\drivers\down\1886873.exe
C:\WINDOWS\system32\drivers\down\1889787.exe
C:\WINDOWS\system32\drivers\down\189552.exe
C:\WINDOWS\system32\drivers\down\190333.exe
C:\WINDOWS\system32\drivers\down\1915143.exe
C:\WINDOWS\system32\drivers\down\1918288.exe
C:\WINDOWS\system32\drivers\down\199897.exe
C:\WINDOWS\system32\drivers\down\200227.exe
C:\WINDOWS\system32\drivers\down\2040664.exe
C:\WINDOWS\system32\drivers\down\207989.exe
C:\WINDOWS\system32\drivers\down\210001.exe
C:\WINDOWS\system32\drivers\down\211203.exe
C:\WINDOWS\system32\drivers\down\214037.exe
C:\WINDOWS\system32\drivers\down\216361.exe
C:\WINDOWS\system32\drivers\down\216391.exe
C:\WINDOWS\system32\drivers\down\2170561.exe
C:\WINDOWS\system32\drivers\down\225344.exe
C:\WINDOWS\system32\drivers\down\229540.exe
C:\WINDOWS\system32\drivers\down\231482.exe
C:\WINDOWS\system32\drivers\down\2356678.exe
C:\WINDOWS\system32\drivers\down\2358200.exe
C:\WINDOWS\system32\drivers\down\248877.exe
C:\WINDOWS\system32\drivers\down\256398.exe
C:\WINDOWS\system32\drivers\down\274484.exe
C:\WINDOWS\system32\drivers\down\278270.exe
C:\WINDOWS\system32\drivers\down\293802.exe
C:\WINDOWS\system32\drivers\down\295755.exe
C:\WINDOWS\system32\drivers\down\316064.exe
C:\WINDOWS\system32\drivers\down\319219.exe
C:\WINDOWS\system32\drivers\down\322603.exe
C:\WINDOWS\system32\drivers\down\325077.exe
C:\WINDOWS\system32\drivers\down\325758.exe
C:\WINDOWS\system32\drivers\down\330555.exe
C:\WINDOWS\system32\drivers\down\333108.exe
C:\WINDOWS\system32\drivers\down\335592.exe
C:\WINDOWS\system32\drivers\down\338136.exe
C:\WINDOWS\system32\drivers\down\374067.exe
C:\WINDOWS\system32\drivers\down\451218.exe
C:\WINDOWS\system32\drivers\down\453902.exe
C:\WINDOWS\system32\drivers\down\454583.exe
C:\WINDOWS\system32\drivers\down\459480.exe
C:\WINDOWS\system32\drivers\down\462294.exe
C:\WINDOWS\system32\drivers\down\464477.exe
C:\WINDOWS\system32\drivers\down\470576.exe
C:\WINDOWS\system32\drivers\down\54578.exe
C:\WINDOWS\system32\drivers\down\560235.exe
C:\WINDOWS\system32\drivers\down\56080.exe
C:\WINDOWS\system32\drivers\down\572262.exe
C:\WINDOWS\system32\drivers\down\57522.exe
C:\WINDOWS\system32\drivers\down\57773.exe
C:\WINDOWS\system32\drivers\down\59545.exe
C:\WINDOWS\system32\drivers\down\60416.exe
C:\WINDOWS\system32\drivers\down\66495.exe
C:\WINDOWS\system32\drivers\down\82108.exe
C:\WINDOWS\system32\drivers\down\83480.exe
C:\WINDOWS\system32\drivers\down\86324.exe
C:\WINDOWS\system32\drivers\down\88587.exe
C:\WINDOWS\system32\drivers\down\89989.exe
C:\WINDOWS\system32\drivers\down\91060.exe
C:\WINDOWS\system32\drivers\down\92312.exe
C:\WINDOWS\system32\drivers\down\94916.exe
C:\WINDOWS\system32\drivers\down\97540.exe
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\kdhsp.exe
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\real.txt
C:\WINDOWS\system32\spoolvs.exe
C:\WINDOWS\system32\wowfx.dll
C:\windows\xpupdate.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_msdirect
-------\Legacy_SROSA
-------\Service_msdirect
((((((((((((((((((((((((((((( Fichiers créés 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:32 . 2008-04-12 16:32 <REP> d-------- C:\WINDOWS\photo album
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 16:31 . 2008-04-12 08:55 561,152 -r-hs---- C:\WINDOWS\LBTWiz.exe
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 11:13 . 2008-04-12 11:13 <REP> d-------- C:\Program Files\Files-Secure
2008-04-12 11:11 . 2008-03-15 21:27 389,120 -r-hsc--- C:\WINDOWS\system32\dllcache\wintcps.exe
2008-04-12 11:11 . 2008-04-12 11:11 10,240 --a------ C:\WINDOWS\system\bpmdm32.dll
2008-04-12 11:09 . 2008-03-15 21:28 333,532 -r-hsc--- C:\WINDOWS\system32\dllcache\mlqm.exe
2008-04-12 11:08 . 2008-04-12 11:08 <REP> d-------- C:\Program Files\VideoKey
2008-04-12 11:07 . 2008-04-12 11:07 90,344 --a------ C:\WINDOWS\system32\ipv6motp.dll
2008-04-12 11:01 . 2008-04-12 10:58 90,112 --a------ C:\WINDOWS\system32\36.tmp
2008-04-12 11:01 . 2008-04-12 11:01 12,288 --a------ C:\flvm.exe
2008-04-12 11:01 . 2008-04-12 11:01 10,000 --a------ C:\WINDOWS\system32\jfiehayd.dll
2008-04-12 11:01 . 2008-04-12 11:01 0 --a------ C:\d1.exe
2008-04-12 10:58 . 2008-04-12 11:01 90,112 --a------ C:\WINDOWS\system32\crehcjid.dll
2008-04-12 10:58 . 2008-04-21 00:04 16,768 --a------ C:\WINDOWS\system32\tcpip_patcher.sys
2008-04-12 10:58 . 2008-04-12 10:58 12,288 --a------ C:\flvm.exe~
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:57 . 2008-04-12 10:57 58,880 --a------ C:\prplu.exe
2008-04-12 10:57 . 2008-04-12 10:57 55,218 --a------ C:\WINDOWS\zeqbqwp.sys
2008-04-12 10:57 . 2008-04-12 10:58 44,544 --a------ C:\qbptb.exe~
2008-04-12 10:56 . 2008-04-12 10:56 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-04-12 10:56 . 2008-04-12 10:56 79,872 --a------ C:\xx7c7c3n5d8d.exe
2008-04-12 10:55 . 2008-04-21 00:05 561,298 --a------ C:\WINDOWS\Nokia_19_jpg.zip
2008-04-12 10:55 . 2007-10-05 15:18 561,152 -rahs---- C:\WINDOWS\LBTWiz.exe~
2008-04-12 10:55 . 2008-04-12 16:32 24,908 --a------ C:\WINDOWS\photo album.zip
2008-04-12 10:55 . 2008-04-12 10:55 22,016 --a------ C:\WINDOWS\system32\rdihost.dll
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 19:22 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Spyware-Secure
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\WINDOWS\cdmxtras
2008-03-23 15:22 . 2008-03-23 17:43 <REP> d-------- C:\Program Files\RXToolBar
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Need2Find
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Instafinder
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-23 15:21 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Warez
2008-03-23 15:20 . 2008-03-23 15:20 <REP> d-------- C:\WINDOWS\system32\P2P Networking
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Kazaa
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Altnet
2008-03-23 15:20 . 2008-03-23 15:20 77,312 --a------ C:\WINDOWS\system32\P2P Networking v126.cpl
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Program Files\ErrorSmart
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:59 . 2008-03-22 19:59 <REP> d-------- C:\Program Files\3B Software
2008-03-22 19:57 . 2008-04-20 23:33 <REP> d-------- C:\Program Files\GamesBar
2008-03-22 19:57 . 2008-04-12 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GamesBar
2008-03-22 19:28 . 2008-03-23 18:39 81 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-22 19:27 . 2008-03-22 19:27 <REP> d-------- C:\Program Files\YesMessenger
2008-03-22 19:27 . 2007-11-26 14:46 316 --a------ C:\WINDOWS\yes_messenger.ini
2008-03-22 19:21 . 2008-03-22 21:31 <REP> d-------- C:\Program Files\TorrentSoftware
2008-03-22 19:19 . 2008-03-22 19:19 <REP> d-------- C:\Program Files\TorrentQ
2008-03-22 19:15 . 2008-03-22 21:52 <REP> d-------- C:\Program Files\BitRoll
2008-03-22 19:12 . 2008-03-22 19:12 <REP> d-------- C:\Program Files\WinZix
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Program Files\NetPumper
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-12 10:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:59 . 2008-03-22 18:59 <REP> d-------- C:\Program Files\DivoPlayer
2008-03-22 18:53 . 2008-03-22 18:53 <REP> d-------- C:\Program Files\DivoCodec
2008-03-22 18:49 . 2008-03-22 18:50 <REP> d-------- C:\Program Files\BitGrabber
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 18:09 . 2008-03-22 18:09 <REP> d-------- C:\Program Files\BitDownload
2008-03-22 18:08 . 2008-03-22 18:08 <REP> d-------- C:\Program Files\Web Media Player
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-20 22:05 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-20 22:05 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2004-08-05 12:00 66,560 --sh--r C:\WINDOWS\system32\alm7tas.exe
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-20 22:04:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-20 22:05:11 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-20 22:05:11 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
2008-04-12 11:01 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= "C:\Program Files\RXToolBar\RXToolBar.dll" [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"= C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll [ ]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= C:\Program Files\RXToolBar\RXToolBar.dll [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[HKEY_CLASSES_ROOT\HostIE.Bho]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [2008-03-23 15:20 468152]
"Instafinder"="C:\Program Files\Instafinder\instafinder.exe" [2007-07-12 22:32 311296]
"LBTWiz.exe"="C:\WINDOWS\LBTWiz.exe" [2008-04-12 08:55 561152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"="C:\WINDOWS\system32\alm7tas.exe" [2004-08-05 14:00 66560]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"= C:\WINDOWS\system32\jfiehayd.dll [2008-04-12 11:01 10000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"rdihost"= {BF8DB406-0372-4793-AF11-13DF79B340E2} - rdihost.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
crehcjid.dll 2008-04-12 11:01 90112 C:\WINDOWS\system32\crehcjid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\alm7tas.exe"=
"C:\\WINDOWS\\system32\\dllcache\\mlqm.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-20 17:31:04 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 00:11:47
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Instafinder\instafinder.dll
.
Temps d'accomplissement: 2008-04-21 0:13:18
ComboFix-quarantined-files.txt 2008-04-20 22:13:09
Pre-Run: 7,955,701,760 octets libres
Post-Run: 7,948,750,848 octets libres
1443
Bien infecté, on continue.
Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.
[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]
Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.
[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]
Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
re
voici le rapport :
MSNFix 1.708
C:\Documents and Settings\BoobFan\Bureau\MSNFix\MSNFix
Fix exécuté le 21/04/2008 - 14:53:25,04 By BoobFan
mode normal
************************ Recherche les fichiers présents
... C:\??????.exe
... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\photo album.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\system32\rdihost.dll
... C:\WINDOWS\photo album.zip
... C:\WINDOWS\Nokia_19_jpg.zip
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
************************ Suppression des fichiers
/!\ ... C:\??????.exe
.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\photo album.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
/!\ ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\system32\rdihost.dll
.. OK ... C:\WINDOWS\photo album.zip
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
************************ Suppression des dossiers
/!\ ... C:\Program Files\Fichiers communs\Carlson\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\??????.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\qbptb.exe~] B8565614F4024CF64FFEBF9577AA0EF9
[C:\xx7c7c3n5d8d.exe] B7D16499F8FCFA406EF176F5457DAD1B
==> SVP merci d'envoyer le fichier C:\DOCUME~1\BoobFan\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 21042008_14570901.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
je ne peux tjr pas ouvrir de fenètre internet, mais c déjà bcp mieux![;)]( ";)")
merci
voici le rapport :
MSNFix 1.708
C:\Documents and Settings\BoobFan\Bureau\MSNFix\MSNFix
Fix exécuté le 21/04/2008 - 14:53:25,04 By BoobFan
mode normal
************************ Recherche les fichiers présents
... C:\??????.exe
... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\photo album.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\system32\rdihost.dll
... C:\WINDOWS\photo album.zip
... C:\WINDOWS\Nokia_19_jpg.zip
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
************************ Suppression des fichiers
/!\ ... C:\??????.exe
.. OK ... C:\DOCUME~1\ALLUSE~1\MENUDM~1\carlton
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\photo album.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
/!\ ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\system32\rdihost.dll
.. OK ... C:\WINDOWS\photo album.zip
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
************************ Suppression des dossiers
/!\ ... C:\Program Files\Fichiers communs\Carlson\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\??????.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\qbptb.exe~] B8565614F4024CF64FFEBF9577AA0EF9
[C:\xx7c7c3n5d8d.exe] B7D16499F8FCFA406EF176F5457DAD1B
==> SVP merci d'envoyer le fichier C:\DOCUME~1\BoobFan\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 21042008_14570901.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
je ne peux tjr pas ouvrir de fenètre internet, mais c déjà bcp mieux
merci
Voici :
ComboFix 08-04-20.2 - BoobFan 2008-04-21 20:54:13.4 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-21 to 2008-04-21 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:32 . 2008-04-12 16:32 <REP> d-------- C:\WINDOWS\photo album
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 16:31 . 2008-04-12 08:55 561,152 --a------ C:\WINDOWS\LBTWiz.MSNFix
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 11:13 . 2008-04-12 11:13 <REP> d-------- C:\Program Files\Files-Secure
2008-04-12 11:11 . 2008-03-15 21:27 389,120 -r-hsc--- C:\WINDOWS\system32\dllcache\wintcps.exe
2008-04-12 11:11 . 2008-04-12 11:11 10,240 --a------ C:\WINDOWS\system\bpmdm32.dll
2008-04-12 11:09 . 2008-03-15 21:28 333,532 -r-hsc--- C:\WINDOWS\system32\dllcache\mlqm.exe
2008-04-12 11:08 . 2008-04-12 11:08 <REP> d-------- C:\Program Files\VideoKey
2008-04-12 11:07 . 2008-04-12 11:07 90,344 --a------ C:\WINDOWS\system32\ipv6motp.dll
2008-04-12 11:01 . 2008-04-12 10:58 90,112 --a------ C:\WINDOWS\system32\36.tmp
2008-04-12 11:01 . 2008-04-12 11:01 10,000 --a------ C:\WINDOWS\system32\jfiehayd.dll
2008-04-12 11:01 . 2008-04-12 11:01 0 --a------ C:\d1.MSNFix
2008-04-12 10:58 . 2008-04-12 11:01 90,112 --a------ C:\WINDOWS\system32\crehcjid.dll
2008-04-12 10:58 . 2008-04-21 20:50 16,768 --a------ C:\WINDOWS\system32\tcpip_patcher.sys
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:57 . 2008-04-12 10:57 55,218 --a------ C:\WINDOWS\zeqbqwp.sys
2008-04-12 10:57 . 2008-04-12 10:58 44,544 --a------ C:\qbptb.exe~
2008-04-12 10:56 . 2008-04-21 14:54 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-04-12 10:56 . 2008-04-12 10:56 79,872 --a------ C:\xx7c7c3n5d8d.exe
2008-04-12 10:55 . 2008-04-21 12:13 561,298 --a------ C:\WINDOWS\Nokia_19_jpg.MSNFix
2008-04-12 10:55 . 2007-10-05 15:18 561,152 -rahs---- C:\WINDOWS\LBTWiz.exe~
2008-04-12 10:55 . 2008-04-12 16:32 24,908 --a------ C:\WINDOWS\photo album.MSNFix
2008-04-12 10:55 . 2008-04-12 10:55 22,016 --a------ C:\WINDOWS\system32\rdihost.MSNFix
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 19:22 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Spyware-Secure
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\WINDOWS\cdmxtras
2008-03-23 15:22 . 2008-03-23 17:43 <REP> d-------- C:\Program Files\RXToolBar
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Need2Find
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Instafinder
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-23 15:21 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Warez
2008-03-23 15:20 . 2008-03-23 15:20 <REP> d-------- C:\WINDOWS\system32\P2P Networking
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Kazaa
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Altnet
2008-03-23 15:20 . 2008-03-23 15:20 77,312 --a------ C:\WINDOWS\system32\P2P Networking v126.cpl
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Program Files\ErrorSmart
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:59 . 2008-03-22 19:59 <REP> d-------- C:\Program Files\3B Software
2008-03-22 19:57 . 2008-04-20 23:33 <REP> d-------- C:\Program Files\GamesBar
2008-03-22 19:57 . 2008-04-12 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GamesBar
2008-03-22 19:28 . 2008-03-23 18:39 81 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-22 19:27 . 2008-03-22 19:27 <REP> d-------- C:\Program Files\YesMessenger
2008-03-22 19:27 . 2007-11-26 14:46 316 --a------ C:\WINDOWS\yes_messenger.ini
2008-03-22 19:21 . 2008-03-22 21:31 <REP> d-------- C:\Program Files\TorrentSoftware
2008-03-22 19:19 . 2008-03-22 19:19 <REP> d-------- C:\Program Files\TorrentQ
2008-03-22 19:15 . 2008-03-22 21:52 <REP> d-------- C:\Program Files\BitRoll
2008-03-22 19:12 . 2008-03-22 19:12 <REP> d-------- C:\Program Files\WinZix
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Program Files\NetPumper
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-12 10:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:59 . 2008-03-22 18:59 <REP> d-------- C:\Program Files\DivoPlayer
2008-03-22 18:53 . 2008-03-22 18:53 <REP> d-------- C:\Program Files\DivoCodec
2008-03-22 18:49 . 2008-03-22 18:50 <REP> d-------- C:\Program Files\BitGrabber
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 18:09 . 2008-03-22 18:09 <REP> d-------- C:\Program Files\BitDownload
2008-03-22 18:08 . 2008-03-22 18:08 <REP> d-------- C:\Program Files\Web Media Player
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2004-08-05 12:00 66,560 --sh--r C:\WINDOWS\system32\alm7tas.exe
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 18:50:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
2008-04-12 11:01 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= "C:\Program Files\RXToolBar\RXToolBar.dll" [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"= C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll [ ]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= C:\Program Files\RXToolBar\RXToolBar.dll [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[HKEY_CLASSES_ROOT\HostIE.Bho]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [2008-03-23 15:20 468152]
"Instafinder"="C:\Program Files\Instafinder\instafinder.exe" [2007-07-12 22:32 311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"="C:\WINDOWS\system32\alm7tas.exe" [2004-08-05 14:00 66560]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"= C:\WINDOWS\system32\jfiehayd.dll [2008-04-12 11:01 10000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
crehcjid.dll 2008-04-12 11:01 90112 C:\WINDOWS\system32\crehcjid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\alm7tas.exe"=
"C:\\WINDOWS\\system32\\dllcache\\mlqm.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-21 12:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 20:57:32
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Instafinder\instafinder.dll
.
Temps d'accomplissement: 2008-04-21 20:59:14
ComboFix-quarantined-files.txt 2008-04-21 18:59:05
Pre-Run: 7,949,459,456 octets libres
Post-Run: 7,941,640,192 octets libres
221
ComboFix 08-04-20.2 - BoobFan 2008-04-21 20:54:13.4 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-21 to 2008-04-21 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:32 . 2008-04-12 16:32 <REP> d-------- C:\WINDOWS\photo album
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 16:31 . 2008-04-12 08:55 561,152 --a------ C:\WINDOWS\LBTWiz.MSNFix
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 11:13 . 2008-04-12 11:13 <REP> d-------- C:\Program Files\Files-Secure
2008-04-12 11:11 . 2008-03-15 21:27 389,120 -r-hsc--- C:\WINDOWS\system32\dllcache\wintcps.exe
2008-04-12 11:11 . 2008-04-12 11:11 10,240 --a------ C:\WINDOWS\system\bpmdm32.dll
2008-04-12 11:09 . 2008-03-15 21:28 333,532 -r-hsc--- C:\WINDOWS\system32\dllcache\mlqm.exe
2008-04-12 11:08 . 2008-04-12 11:08 <REP> d-------- C:\Program Files\VideoKey
2008-04-12 11:07 . 2008-04-12 11:07 90,344 --a------ C:\WINDOWS\system32\ipv6motp.dll
2008-04-12 11:01 . 2008-04-12 10:58 90,112 --a------ C:\WINDOWS\system32\36.tmp
2008-04-12 11:01 . 2008-04-12 11:01 10,000 --a------ C:\WINDOWS\system32\jfiehayd.dll
2008-04-12 11:01 . 2008-04-12 11:01 0 --a------ C:\d1.MSNFix
2008-04-12 10:58 . 2008-04-12 11:01 90,112 --a------ C:\WINDOWS\system32\crehcjid.dll
2008-04-12 10:58 . 2008-04-21 20:50 16,768 --a------ C:\WINDOWS\system32\tcpip_patcher.sys
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:57 . 2008-04-12 10:57 55,218 --a------ C:\WINDOWS\zeqbqwp.sys
2008-04-12 10:57 . 2008-04-12 10:58 44,544 --a------ C:\qbptb.exe~
2008-04-12 10:56 . 2008-04-21 14:54 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2008-04-12 10:56 . 2008-04-12 10:56 79,872 --a------ C:\xx7c7c3n5d8d.exe
2008-04-12 10:55 . 2008-04-21 12:13 561,298 --a------ C:\WINDOWS\Nokia_19_jpg.MSNFix
2008-04-12 10:55 . 2007-10-05 15:18 561,152 -rahs---- C:\WINDOWS\LBTWiz.exe~
2008-04-12 10:55 . 2008-04-12 16:32 24,908 --a------ C:\WINDOWS\photo album.MSNFix
2008-04-12 10:55 . 2008-04-12 10:55 22,016 --a------ C:\WINDOWS\system32\rdihost.MSNFix
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 19:22 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Spyware-Secure
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\WINDOWS\cdmxtras
2008-03-23 15:22 . 2008-03-23 17:43 <REP> d-------- C:\Program Files\RXToolBar
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Need2Find
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Instafinder
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-23 15:21 . 2008-03-30 18:04 <REP> d-------- C:\Program Files\Warez
2008-03-23 15:20 . 2008-03-23 15:20 <REP> d-------- C:\WINDOWS\system32\P2P Networking
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Kazaa
2008-03-23 15:20 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Altnet
2008-03-23 15:20 . 2008-03-23 15:20 77,312 --a------ C:\WINDOWS\system32\P2P Networking v126.cpl
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Program Files\ErrorSmart
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:59 . 2008-03-22 19:59 <REP> d-------- C:\Program Files\3B Software
2008-03-22 19:57 . 2008-04-20 23:33 <REP> d-------- C:\Program Files\GamesBar
2008-03-22 19:57 . 2008-04-12 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\GamesBar
2008-03-22 19:28 . 2008-03-23 18:39 81 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-22 19:27 . 2008-03-22 19:27 <REP> d-------- C:\Program Files\YesMessenger
2008-03-22 19:27 . 2007-11-26 14:46 316 --a------ C:\WINDOWS\yes_messenger.ini
2008-03-22 19:21 . 2008-03-22 21:31 <REP> d-------- C:\Program Files\TorrentSoftware
2008-03-22 19:19 . 2008-03-22 19:19 <REP> d-------- C:\Program Files\TorrentQ
2008-03-22 19:15 . 2008-03-22 21:52 <REP> d-------- C:\Program Files\BitRoll
2008-03-22 19:12 . 2008-03-22 19:12 <REP> d-------- C:\Program Files\WinZix
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Program Files\NetPumper
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-12 10:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:59 . 2008-03-22 18:59 <REP> d-------- C:\Program Files\DivoPlayer
2008-03-22 18:53 . 2008-03-22 18:53 <REP> d-------- C:\Program Files\DivoCodec
2008-03-22 18:49 . 2008-03-22 18:50 <REP> d-------- C:\Program Files\BitGrabber
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 18:09 . 2008-03-22 18:09 <REP> d-------- C:\Program Files\BitDownload
2008-03-22 18:08 . 2008-03-22 18:08 <REP> d-------- C:\Program Files\Web Media Player
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2004-08-05 12:00 66,560 --sh--r C:\WINDOWS\system32\alm7tas.exe
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 18:50:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
2008-04-12 11:01 10000 --a------ C:\WINDOWS\system32\jfiehayd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= "C:\Program Files\RXToolBar\RXToolBar.dll" [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"= C:\Program Files\Hotbar\bin\10.2.197.0\HostIE.dll [ ]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"= C:\Program Files\RXToolBar\RXToolBar.dll [2006-07-04 23:48 628440]
[HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[HKEY_CLASSES_ROOT\HostIE.Bho]
[HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [2008-03-23 15:20 468152]
"Instafinder"="C:\Program Files\Instafinder\instafinder.exe" [2007-07-12 22:32 311296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"="C:\WINDOWS\system32\alm7tas.exe" [2004-08-05 14:00 66560]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"= C:\WINDOWS\system32\jfiehayd.dll [2008-04-12 11:01 10000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
crehcjid.dll 2008-04-12 11:01 90112 C:\WINDOWS\system32\crehcjid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\alm7tas.exe"=
"C:\\WINDOWS\\system32\\dllcache\\mlqm.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-21 12:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 20:57:32
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\Instafinder\instafinder.dll
.
Temps d'accomplissement: 2008-04-21 20:59:14
ComboFix-quarantined-files.txt 2008-04-21 18:59:05
Pre-Run: 7,949,459,456 octets libres
Post-Run: 7,941,640,192 octets libres
221
On continue ![:)]( ":)")
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Faudrait vraiment se calmer sur le P2P et le X...
[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
![]()
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
File::
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
C:\WINDOWS\Nokia_19_jpg
C:\WINDOWS\LBTWiz.MSNFix
C:\WINDOWS\system32\dllcache\wintcps.exe
C:\WINDOWS\system\bpmdm32.dll
C:\WINDOWS\system32\dllcache\mlqm.exe
C:\WINDOWS\system32\ipv6motp.dll
C:\WINDOWS\system32\36.tmp
C:\WINDOWS\system32\jfiehayd.dll
C:\d1.MSNFix
C:\WINDOWS\system32\crehcjid.dll
C:\WINDOWS\system32\tcpip_patcher.sys
C:\WINDOWS\zeqbqwp.sys
C:\qbptb.exe~
C:\xx7c7c3n5d8d.exe
C:\WINDOWS\Nokia_19_jpg.MSNFix
C:\WINDOWS\LBTWiz.exe~
C:\WINDOWS\photo album.MSNFix
C:\WINDOWS\system32\rdihost.MSNFix
C:\WINDOWS\system32\P2P Networking v126.cpl
C:\WINDOWS\yesmessenger.ini
C:\WINDOWS\yes_messenger.ini
C:\WINDOWS\system32\alm7tas.exe
Folder::
C:\WINDOWS\photo album
C:\Program Files\Files-Secure
C:\Program Files\VideoKey
C:\Program Files\Fichiers communs\Carlson
C:\Program Files\Spyware-Secure
C:\WINDOWS\cdmxtras
C:\Program Files\RXToolBar
C:\Program Files\Need2Find
C:\Program Files\Instafinder
C:\Program Files\Warez
C:\WINDOWS\system32\P2P Networking
C:\Program Files\Kazaa
C:\Program Files\Altnet
C:\Program Files\ErrorSmart
C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
C:\Program Files\3B Software
C:\Program Files\GamesBar
C:\Documents and Settings\All Users\Application Data\GamesBar
C:\Program Files\YesMessenger
C:\Program Files\TorrentSoftware
C:\Program Files\TorrentQ
C:\Program Files\BitRoll
C:\Program Files\WinZix
C:\Program Files\NetPumper
C:\Documents and Settings\BoobFan\Application Data\NetPumper
C:\Program Files\DivoPlayer
C:\Program Files\DivoCodec
C:\Program Files\BitGrabber
C:\Program Files\BitDownload
C:\Program Files\Web Media Player
C:\Program Files\Hotbar
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"=-
[-HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[-HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"=-
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"=-
[-HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[-HKEY_CLASSES_ROOT\HostIE.Bho.1]
[-HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[-HKEY_CLASSES_ROOT\HostIE.Bho]
[-HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[-HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking-
"Instafinder"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"=-
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
C:\WINDOWS\Nokia_19_jpg
C:\WINDOWS\LBTWiz.MSNFix
C:\WINDOWS\system32\dllcache\wintcps.exe
C:\WINDOWS\system\bpmdm32.dll
C:\WINDOWS\system32\dllcache\mlqm.exe
C:\WINDOWS\system32\ipv6motp.dll
C:\WINDOWS\system32\36.tmp
C:\WINDOWS\system32\jfiehayd.dll
C:\d1.MSNFix
C:\WINDOWS\system32\crehcjid.dll
C:\WINDOWS\system32\tcpip_patcher.sys
C:\WINDOWS\zeqbqwp.sys
C:\qbptb.exe~
C:\xx7c7c3n5d8d.exe
C:\WINDOWS\Nokia_19_jpg.MSNFix
C:\WINDOWS\LBTWiz.exe~
C:\WINDOWS\photo album.MSNFix
C:\WINDOWS\system32\rdihost.MSNFix
C:\WINDOWS\system32\P2P Networking v126.cpl
C:\WINDOWS\yesmessenger.ini
C:\WINDOWS\yes_messenger.ini
C:\WINDOWS\system32\alm7tas.exe
Folder::
C:\WINDOWS\photo album
C:\Program Files\Files-Secure
C:\Program Files\VideoKey
C:\Program Files\Fichiers communs\Carlson
C:\Program Files\Spyware-Secure
C:\WINDOWS\cdmxtras
C:\Program Files\RXToolBar
C:\Program Files\Need2Find
C:\Program Files\Instafinder
C:\Program Files\Warez
C:\WINDOWS\system32\P2P Networking
C:\Program Files\Kazaa
C:\Program Files\Altnet
C:\Program Files\ErrorSmart
C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
C:\Program Files\3B Software
C:\Program Files\GamesBar
C:\Documents and Settings\All Users\Application Data\GamesBar
C:\Program Files\YesMessenger
C:\Program Files\TorrentSoftware
C:\Program Files\TorrentQ
C:\Program Files\BitRoll
C:\Program Files\WinZix
C:\Program Files\NetPumper
C:\Documents and Settings\BoobFan\Application Data\NetPumper
C:\Program Files\DivoPlayer
C:\Program Files\DivoCodec
C:\Program Files\BitGrabber
C:\Program Files\BitDownload
C:\Program Files\Web Media Player
C:\Program Files\Hotbar
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c5af49a2-94f3-42bd-f434-2604812c897d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"=-
[-HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[-HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"=-
"{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}"=-
[-HKEY_CLASSES_ROOT\clsid\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}]
[-HKEY_CLASSES_ROOT\HostIE.Bho.1]
[-HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}]
[-HKEY_CLASSES_ROOT\HostIE.Bho]
[-HKEY_CLASSES_ROOT\clsid\{25d8bacf-3de2-4b48-ae22-d659b8d835b0}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo.1]
[-HKEY_CLASSES_ROOT\TypeLib\{66B20295-DC57-42B6-ACDF-52D916E86464}]
[-HKEY_CLASSES_ROOT\RXToolBar.TBInfo]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking-
"Instafinder"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Internet"=-
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{C5AF49A2-94F3-42BD-F434-2604812C897D}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crehcjid]
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
re
le voici :
ComboFix 08-04-20.2 - BoobFan 2008-04-22 14:37:46.6 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\d1.MSNFix
C:\Documents and Settings\All Users\Application Data\GamesBar
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\oberonconfig.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\obSearchHistory.dat
C:\Documents and Settings\All Users\Application Data\GamesBar\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\word.gif
C:\Program Files\3B Software
C:\Program Files\3B Software\Common\Live Update\wcomupd.exe
C:\Program Files\3B Software\Common\Registry\wcomrt.exe
C:\Program Files\3B Software\Common\Scheduler\settings.ini
C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe
C:\Program Files\3B Software\Registry Repair Pro\3BLogo.gif
C:\Program Files\3B Software\Registry Repair Pro\Boost Your PC Performance!.url
C:\Program Files\3B Software\Registry Repair Pro\Boost.ico
C:\Program Files\3B Software\Registry Repair Pro\English.lang
C:\Program Files\3B Software\Registry Repair Pro\French.lang
C:\Program Files\3B Software\Registry Repair Pro\German.lang
C:\Program Files\3B Software\Registry Repair Pro\modules.dat
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.chm
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.exe
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.ini
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.log
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.ref
C:\Program Files\3B Software\Registry Repair Pro\Spanish.lang
C:\Program Files\3B Software\Registry Repair Pro\Support.html
C:\Program Files\3B Software\Registry Repair Pro\TV.ico
C:\Program Files\3B Software\Registry Repair Pro\unins000.dat
C:\Program Files\3B Software\Registry Repair Pro\unins000.exe
C:\Program Files\3B Software\Registry Repair Pro\Watch Live TV on Your PC!.url
C:\Program Files\Altnet
C:\Program Files\Altnet\DBBackup\Sigfiles.db
C:\Program Files\Altnet\Download Manager\adm25.dll
C:\Program Files\Altnet\Download Manager\adm4.dll
C:\Program Files\Altnet\Download Manager\adm4005.exe
C:\Program Files\Altnet\Download Manager\admdata.dll
C:\Program Files\Altnet\Download Manager\admdloader.dll
C:\Program Files\Altnet\Download Manager\admfdi.dll
C:\Program Files\Altnet\Download Manager\admprog.dll
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe
C:\Program Files\Altnet\Download Manager\asm.exe
C:\Program Files\Altnet\Download Manager\asmend.exe
C:\Program Files\Altnet\Download Manager\asmps.dll
C:\Program Files\Altnet\Download Manager\dminfo3.cab
C:\Program Files\Altnet\Download Manager\dminstall7.cab
C:\Program Files\Altnet\Download Manager\dmsetup.bmp
C:\Program Files\Altnet\Download Manager\dmsetupbig.bmp
C:\Program Files\Altnet\Download Manager\jsinstall.cab
C:\Program Files\Altnet\Download Manager\jslegals.txt
C:\Program Files\Altnet\Download Manager\selectdir.txt
C:\Program Files\Altnet\Download Manager\selectdir1st.txt
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload Setup Components
C:\Program Files\BitGrabber
C:\Program Files\BitGrabber\BitGrabber.exe
C:\Program Files\BitGrabber\minime.exe
C:\Program Files\BitGrabber\session.store
C:\Program Files\BitGrabber\settings.ini
C:\Program Files\BitGrabber\settings.stp
C:\Program Files\BitGrabber\SkinCrafterDll.dll
C:\Program Files\BitGrabber\Skins\Quadro.skf
C:\Program Files\BitGrabber\state.dht
C:\Program Files\BitGrabber\TorrentManager.dll
C:\Program Files\BitGrabber\unins000.dat
C:\Program Files\BitGrabber\unins000.exe
C:\Program Files\BitRoll
C:\Program Files\BitRoll\BitRoll.exe
C:\Program Files\BitRoll\minime.exe
C:\Program Files\BitRoll\session.store
C:\Program Files\BitRoll\settings.ini
C:\Program Files\BitRoll\settings.stp
C:\Program Files\BitRoll\SkinCrafterDll.dll
C:\Program Files\BitRoll\Skins\Flexi.skf
C:\Program Files\BitRoll\state.dht
C:\Program Files\BitRoll\TorrentManager.dll
C:\Program Files\BitRoll\unins000.dat
C:\Program Files\BitRoll\unins000.exe
C:\Program Files\DivoCodec
C:\Program Files\DivoCodec\minime.exe
C:\Program Files\DivoCodec\settings.stp
C:\Program Files\DivoCodec\unins000.dat
C:\Program Files\DivoCodec\unins000.exe
C:\Program Files\DivoCodec\WakeSplitter.ax
C:\Program Files\DivoPlayer
C:\Program Files\DivoPlayer\DivoPlayer.exe
C:\Program Files\DivoPlayer\minime.exe
C:\Program Files\DivoPlayer\settings.ini
C:\Program Files\DivoPlayer\settings.stp
C:\Program Files\DivoPlayer\SkinCrafterDll.dll
C:\Program Files\DivoPlayer\skins\Flexi.skf
C:\Program Files\DivoPlayer\test.gif
C:\Program Files\DivoPlayer\unins000.dat
C:\Program Files\DivoPlayer\unins000.exe
C:\Program Files\ErrorSmart
C:\Program Files\ErrorSmart\DataBase.ref
C:\Program Files\ErrorSmart\ErrorSmart.exe
C:\Program Files\ErrorSmart\ErrorSmart.url
C:\Program Files\ErrorSmart\Launcher.exe
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.MFC\mfc80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.MFC\Microsoft.VC80.MFC.manifest
C:\Program Files\ErrorSmart\RegCleaner.dll
C:\Program Files\ErrorSmart\TCL.dll
C:\Program Files\ErrorSmart\zlib.dll
C:\Program Files\Fichiers communs\Carlson
C:\Program Files\Fichiers communs\Carlson\carlton.MSNFix
C:\Program Files\Files-Secure
C:\Program Files\Files-Secure\secure.db1
C:\Program Files\Files-Secure\secure.db2
C:\Program Files\Files-Secure\secure.db3
C:\Program Files\Files-Secure\secure.db4
C:\Program Files\Files-Secure\secure.db5
C:\Program Files\Files-Secure\secure.exe
C:\Program Files\Files-Secure\Uninstall.exe
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-English.ini
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe
C:\Program Files\Instafinder
C:\Program Files\Instafinder\instafinder.dll
C:\Program Files\Instafinder\instafinder.exe
C:\Program Files\Instafinder\uninstall.exe
C:\Program Files\Kazaa
C:\Program Files\Kazaa\ammp3.dll
C:\Program Files\Kazaa\bdupd.dll
C:\Program Files\Kazaa\BGP2P\bdcore.dll
C:\Program Files\Kazaa\BGP2P\libfn.dll
C:\Program Files\Kazaa\BGP2P\plugins\plugins.cab.cab
C:\Program Files\Kazaa\BGP2P\versions.dat
C:\Program Files\Kazaa\CKGFRs.dll
C:\Program Files\Kazaa\Db\config.cab
C:\Program Files\Kazaa\Db\d01.cab
C:\Program Files\Kazaa\Db\d02.cab
C:\Program Files\Kazaa\Db\data1024.dbb
C:\Program Files\Kazaa\Db\data256.dbb
C:\Program Files\Kazaa\Db\k7tqkgkk_tssv125.dat
C:\Program Files\Kazaa\Db\np.tmp
C:\Program Files\Kazaa\Help\arrow.gif
C:\Program Files\Kazaa\Help\arrow_sml.gif
C:\Program Files\Kazaa\Help\background.gif
C:\Program Files\Kazaa\Help\h_mykazaa.gif
C:\Program Files\Kazaa\Help\h_myMedia.gif
C:\Program Files\Kazaa\Help\h_myplaylists.gif
C:\Program Files\Kazaa\Help\icon_gold_kap.gif
C:\Program Files\Kazaa\Help\myKapsules.gif
C:\Program Files\Kazaa\Help\mykapsules.htm
C:\Program Files\Kazaa\Help\mykazaa.css
C:\Program Files\Kazaa\Help\mykazaa.htm
C:\Program Files\Kazaa\Help\mymedia.htm
C:\Program Files\Kazaa\Help\myplaylists.htm
C:\Program Files\Kazaa\Help\spacer.gif
C:\Program Files\Kazaa\kazaa.exe
C:\Program Files\Kazaa\Kazaa.url
C:\Program Files\Kazaa\kzscan.dll
C:\Program Files\Kazaa\libcurl.dll
C:\Program Files\Kazaa\libeay32.dll
C:\Program Files\Kazaa\libssl32.dll
C:\Program Files\Kazaa\My Channels\Bin\crazyplaygames.kcd
C:\Program Files\Kazaa\My Channels\Bin\dating.kcd
C:\Program Files\Kazaa\My Channels\Bin\emerging_artists.kcd
C:\Program Files\Kazaa\My Channels\Bin\g_spot.kcd
C:\Program Files\Kazaa\My Channels\Bin\onelove_browse.kcd
C:\Program Files\Kazaa\My Channels\Bin\ringtonechannel.kcd
C:\Program Files\Kazaa\My Channels\Bin\rshiphop.kcd
C:\Program Files\Kazaa\My Channels\Bin\skilledgames.kcd
C:\Program Files\Kazaa\My Channels\Images\crazyplaygames.bmp
C:\Program Files\Kazaa\My Channels\Images\dating.bmp
C:\Program Files\Kazaa\My Channels\Images\emerging_artists.bmp
C:\Program Files\Kazaa\My Channels\Images\g_spot.bmp
C:\Program Files\Kazaa\My Channels\Images\onelove_browse.bmp
C:\Program Files\Kazaa\My Channels\Images\ringtonechannel.bmp
C:\Program Files\Kazaa\My Channels\Images\rshiphop_browse.bmp
C:\Program Files\Kazaa\My Channels\Images\skilledgames.bmp
C:\Program Files\Kazaa\My Shared Folder\Audio - Alternative Rock.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Barrington Levy.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Electronica.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Fine Arts Militia Album.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Folk.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Funk.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Hip Hop.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Jazz.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Pop Rock.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Public Enemy Revolverlution Album.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - R&B.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Reggae.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - The Honey Palace Album.kpl
C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe
C:\Program Files\Kazaa\myshare.ico
C:\Program Files\Kazaa\Skins\Black Glass\License.txt
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_slider.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_sliderThumb.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_sliderThumb_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\skin.xml
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btm.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btmLeft.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btmright.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_left.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_right.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_top.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_topleft.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_topright.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_sel.bmp
C:\Program Files\Kazaa\ssleay32.dll
C:\Program Files\Kazaa\TopSearch.dll
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar\1.bin\N2FFXTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\N2NTSTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL
C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL
C:\Program Files\Need2Find\bar\1.bin\PARTNER.DAT
C:\Program Files\Need2Find\bar\Cache\files.ini
C:\Program Files\Need2Find\bar\History\search
C:\Program Files\Need2Find\bar\Settings\prevcfg.htm
C:\Program Files\NetPumper
C:\Program Files\NetPumper\AddUrl.htm
C:\Program Files\NetPumper\help\compat.htm
C:\Program Files\NetPumper\help\details.htm
C:\Program Files\NetPumper\help\features.htm
C:\Program Files\NetPumper\help\images\apllimit.gif
C:\Program Files\NetPumper\help\images\bandwidthpanel.gif
C:\Program Files\NetPumper\help\images\buttons.gif
C:\Program Files\NetPumper\help\images\cmdadd.gif
C:\Program Files\NetPumper\help\images\cmdaddtoschedule.gif
C:\Program Files\NetPumper\help\images\cmddetails.gif
C:\Program Files\NetPumper\help\images\cmdeditschedule.gif
C:\Program Files\NetPumper\help\images\cmdfolder.gif
C:\Program Files\NetPumper\help\images\cmdhelp.gif
C:\Program Files\NetPumper\help\images\cmdopen.gif
C:\Program Files\NetPumper\help\images\cmdopenfolder.gif
C:\Program Files\NetPumper\help\images\cmdpause.gif
C:\Program Files\NetPumper\help\images\cmdprefs.gif
C:\Program Files\NetPumper\help\images\cmdremove.gif
C:\Program Files\NetPumper\help\images\cmdresume.gif
C:\Program Files\NetPumper\help\images\cmdselectall.gif
C:\Program Files\NetPumper\help\images\detailwin-wide.gif
C:\Program Files\NetPumper\help\images\detailwin.gif
C:\Program Files\NetPumper\help\images\droptoschedule.gif
C:\Program Files\NetPumper\help\images\editbandwidth.gif
C:\Program Files\NetPumper\help\images\ignlimit.gif
C:\Program Files\NetPumper\help\images\limserver.gif
C:\Program Files\NetPumper\help\images\limservergold.gif
C:\Program Files\NetPumper\help\images\limuser.gif
C:\Program Files\NetPumper\help\images\mainwin.gif
C:\Program Files\NetPumper\help\images\moveicons.gif
C:\Program Files\NetPumper\help\images\prefw-bandwidth.gif
C:\Program Files\NetPumper\help\images\prefw-connections.gif
C:\Program Files\NetPumper\help\images\prefw-general.gif
C:\Program Files\NetPumper\help\images\prefw-login.gif
C:\Program Files\NetPumper\help\images\prefw-monitoring.gif
C:\Program Files\NetPumper\help\images\prefw-proxy-ftp.gif
C:\Program Files\NetPumper\help\images\prefw-proxy-http.gif
C:\Program Files\NetPumper\help\images\register-1.gif
C:\Program Files\NetPumper\help\images\register-2.gif
C:\Program Files\NetPumper\help\images\register-3-1.gif
C:\Program Files\NetPumper\help\images\register-3-2.gif
C:\Program Files\NetPumper\help\images\schedulewin.gif
C:\Program Files\NetPumper\help\images\scnoresume.gif
C:\Program Files\NetPumper\help\images\scresumes.gif
C:\Program Files\NetPumper\help\images\scunk.gif
C:\Program Files\NetPumper\help\images\stanalyzing.gif
C:\Program Files\NetPumper\help\images\starticon.gif
C:\Program Files\NetPumper\help\images\stcompleted.gif
C:\Program Files\NetPumper\help\images\stfatal.gif
C:\Program Files\NetPumper\help\images\stinpro.gif
C:\Program Files\NetPumper\help\images\stnhelp.gif
C:\Program Files\NetPumper\help\images\stopicon.gif
C:\Program Files\NetPumper\help\images\stpaused.gif
C:\Program Files\NetPumper\help\images\stqueued.gif
C:\Program Files\NetPumper\help\images\stretrying.gif
C:\Program Files\NetPumper\help\images\stscheduled.gif
C:\Program Files\NetPumper\help\images\summary.gif
C:\Program Files\NetPumper\help\images\throtdn.gif
C:\Program Files\NetPumper\help\images\zoombtn.gif
C:\Program Files\NetPumper\help\index.htm
C:\Program Files\NetPumper\help\mainwin.htm
C:\Program Files\NetPumper\help\nphelp.css
C:\Program Files\NetPumper\help\prefwindow.htm
C:\Program Files\NetPumper\help\register.htm
C:\Program Files\NetPumper\help\schedwin.htm
C:\Program Files\NetPumper\help\tips.htm
C:\Program Files\NetPumper\NetPumper.exe
C:\Program Files\NetPumper\NetPumperIEProxy.exe
C:\Program Files\NetPumper\NetPumperNNProxy.dll
C:\Program Files\NetPumper\NPNetPumper_Application.dll
C:\Program Files\NetPumper\NPNetPumper_Audio.dll
C:\Program Files\NetPumper\NPNetPumper_Video.dll
C:\Program Files\NetPumper\README.txt
C:\Program Files\NetPumper\shutdown.exe
C:\Program Files\NetPumper\TurnLog.exe
C:\Program Files\NetPumper\unins000.dat
C:\Program Files\NetPumper\unins000.exe
C:\Program Files\NetPumper\x.bat
C:\Program Files\NetPumper\ZM\minime.exe
C:\Program Files\RXToolBar
C:\Program Files\RXToolBar\CacheCatalog.rx
C:\Program Files\RXToolBar\graphics\additional.gif
C:\Program Files\RXToolBar\graphics\additional_active.gif
C:\Program Files\RXToolBar\graphics\background.jpg
C:\Program Files\RXToolBar\graphics\blue_hr_horz.GIF
C:\Program Files\RXToolBar\graphics\gray_hr_horz.GIF
C:\Program Files\RXToolBar\graphics\thumbtack.gif
C:\Program Files\RXToolBar\graphics\thumbtack_active.gif
C:\Program Files\RXToolBar\graphics\thumbtack_click.gif
C:\Program Files\RXToolBar\HTML\content.htm
C:\Program Files\RXToolBar\HTML\main.htm
C:\Program Files\RXToolBar\rx.xml
C:\Program Files\RXToolBar\rxtoolbar.cfg
C:\Program Files\RXToolBar\RXToolBar.dll
C:\Program Files\RXToolBar\rxwebsearches.xsl
C:\Program Files\RXToolBar\sfcont.bin
C:\Program Files\RXToolBar\sfcont.dll
C:\Program Files\Spyware-Secure
C:\Program Files\Spyware-Secure\config.s3db
C:\Program Files\Spyware-Secure\Gfx_fr.bin
C:\Program Files\Spyware-Secure\help\help_Trial_FR.zip
C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_intro.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_menu.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\file.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_f.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_o.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\fleche.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\folder.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\dowload-file-antispyware.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\menu.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\scstep2.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\key.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\menu.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\support.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\title-hepfile.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\index.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\menu3.js
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\3differentscan.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\contactus.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\found-objects.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\lexic.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\navigtabs.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\quarantine.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\register.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\spy.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_coud.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_droit.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_vert.gif
C:\Program Files\Spyware-Secure\language
C:\Program Files\Spyware-Secure\nbmw
C:\Program Files\Spyware-Secure\quarantine.s3db
C:\Program Files\Spyware-Secure\resources\cookies_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dic
C:\Program Files\Spyware-Secure\resources\filesExt_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesMulti_1-12.idx
C:\Program Files\Spyware-Secure\resources\filesSimple_1-12.idx
C:\Program Files\Spyware-Secure\resources\malwaresDB_1-12
C:\Program Files\Spyware-Secure\resources\register_1-12.dat
C:\Program Files\Spyware-Secure\skin
C:\Program Files\Spyware-Secure\Spyware-Secure.url
C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
C:\Program Files\Spyware-Secure\sqlite3.dll
C:\Program Files\Spyware-Secure\uninst.exe
C:\Program Files\Spyware-Secure\unrar.dll
C:\Program Files\TorrentQ
C:\Program Files\TorrentSoftware
C:\Program Files\TorrentSoftware\minime.exe
C:\Program Files\TorrentSoftware\session.store
C:\Program Files\TorrentSoftware\settings.ini
C:\Program Files\TorrentSoftware\settings.stp
C:\Program Files\TorrentSoftware\SkinCrafterDll.dll
C:\Program Files\TorrentSoftware\Skins\WinterBlues.skf
C:\Program Files\TorrentSoftware\state.dht
C:\Program Files\TorrentSoftware\TorrentManager.dll
C:\Program Files\TorrentSoftware\TorrentSoftware.exe
C:\Program Files\TorrentSoftware\unins000.dat
C:\Program Files\TorrentSoftware\unins000.exe
C:\Program Files\VideoKey
C:\Program Files\VideoKey\Uninstall.exe
C:\Program Files\Warez
C:\Program Files\Warez\EndProg.exe
C:\Program Files\Warez\iphox_downloader_p.exe
C:\Program Files\Warez\Lang\English.lng
C:\Program Files\Warez\Lang\Russian.lng
C:\Program Files\Warez\log\Warez.log
C:\Program Files\Warez\log\Warez.log.old
C:\Program Files\Warez\Media\FileComplete.wav
C:\Program Files\Warez\player.dll
C:\Program Files\Warez\plug-ins\CDBurningPlugin.bpl
C:\Program Files\Warez\plug-ins\CDRipper.bpl
C:\Program Files\Warez\plug-ins\ClosestSearch.bpl
C:\Program Files\Warez\plug-ins\Notification.bpl
C:\Program Files\Warez\plug-ins\PeerInfoSearch.bpl
C:\Program Files\Warez\plug-ins\rip\akrip32.dll
C:\Program Files\Warez\plug-ins\rip\cdcache.dll
C:\Program Files\Warez\plug-ins\rip\lame_enc.dll
C:\Program Files\Warez\plug-ins\rip\Rip.dll
C:\Program Files\Warez\plug-ins\rip\vorb_enc.dll
C:\Program Files\Warez\plug-ins\rip\xtenc.dll
C:\Program Files\Warez\plug-ins\Search.bpl
C:\Program Files\Warez\plug-ins\VirtualTracker.bpl
C:\Program Files\Warez\RegExt.exe
C:\Program Files\Warez\rtl70.bpl
C:\Program Files\Warez\Skin\Aqua.skn
C:\Program Files\Warez\Skin\Default.skn
C:\Program Files\Warez\Skin\Desert.skn
C:\Program Files\Warez\Skin\Forest.skn
C:\Program Files\Warez\Skin\Sea.skn
C:\Program Files\Warez\tcpip_patcher.sys
C:\Program Files\Warez\Uninstall.exe
C:\Program Files\Warez\Units.bpl
C:\Program Files\Warez\vcl70.bpl
C:\Program Files\Warez\vclshlctrls70.bpl
C:\Program Files\Warez\vclx70.bpl
C:\Program Files\Warez\VersionChecker.exe
C:\Program Files\Warez\Warez.exe
C:\Program Files\Warez\Warez.ico
C:\Program Files\Warez\WinSkinD7R.bpl
C:\Program Files\Web Media Player
C:\Program Files\Web Media Player\ComDlg32.oca
C:\Program Files\Web Media Player\COMDLG32.OCX
C:\Program Files\Web Media Player\Control.oca
C:\Program Files\Web Media Player\Control.ocx
C:\Program Files\Web Media Player\images\-10.jpg
C:\Program Files\Web Media Player\images\13h tf1.jpg
C:\Program Files\Web Media Player\images\20h tf1.jpg
C:\Program Files\Web Media Player\images\20h10pét.gif
C:\Program Files\Web Media Player\images\48 fm.jpg
C:\Program Files\Web Media Player\images\6minutes_soir.jpg
C:\Program Files\Web Media Player\images\7 FM.jpg
C:\Program Files\Web Media Player\images\about.gif
C:\Program Files\Web Media Player\images\about.jpg
C:\Program Files\Web Media Player\images\actualisation.jpg
C:\Program Files\Web Media Player\images\actv.JPG
C:\Program Files\Web Media Player\images\ado-fm.bmp
C:\Program Files\Web Media Player\images\africa hit tv.jpg
C:\Program Files\Web Media Player\images\aktiv radio.gif
C:\Program Files\Web Media Player\images\alouette.jpg
C:\Program Files\Web Media Player\images\alpes 1 grenoble.gif
C:\Program Files\Web Media Player\images\alternantes.gif
C:\Program Files\Web Media Player\images\antipode.jpg
C:\Program Files\Web Media Player\images\arrow_se.gif
C:\Program Files\Web Media Player\images\art channel.jpg
C:\Program Files\Web Media Player\images\astrocenter.jpg
C:\Program Files\Web Media Player\images\bbc.bmp
C:\Program Files\Web Media Player\images\bbc.JPG
C:\Program Files\Web Media Player\images\bel rtl.jpg
C:\Program Files\Web Media Player\images\berbere.gif
C:\Program Files\Web Media Player\images\bfm tv.jpg
C:\Program Files\Web Media Player\images\bfm.JPG
C:\Program Files\Web Media Player\images\bloomberg.gif
C:\Program Files\Web Media Player\images\boardriders TV.JPG
C:\Program Files\Web Media Player\images\boite_questions.jpg
C:\Program Files\Web Media Player\images\booster.GIF
C:\Program Files\Web Media Player\images\brf1.gif
C:\Program Files\Web Media Player\images\c9 tv.gif
C:\Program Files\Web Media Player\images\calais tv.JPG
C:\Program Files\Web Media Player\images\canal zoom.jpg
C:\Program Files\Web Media Player\images\cash tv.jpg
C:\Program Files\Web Media Player\images\casque msn.JPG
C:\Program Files\Web Media Player\images\catalogne.gif
C:\Program Files\Web Media Player\images\check.gif
C:\Program Files\Web Media Player\images\chériefm.JPG
C:\Program Files\Web Media Player\images\ciel radio.jpg
C:\Program Files\Web Media Player\images\cityradio.jpg
C:\Program Files\Web Media Player\images\clap tv.jpg
C:\Program Files\Web Media Player\images\classic 21.jpg
C:\Program Files\Web Media Player\images\clermont 1ere.jpg
C:\Program Files\Web Media Player\images\clickrock.jpg
C:\Program Files\Web Media Player\images\clé.jpg
C:\Program Files\Web Media Player\images\cnn.jpg
C:\Program Files\Web Media Player\images\comédie.jpg
C:\Program Files\Web Media Player\images\config.gif
C:\Program Files\Web Media Player\images\config.jpg
C:\Program Files\Web Media Player\images\contact.jpg
C:\Program Files\Web Media Player\images\Cool FM.gif
C:\Program Files\Web Media Player\images\Copie de wmp.ico
C:\Program Files\Web Media Player\images\crock fm.jpg
C:\Program Files\Web Media Player\images\crooze fm.gif
C:\Program Files\Web Media Player\images\cybertika.gif
C:\Program Files\Web Media Player\images\dble fleche.gif
C:\Program Files\Web Media Player\images\delta fm.gif
C:\Program Files\Web Media Player\images\DIFE.JPG
C:\Program Files\Web Media Player\images\direct8.jpg
C:\Program Files\Web Media Player\images\discofunk.jpg
C:\Program Files\Web Media Player\images\dj radio.gif
C:\Program Files\Web Media Player\images\domino tv.JPG
C:\Program Files\Web Media Player\images\drapeau espagnol.jpg
C:\Program Files\Web Media Player\images\drapeau_anglais.jpg
C:\Program Files\Web Media Player\images\drapeau_néerlandais.jpg
C:\Program Files\Web Media Player\images\E_Music.gif
C:\Program Files\Web Media Player\images\ecclesia.gif
C:\Program Files\Web Media Player\images\ecn.gif
C:\Program Files\Web Media Player\images\eng.jpg
C:\Program Files\Web Media Player\images\equipetv.gif
C:\Program Files\Web Media Player\images\espace fm.gif
C:\Program Files\Web Media Player\images\est fm.gif
C:\Program Files\Web Media Player\images\euronews.JPG
C:\Program Files\Web Media Player\images\Europe 2.gif
C:\Program Files\Web Media Player\images\europe1.JPG
C:\Program Files\Web Media Player\images\europe2 rock uk.gif
C:\Program Files\Web Media Player\images\europe2 rock us.gif
C:\Program Files\Web Media Player\images\europe2.JPG
C:\Program Files\Web Media Player\images\eurosport.jpg
C:\Program Files\Web Media Player\images\eux tv.jpg
C:\Program Files\Web Media Player\images\evasion fm.gif
C:\Program Files\Web Media Player\images\explorer.jpg
C:\Program Files\Web Media Player\images\FG-radio.gif
C:\Program Files\Web Media Player\images\flash fm.gif
C:\Program Files\Web Media Player\images\fleche bas (downnload).gif
C:\Program Files\Web Media Player\images\fleche bas.GIF
C:\Program Files\Web Media Player\images\fleche bas.JPG
C:\Program Files\Web Media Player\images\fleche haut.gif
C:\Program Files\Web Media Player\images\fleche haut.jpg
C:\Program Files\Web Media Player\images\fleche lecture.jpg
C:\Program Files\Web Media Player\images\fleche xp droite.gif
C:\Program Files\Web Media Player\images\fm goud.gif
C:\Program Files\Web Media Player\images\forum.JPG
C:\Program Files\Web Media Player\images\fox news.jpg
C:\Program Files\Web Media Player\images\fr2.jpg
C:\Program Files\Web Media Player\images\fr2JT13h.JPG
C:\Program Files\Web Media Player\images\fr2JT8h.JPG
C:\Program Files\Web Media Player\images\fr2soirJT.JPG
C:\Program Files\Web Media Player\images\fr3.jpg
C:\Program Files\Web Media Player\images\fr3JTmidi.JPG
C:\Program Files\Web Media Player\images\fr3JTsoir.JPG
C:\Program Files\Web Media Player\images\france-info.JPG
C:\Program Files\Web Media Player\images\france 24.jpg
C:\Program Files\Web Media Player\images\france bleu nat.bmp
C:\Program Files\Web Media Player\images\france culture.jpg
C:\Program Files\Web Media Player\images\france2.gif
C:\Program Files\Web Media Player\images\france3.jpg
C:\Program Files\Web Media Player\images\franrock.gif
C:\Program Files\Web Media Player\images\frbleu.JPG
C:\Program Files\Web Media Player\images\frequence horizon.gif
C:\Program Files\Web Media Player\images\frequence jazz.gif
C:\Program Files\Web Media Player\images\frequence plus.gif
C:\Program Files\Web Media Player\images\frequence3.jpg
C:\Program Files\Web Media Player\images\frinter.JPG
C:\Program Files\Web Media Player\images\fun.JPG
C:\Program Files\Web Media Player\images\generation hit.jpg
C:\Program Files\Web Media Player\images\germain fait sa télé.JPG
C:\Program Files\Web Media Player\images\gignols.JPG
C:\Program Files\Web Media Player\images\globe.gif
C:\Program Files\Web Media Player\images\grd_journal.jpg
C:\Program Files\Web Media Player\images\groland.JPG
C:\Program Files\Web Media Player\images\groland2.jpg
C:\Program Files\Web Media Player\images\Haut couleur.jpg
C:\Program Files\Web Media Player\images\haut.GIF
C:\Program Files\Web Media Player\images\haut.JPG
C:\Program Files\Web Media Player\images\haut.PNG
C:\Program Files\Web Media Player\images\help.gif
C:\Program Files\Web Media Player\images\hit_sport_01.gif
C:\Program Files\Web Media Player\images\hitmusicstation.jpg
C:\Program Files\Web Media Player\images\hitwest.gif
C:\Program Files\Web Media Player\images\hot radio.gif
C:\Program Files\Web Media Player\images\hotmixradio.gif
C:\Program Files\Web Media Player\images\ie.gif
C:\Program Files\Web Media Player\images\IE.jpg
C:\Program Files\Web Media Player\images\impactFM.gif
C:\Program Files\Web Media Player\images\itele.jpg
C:\Program Files\Web Media Player\images\jet tv.JPG
C:\Program Files\Web Media Player\images\journalsorties.gif
C:\Program Files\Web Media Player\images\jt rtl.jpg
C:\Program Files\Web Media Player\images\junior fm.bmp
C:\Program Files\Web Media Player\images\KD2A.jpg
C:\Program Files\Web Media Player\images\kif radio.gif
C:\Program Files\Web Media Player\images\kissfm.JPG
C:\Program Files\Web Media Player\images\ks one.JPG
C:\Program Files\Web Media Player\images\ksonelogo.jpg
C:\Program Files\Web Media Player\images\la radio de la mer.jpg
C:\Program Files\Web Media Player\images\labelle tv.jpg
C:\Program Files\Web Media Player\images\lagrosseradio.jpg
C:\Program Files\Web Media Player\images\lci.jpg
C:\Program Files\Web Media Player\images\lcp.jpg
C:\Program Files\Web Media Player\images\le mouv.jpg
C:\Program Files\Web Media Player\images\letsgozik.gif
C:\Program Files\Web Media Player\images\liberty tv.jpg
C:\Program Files\Web Media Player\images\linas jazz.GIF
C:\Program Files\Web Media Player\images\logo.bmp
C:\Program Files\Web Media Player\images\logo.JPG
C:\Program Files\Web Media Player\images\lyon FM.gif
C:\Program Files\Web Media Player\images\lyon tv.jpg
C:\Program Files\Web Media Player\images\m6.jpg
C:\Program Files\Web Media Player\images\madikera mix.jpg
C:\Program Files\Web Media Player\images\mediatropical.jpg
C:\Program Files\Web Media Player\images\meteo-fr2.jpg
C:\Program Files\Web Media Player\images\meteo-fr3.jpg
C:\Program Files\Web Media Player\images\meteo-tf1.jpg
C:\Program Files\Web Media Player\images\meteo france.jpg
C:\Program Files\Web Media Player\images\mfm.jpg
C:\Program Files\Web Media Player\images\microphone.gif
C:\Program Files\Web Media Player\images\min_blonde.jpg
C:\Program Files\Web Media Player\images\minblode.JPG
C:\Program Files\Web Media Player\images\ministery of sound.jpg
C:\Program Files\Web Media Player\images\mint.jpg
C:\Program Files\Web Media Player\images\mistral fm.gif
C:\Program Files\Web Media Player\images\mizik tv.jpg
C:\Program Files\Web Media Player\images\mona fm.gif
C:\Program Files\Web Media Player\images\MTI.gif
C:\Program Files\Web Media Player\images\net fm.gif
C:\Program Files\Web Media Player\images\news fm.gif
C:\Program Files\Web Media Player\images\NGTV.JPG
C:\Program Files\Web Media Player\images\normandie fm.gif
C:\Program Files\Web Media Player\images\normandie tv.JPG
C:\Program Files\Web Media Player\images\nostalgie.JPG
C:\Program Files\Web Media Player\images\note.gif
C:\Program Files\Web Media Player\images\note.jpg
C:\Program Files\Web Media Player\images\Nouveau Image bitmap.bmp
C:\Program Files\Web Media Player\images\nova radio.jpg
C:\Program Files\Web Media Player\images\nrj.JPG
C:\Program Files\Web Media Player\images\NT1.jpg
C:\Program Files\Web Media Player\images\ods radio.gif
C:\Program Files\Web Media Player\images\Open.gif
C:\Program Files\Web Media Player\images\options.gif
C:\Program Files\Web Media Player\images\orleans tv.JPG
C:\Program Files\Web Media Player\images\ouest fm.gif
C:\Program Files\Web Media Player\images\ouifm.JPG
C:\Program Files\Web Media Player\images\oxygene fm.GIF
C:\Program Files\Web Media Player\images\paris cap.JPG
C:\Program Files\Web Media Player\images\pas des anges.JPG
C:\Program Files\Web Media Player\images\perpignan tv.JPG
C:\Program Files\Web Media Player\images\plein air.jpg
C:\Program Files\Web Media Player\images\pointroute.gif
C:\Program Files\Web Media Player\images\ptroute.gif
C:\Program Files\Web Media Player\images\public sante.gif
C:\Program Files\Web Media Player\images\puls radio.gif
C:\Program Files\Web Media Player\images\pure fm.gif
C:\Program Files\Web Media Player\images\quartz.jpg
C:\Program Files\Web Media Player\images\radio +.gif
C:\Program Files\Web Media Player\images\radio +.JPG
C:\Program Files\Web Media Player\images\radio 6.gif
C:\Program Files\Web Media Player\images\radio 74.gif
C:\Program Files\Web Media Player\images\radio 8.gif
C:\Program Files\Web Media Player\images\radio canut.jpg
C:\Program Files\Web Media Player\images\radio city.jpg
C:\Program Files\Web Media Player\images\radio contact.jpg
C:\Program Files\Web Media Player\images\radio cote azur.jpg
C:\Program Files\Web Media Player\images\radio courtoisie.gif
C:\Program Files\Web Media Player\images\radio dreyeckland.gif
C:\Program Files\Web Media Player\images\radio espace.gif
C:\Program Files\Web Media Player\images\radio latina.gif
C:\Program Files\Web Media Player\images\radio orient.gif
C:\Program Files\Web Media Player\images\radio plus.jpg
C:\Program Files\Web Media Player\images\radio scoop.jpg
C:\Program Files\Web Media Player\images\radio si.gif
C:\Program Files\Web Media Player\images\radio star marseille.gif
C:\Program Files\Web Media Player\images\radio tempo.jpg
C:\Program Files\Web Media Player\images\radio wave.gif
C:\Program Files\Web Media Player\images\radio.gif
C:\Program Files\Web Media Player\images\radiolatina.JPG
C:\Program Files\Web Media Player\images\rado espace.gif
C:\Program Files\Web Media Player\images\rap.JPG
C:\Program Files\Web Media Player\images\refesh.jpg
C:\Program Files\Web Media Player\images\refresh.gif
C:\Program Files\Web Media Player\images\resonnance.gif
C:\Program Files\Web Media Player\images\rfi.gif
C:\Program Files\Web Media Player\images\rfm.JPG
C:\Program Files\Web Media Player\images\RFO.JPG
C:\Program Files\Web Media Player\images\rires.JPG
C:\Program Files\Web Media Player\images\rmcinfo.JPG
C:\Program Files\Web Media Player\images\rnb.JPG
C:\Program Files\Web Media Player\images\rne.jpg
C:\Program Files\Web Media Player\images\rock_fm_tr.gif
C:\Program Files\Web Media Player\images\rtbf.gif
C:\Program Files\Web Media Player\images\rtc.jpg
C:\Program Files\Web Media Player\images\rtl.JPG
C:\Program Files\Web Media Player\images\rtl2.JPG
C:\Program Files\Web Media Player\images\rtv.jpg
C:\Program Files\Web Media Player\images\rve.gif
C:\Program Files\Web Media Player\images\saint malo tv.JPG
C:\Program Files\Web Media Player\images\samantha.jpg
C:\Program Files\Web Media Player\images\scoplia.jpg
C:\Program Files\Web Media Player\images\seven tv.JPG
C:\Program Files\Web Media Player\images\SkyNewsLogo130.gif
C:\Program Files\Web Media Player\images\skyrock.JPG
C:\Program Files\Web Media Player\images\soir 3.jpg
C:\Program Files\Web Media Player\images\soleiltv.jpg
C:\Program Files\Web Media Player\images\sportFm.gif
C:\Program Files\Web Media Player\images\st tropez webradio.gif
C:\Program Files\Web Media Player\images\star radio.jpg
C:\Program Files\Web Media Player\images\stop.jpg
C:\Program Files\Web Media Player\images\stop2.gif
C:\Program Files\Web Media Player\images\stop2.jpg
C:\Program Files\Web Media Player\images\sudradio.JPG
C:\Program Files\Web Media Player\images\sunvibz.gif
C:\Program Files\Web Media Player\images\synergie.gif
C:\Program Files\Web Media Player\images\synergie.jpg
C:\Program Files\Web Media Player\images\systray.gif
C:\Program Files\Web Media Player\images\teepik.jpg
C:\Program Files\Web Media Player\images\tele essone.JPG
C:\Program Files\Web Media Player\images\telebruxelles.gif
C:\Program Files\Web Media Player\images\telesambre.jpg
C:\Program Files\Web Media Player\images\telif.jpg
C:\Program Files\Web Media Player\images\tf1-jt-13h.jpg
C:\Program Files\Web Media Player\images\tf1-jt-20h.jpg
C:\Program Files\Web Media Player\images\TF1%20PERNAUD.jpg
C:\Program Files\Web Media Player\images\tf1.jpg
C:\Program Files\Web Media Player\images\Tf1_13h.JPG
C:\Program Files\Web Media Player\images\tf1_jt_20h.jpg
C:\Program Files\Web Media Player\images\tfc tv.jpg
C:\Program Files\Web Media Player\images\the lol tv.JPG
C:\Program Files\Web Media Player\images\title.bmp
C:\Program Files\Web Media Player\images\title.gif
C:\Program Files\Web Media Player\images\tlm.gif
C:\Program Files\Web Media Player\images\TLM.jpg
C:\Program Files\Web Media Player\images\top music.gif
C:\Program Files\Web Media Player\images\trafic.JPG
C:\Program Files\Web Media Player\images\tsr.gif
C:\Program Files\Web Media Player\images\télé 102.JPG
C:\Program Files\Web Media Player\images\tumbuktoo.JPG
C:\Program Files\Web Media Player\images\tv alsace.JPG
C:\Program Files\Web Media Player\images\tv caraibes.gif
C:\Program Files\Web Media Player\images\tv grenoble.jpg
C:\Program Files\Web Media Player\images\TV.gif
C:\Program Files\Web Media Player\images\TV2.gif
C:\Program Files\Web Media Player\images\TV3.gif
C:\Program Files\Web Media Player\images\tv8 mont blanc.jpg
C:\Program Files\Web Media Player\images\tve.jpg
C:\Program Files\Web Media Player\images\TVSF.JPG
C:\Program Files\Web Media Player\images\vendredi pet.jpg
C:\Program Files\Web Media Player\images\vibra.JPG
C:\Program Files\Web Media Player\images\vibration.gif
C:\Program Files\Web Media
le voici :
ComboFix 08-04-20.2 - BoobFan 2008-04-22 14:37:46.6 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\d1.MSNFix
C:\Documents and Settings\All Users\Application Data\GamesBar
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-05-13-01-30\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-08-13-04-06\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\08-04-12-10-51-48\word.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\7_wonders_216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\about.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\action.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\arcade.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\around_the_world_in_80_days16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\blokus_world_tour16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\buy.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\cards.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\deals.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\discovering_nature16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\download.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\dress_shop_hop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\elements16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\farm_frenzy16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\feedback.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\help.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\highlight.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\jojos_fashion_show16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\lucky_clover16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\magic_match_adventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\magicBall216x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mahjong.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\multiplayer.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mygames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mythic_mahjong16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\mythic_pearls16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\newGames.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\oberonconfig.xm_
C:\Documents and Settings\All Users\Application Data\GamesBar\obSearchHistory.dat
C:\Documents and Settings\All Users\Application Data\GamesBar\partner.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\polly_pride_pet_detective16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\popup_off.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\popup_on.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\purrfect_pet_shop16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\puzzle.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\search.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\search_goog.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\seasonmatch16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\sendafriend.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\starscape16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\the_tuttles_madcap_misadventures16x16.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\trial.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\uninstall.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\update.gif
C:\Documents and Settings\All Users\Application Data\GamesBar\word.gif
C:\Program Files\3B Software
C:\Program Files\3B Software\Common\Live Update\wcomupd.exe
C:\Program Files\3B Software\Common\Registry\wcomrt.exe
C:\Program Files\3B Software\Common\Scheduler\settings.ini
C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe
C:\Program Files\3B Software\Registry Repair Pro\3BLogo.gif
C:\Program Files\3B Software\Registry Repair Pro\Boost Your PC Performance!.url
C:\Program Files\3B Software\Registry Repair Pro\Boost.ico
C:\Program Files\3B Software\Registry Repair Pro\English.lang
C:\Program Files\3B Software\Registry Repair Pro\French.lang
C:\Program Files\3B Software\Registry Repair Pro\German.lang
C:\Program Files\3B Software\Registry Repair Pro\modules.dat
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.chm
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.exe
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.ini
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.log
C:\Program Files\3B Software\Registry Repair Pro\RegistryRepairPro.ref
C:\Program Files\3B Software\Registry Repair Pro\Spanish.lang
C:\Program Files\3B Software\Registry Repair Pro\Support.html
C:\Program Files\3B Software\Registry Repair Pro\TV.ico
C:\Program Files\3B Software\Registry Repair Pro\unins000.dat
C:\Program Files\3B Software\Registry Repair Pro\unins000.exe
C:\Program Files\3B Software\Registry Repair Pro\Watch Live TV on Your PC!.url
C:\Program Files\Altnet
C:\Program Files\Altnet\DBBackup\Sigfiles.db
C:\Program Files\Altnet\Download Manager\adm25.dll
C:\Program Files\Altnet\Download Manager\adm4.dll
C:\Program Files\Altnet\Download Manager\adm4005.exe
C:\Program Files\Altnet\Download Manager\admdata.dll
C:\Program Files\Altnet\Download Manager\admdloader.dll
C:\Program Files\Altnet\Download Manager\admfdi.dll
C:\Program Files\Altnet\Download Manager\admprog.dll
C:\Program Files\Altnet\Download Manager\altnetuninstall.exe
C:\Program Files\Altnet\Download Manager\asm.exe
C:\Program Files\Altnet\Download Manager\asmend.exe
C:\Program Files\Altnet\Download Manager\asmps.dll
C:\Program Files\Altnet\Download Manager\dminfo3.cab
C:\Program Files\Altnet\Download Manager\dminstall7.cab
C:\Program Files\Altnet\Download Manager\dmsetup.bmp
C:\Program Files\Altnet\Download Manager\dmsetupbig.bmp
C:\Program Files\Altnet\Download Manager\jsinstall.cab
C:\Program Files\Altnet\Download Manager\jslegals.txt
C:\Program Files\Altnet\Download Manager\selectdir.txt
C:\Program Files\Altnet\Download Manager\selectdir1st.txt
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload Setup Components
C:\Program Files\BitGrabber
C:\Program Files\BitGrabber\BitGrabber.exe
C:\Program Files\BitGrabber\minime.exe
C:\Program Files\BitGrabber\session.store
C:\Program Files\BitGrabber\settings.ini
C:\Program Files\BitGrabber\settings.stp
C:\Program Files\BitGrabber\SkinCrafterDll.dll
C:\Program Files\BitGrabber\Skins\Quadro.skf
C:\Program Files\BitGrabber\state.dht
C:\Program Files\BitGrabber\TorrentManager.dll
C:\Program Files\BitGrabber\unins000.dat
C:\Program Files\BitGrabber\unins000.exe
C:\Program Files\BitRoll
C:\Program Files\BitRoll\BitRoll.exe
C:\Program Files\BitRoll\minime.exe
C:\Program Files\BitRoll\session.store
C:\Program Files\BitRoll\settings.ini
C:\Program Files\BitRoll\settings.stp
C:\Program Files\BitRoll\SkinCrafterDll.dll
C:\Program Files\BitRoll\Skins\Flexi.skf
C:\Program Files\BitRoll\state.dht
C:\Program Files\BitRoll\TorrentManager.dll
C:\Program Files\BitRoll\unins000.dat
C:\Program Files\BitRoll\unins000.exe
C:\Program Files\DivoCodec
C:\Program Files\DivoCodec\minime.exe
C:\Program Files\DivoCodec\settings.stp
C:\Program Files\DivoCodec\unins000.dat
C:\Program Files\DivoCodec\unins000.exe
C:\Program Files\DivoCodec\WakeSplitter.ax
C:\Program Files\DivoPlayer
C:\Program Files\DivoPlayer\DivoPlayer.exe
C:\Program Files\DivoPlayer\minime.exe
C:\Program Files\DivoPlayer\settings.ini
C:\Program Files\DivoPlayer\settings.stp
C:\Program Files\DivoPlayer\SkinCrafterDll.dll
C:\Program Files\DivoPlayer\skins\Flexi.skf
C:\Program Files\DivoPlayer\test.gif
C:\Program Files\DivoPlayer\unins000.dat
C:\Program Files\DivoPlayer\unins000.exe
C:\Program Files\ErrorSmart
C:\Program Files\ErrorSmart\DataBase.ref
C:\Program Files\ErrorSmart\ErrorSmart.exe
C:\Program Files\ErrorSmart\ErrorSmart.url
C:\Program Files\ErrorSmart\Launcher.exe
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.MFC\mfc80.dll
C:\Program Files\ErrorSmart\Microsoft.VC80.MFC\Microsoft.VC80.MFC.manifest
C:\Program Files\ErrorSmart\RegCleaner.dll
C:\Program Files\ErrorSmart\TCL.dll
C:\Program Files\ErrorSmart\zlib.dll
C:\Program Files\Fichiers communs\Carlson
C:\Program Files\Fichiers communs\Carlson\carlton.MSNFix
C:\Program Files\Files-Secure
C:\Program Files\Files-Secure\secure.db1
C:\Program Files\Files-Secure\secure.db2
C:\Program Files\Files-Secure\secure.db3
C:\Program Files\Files-Secure\secure.db4
C:\Program Files\Files-Secure\secure.db5
C:\Program Files\Files-Secure\secure.exe
C:\Program Files\Files-Secure\Uninstall.exe
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization-English.ini
C:\Program Files\GamesBar\OBGet.exe
C:\Program Files\GamesBar\uninst.exe
C:\Program Files\Instafinder
C:\Program Files\Instafinder\instafinder.dll
C:\Program Files\Instafinder\instafinder.exe
C:\Program Files\Instafinder\uninstall.exe
C:\Program Files\Kazaa
C:\Program Files\Kazaa\ammp3.dll
C:\Program Files\Kazaa\bdupd.dll
C:\Program Files\Kazaa\BGP2P\bdcore.dll
C:\Program Files\Kazaa\BGP2P\libfn.dll
C:\Program Files\Kazaa\BGP2P\plugins\plugins.cab.cab
C:\Program Files\Kazaa\BGP2P\versions.dat
C:\Program Files\Kazaa\CKGFRs.dll
C:\Program Files\Kazaa\Db\config.cab
C:\Program Files\Kazaa\Db\d01.cab
C:\Program Files\Kazaa\Db\d02.cab
C:\Program Files\Kazaa\Db\data1024.dbb
C:\Program Files\Kazaa\Db\data256.dbb
C:\Program Files\Kazaa\Db\k7tqkgkk_tssv125.dat
C:\Program Files\Kazaa\Db\np.tmp
C:\Program Files\Kazaa\Help\arrow.gif
C:\Program Files\Kazaa\Help\arrow_sml.gif
C:\Program Files\Kazaa\Help\background.gif
C:\Program Files\Kazaa\Help\h_mykazaa.gif
C:\Program Files\Kazaa\Help\h_myMedia.gif
C:\Program Files\Kazaa\Help\h_myplaylists.gif
C:\Program Files\Kazaa\Help\icon_gold_kap.gif
C:\Program Files\Kazaa\Help\myKapsules.gif
C:\Program Files\Kazaa\Help\mykapsules.htm
C:\Program Files\Kazaa\Help\mykazaa.css
C:\Program Files\Kazaa\Help\mykazaa.htm
C:\Program Files\Kazaa\Help\mymedia.htm
C:\Program Files\Kazaa\Help\myplaylists.htm
C:\Program Files\Kazaa\Help\spacer.gif
C:\Program Files\Kazaa\kazaa.exe
C:\Program Files\Kazaa\Kazaa.url
C:\Program Files\Kazaa\kzscan.dll
C:\Program Files\Kazaa\libcurl.dll
C:\Program Files\Kazaa\libeay32.dll
C:\Program Files\Kazaa\libssl32.dll
C:\Program Files\Kazaa\My Channels\Bin\crazyplaygames.kcd
C:\Program Files\Kazaa\My Channels\Bin\dating.kcd
C:\Program Files\Kazaa\My Channels\Bin\emerging_artists.kcd
C:\Program Files\Kazaa\My Channels\Bin\g_spot.kcd
C:\Program Files\Kazaa\My Channels\Bin\onelove_browse.kcd
C:\Program Files\Kazaa\My Channels\Bin\ringtonechannel.kcd
C:\Program Files\Kazaa\My Channels\Bin\rshiphop.kcd
C:\Program Files\Kazaa\My Channels\Bin\skilledgames.kcd
C:\Program Files\Kazaa\My Channels\Images\crazyplaygames.bmp
C:\Program Files\Kazaa\My Channels\Images\dating.bmp
C:\Program Files\Kazaa\My Channels\Images\emerging_artists.bmp
C:\Program Files\Kazaa\My Channels\Images\g_spot.bmp
C:\Program Files\Kazaa\My Channels\Images\onelove_browse.bmp
C:\Program Files\Kazaa\My Channels\Images\ringtonechannel.bmp
C:\Program Files\Kazaa\My Channels\Images\rshiphop_browse.bmp
C:\Program Files\Kazaa\My Channels\Images\skilledgames.bmp
C:\Program Files\Kazaa\My Shared Folder\Audio - Alternative Rock.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Barrington Levy.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Electronica.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Fine Arts Militia Album.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Folk.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Funk.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Hip Hop.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Jazz.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Pop Rock.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Public Enemy Revolverlution Album.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - R&B.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - Reggae.kpl
C:\Program Files\Kazaa\My Shared Folder\Audio - The Honey Palace Album.kpl
C:\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe
C:\Program Files\Kazaa\myshare.ico
C:\Program Files\Kazaa\Skins\Black Glass\License.txt
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_mykazaa_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_peer_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_search_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_shop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_start_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_tell_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_theatre_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mainbar_traffic_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_addtoplay_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_next_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_pause_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_play_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_prev_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_slider.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_sliderThumb.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_sliderThumb_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_stop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mediabar_volume_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_delete_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_folders_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_moreinfo_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\mykazaabar_share_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_closetabs_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_download_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_messageuser_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_newsearch_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_searchuser_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\searchbar_showsearch_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\skin.xml
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_back_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_fwd_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_home_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_refresh_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\startbar_stop_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\theatrebar_fullscreen_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_cancel_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_pause_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\trafficbar_resume_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btm.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btmLeft.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_btmright.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_left.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_right.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_top.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_topleft.bmp
C:\Program Files\Kazaa\Skins\Black Glass\window_topright.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_close_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_maximise_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_minimise_sel.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_dis.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_over.bmp
C:\Program Files\Kazaa\Skins\Black Glass\windowbar_restore_sel.bmp
C:\Program Files\Kazaa\ssleay32.dll
C:\Program Files\Kazaa\TopSearch.dll
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar\1.bin\N2FFXTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\N2NTSTBR.JAR
C:\Program Files\Need2Find\bar\1.bin\N2PLUGIN.DLL
C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
C:\Program Files\Need2Find\bar\1.bin\NPND2FN.DLL
C:\Program Files\Need2Find\bar\1.bin\PARTNER.DAT
C:\Program Files\Need2Find\bar\Cache\files.ini
C:\Program Files\Need2Find\bar\History\search
C:\Program Files\Need2Find\bar\Settings\prevcfg.htm
C:\Program Files\NetPumper
C:\Program Files\NetPumper\AddUrl.htm
C:\Program Files\NetPumper\help\compat.htm
C:\Program Files\NetPumper\help\details.htm
C:\Program Files\NetPumper\help\features.htm
C:\Program Files\NetPumper\help\images\apllimit.gif
C:\Program Files\NetPumper\help\images\bandwidthpanel.gif
C:\Program Files\NetPumper\help\images\buttons.gif
C:\Program Files\NetPumper\help\images\cmdadd.gif
C:\Program Files\NetPumper\help\images\cmdaddtoschedule.gif
C:\Program Files\NetPumper\help\images\cmddetails.gif
C:\Program Files\NetPumper\help\images\cmdeditschedule.gif
C:\Program Files\NetPumper\help\images\cmdfolder.gif
C:\Program Files\NetPumper\help\images\cmdhelp.gif
C:\Program Files\NetPumper\help\images\cmdopen.gif
C:\Program Files\NetPumper\help\images\cmdopenfolder.gif
C:\Program Files\NetPumper\help\images\cmdpause.gif
C:\Program Files\NetPumper\help\images\cmdprefs.gif
C:\Program Files\NetPumper\help\images\cmdremove.gif
C:\Program Files\NetPumper\help\images\cmdresume.gif
C:\Program Files\NetPumper\help\images\cmdselectall.gif
C:\Program Files\NetPumper\help\images\detailwin-wide.gif
C:\Program Files\NetPumper\help\images\detailwin.gif
C:\Program Files\NetPumper\help\images\droptoschedule.gif
C:\Program Files\NetPumper\help\images\editbandwidth.gif
C:\Program Files\NetPumper\help\images\ignlimit.gif
C:\Program Files\NetPumper\help\images\limserver.gif
C:\Program Files\NetPumper\help\images\limservergold.gif
C:\Program Files\NetPumper\help\images\limuser.gif
C:\Program Files\NetPumper\help\images\mainwin.gif
C:\Program Files\NetPumper\help\images\moveicons.gif
C:\Program Files\NetPumper\help\images\prefw-bandwidth.gif
C:\Program Files\NetPumper\help\images\prefw-connections.gif
C:\Program Files\NetPumper\help\images\prefw-general.gif
C:\Program Files\NetPumper\help\images\prefw-login.gif
C:\Program Files\NetPumper\help\images\prefw-monitoring.gif
C:\Program Files\NetPumper\help\images\prefw-proxy-ftp.gif
C:\Program Files\NetPumper\help\images\prefw-proxy-http.gif
C:\Program Files\NetPumper\help\images\register-1.gif
C:\Program Files\NetPumper\help\images\register-2.gif
C:\Program Files\NetPumper\help\images\register-3-1.gif
C:\Program Files\NetPumper\help\images\register-3-2.gif
C:\Program Files\NetPumper\help\images\schedulewin.gif
C:\Program Files\NetPumper\help\images\scnoresume.gif
C:\Program Files\NetPumper\help\images\scresumes.gif
C:\Program Files\NetPumper\help\images\scunk.gif
C:\Program Files\NetPumper\help\images\stanalyzing.gif
C:\Program Files\NetPumper\help\images\starticon.gif
C:\Program Files\NetPumper\help\images\stcompleted.gif
C:\Program Files\NetPumper\help\images\stfatal.gif
C:\Program Files\NetPumper\help\images\stinpro.gif
C:\Program Files\NetPumper\help\images\stnhelp.gif
C:\Program Files\NetPumper\help\images\stopicon.gif
C:\Program Files\NetPumper\help\images\stpaused.gif
C:\Program Files\NetPumper\help\images\stqueued.gif
C:\Program Files\NetPumper\help\images\stretrying.gif
C:\Program Files\NetPumper\help\images\stscheduled.gif
C:\Program Files\NetPumper\help\images\summary.gif
C:\Program Files\NetPumper\help\images\throtdn.gif
C:\Program Files\NetPumper\help\images\zoombtn.gif
C:\Program Files\NetPumper\help\index.htm
C:\Program Files\NetPumper\help\mainwin.htm
C:\Program Files\NetPumper\help\nphelp.css
C:\Program Files\NetPumper\help\prefwindow.htm
C:\Program Files\NetPumper\help\register.htm
C:\Program Files\NetPumper\help\schedwin.htm
C:\Program Files\NetPumper\help\tips.htm
C:\Program Files\NetPumper\NetPumper.exe
C:\Program Files\NetPumper\NetPumperIEProxy.exe
C:\Program Files\NetPumper\NetPumperNNProxy.dll
C:\Program Files\NetPumper\NPNetPumper_Application.dll
C:\Program Files\NetPumper\NPNetPumper_Audio.dll
C:\Program Files\NetPumper\NPNetPumper_Video.dll
C:\Program Files\NetPumper\README.txt
C:\Program Files\NetPumper\shutdown.exe
C:\Program Files\NetPumper\TurnLog.exe
C:\Program Files\NetPumper\unins000.dat
C:\Program Files\NetPumper\unins000.exe
C:\Program Files\NetPumper\x.bat
C:\Program Files\NetPumper\ZM\minime.exe
C:\Program Files\RXToolBar
C:\Program Files\RXToolBar\CacheCatalog.rx
C:\Program Files\RXToolBar\graphics\additional.gif
C:\Program Files\RXToolBar\graphics\additional_active.gif
C:\Program Files\RXToolBar\graphics\background.jpg
C:\Program Files\RXToolBar\graphics\blue_hr_horz.GIF
C:\Program Files\RXToolBar\graphics\gray_hr_horz.GIF
C:\Program Files\RXToolBar\graphics\thumbtack.gif
C:\Program Files\RXToolBar\graphics\thumbtack_active.gif
C:\Program Files\RXToolBar\graphics\thumbtack_click.gif
C:\Program Files\RXToolBar\HTML\content.htm
C:\Program Files\RXToolBar\HTML\main.htm
C:\Program Files\RXToolBar\rx.xml
C:\Program Files\RXToolBar\rxtoolbar.cfg
C:\Program Files\RXToolBar\RXToolBar.dll
C:\Program Files\RXToolBar\rxwebsearches.xsl
C:\Program Files\RXToolBar\sfcont.bin
C:\Program Files\RXToolBar\sfcont.dll
C:\Program Files\Spyware-Secure
C:\Program Files\Spyware-Secure\config.s3db
C:\Program Files\Spyware-Secure\Gfx_fr.bin
C:\Program Files\Spyware-Secure\help\help_Trial_FR.zip
C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_intro.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_menu.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\file.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_f.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_o.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\fleche.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\folder.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\dowload-file-antispyware.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\menu.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\scstep2.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\key.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\menu.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\support.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\title-hepfile.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\index.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\menu3.js
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\3differentscan.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\contactus.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\found-objects.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\lexic.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\navigtabs.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\quarantine.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\register.htm
C:\Program Files\Spyware-Secure\help\help_Trial_FR\spy.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_coud.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_droit.gif
C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_vert.gif
C:\Program Files\Spyware-Secure\language
C:\Program Files\Spyware-Secure\nbmw
C:\Program Files\Spyware-Secure\quarantine.s3db
C:\Program Files\Spyware-Secure\resources\cookies_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dic
C:\Program Files\Spyware-Secure\resources\filesExt_1-12.dat
C:\Program Files\Spyware-Secure\resources\filesMulti_1-12.idx
C:\Program Files\Spyware-Secure\resources\filesSimple_1-12.idx
C:\Program Files\Spyware-Secure\resources\malwaresDB_1-12
C:\Program Files\Spyware-Secure\resources\register_1-12.dat
C:\Program Files\Spyware-Secure\skin
C:\Program Files\Spyware-Secure\Spyware-Secure.url
C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
C:\Program Files\Spyware-Secure\sqlite3.dll
C:\Program Files\Spyware-Secure\uninst.exe
C:\Program Files\Spyware-Secure\unrar.dll
C:\Program Files\TorrentQ
C:\Program Files\TorrentSoftware
C:\Program Files\TorrentSoftware\minime.exe
C:\Program Files\TorrentSoftware\session.store
C:\Program Files\TorrentSoftware\settings.ini
C:\Program Files\TorrentSoftware\settings.stp
C:\Program Files\TorrentSoftware\SkinCrafterDll.dll
C:\Program Files\TorrentSoftware\Skins\WinterBlues.skf
C:\Program Files\TorrentSoftware\state.dht
C:\Program Files\TorrentSoftware\TorrentManager.dll
C:\Program Files\TorrentSoftware\TorrentSoftware.exe
C:\Program Files\TorrentSoftware\unins000.dat
C:\Program Files\TorrentSoftware\unins000.exe
C:\Program Files\VideoKey
C:\Program Files\VideoKey\Uninstall.exe
C:\Program Files\Warez
C:\Program Files\Warez\EndProg.exe
C:\Program Files\Warez\iphox_downloader_p.exe
C:\Program Files\Warez\Lang\English.lng
C:\Program Files\Warez\Lang\Russian.lng
C:\Program Files\Warez\log\Warez.log
C:\Program Files\Warez\log\Warez.log.old
C:\Program Files\Warez\Media\FileComplete.wav
C:\Program Files\Warez\player.dll
C:\Program Files\Warez\plug-ins\CDBurningPlugin.bpl
C:\Program Files\Warez\plug-ins\CDRipper.bpl
C:\Program Files\Warez\plug-ins\ClosestSearch.bpl
C:\Program Files\Warez\plug-ins\Notification.bpl
C:\Program Files\Warez\plug-ins\PeerInfoSearch.bpl
C:\Program Files\Warez\plug-ins\rip\akrip32.dll
C:\Program Files\Warez\plug-ins\rip\cdcache.dll
C:\Program Files\Warez\plug-ins\rip\lame_enc.dll
C:\Program Files\Warez\plug-ins\rip\Rip.dll
C:\Program Files\Warez\plug-ins\rip\vorb_enc.dll
C:\Program Files\Warez\plug-ins\rip\xtenc.dll
C:\Program Files\Warez\plug-ins\Search.bpl
C:\Program Files\Warez\plug-ins\VirtualTracker.bpl
C:\Program Files\Warez\RegExt.exe
C:\Program Files\Warez\rtl70.bpl
C:\Program Files\Warez\Skin\Aqua.skn
C:\Program Files\Warez\Skin\Default.skn
C:\Program Files\Warez\Skin\Desert.skn
C:\Program Files\Warez\Skin\Forest.skn
C:\Program Files\Warez\Skin\Sea.skn
C:\Program Files\Warez\tcpip_patcher.sys
C:\Program Files\Warez\Uninstall.exe
C:\Program Files\Warez\Units.bpl
C:\Program Files\Warez\vcl70.bpl
C:\Program Files\Warez\vclshlctrls70.bpl
C:\Program Files\Warez\vclx70.bpl
C:\Program Files\Warez\VersionChecker.exe
C:\Program Files\Warez\Warez.exe
C:\Program Files\Warez\Warez.ico
C:\Program Files\Warez\WinSkinD7R.bpl
C:\Program Files\Web Media Player
C:\Program Files\Web Media Player\ComDlg32.oca
C:\Program Files\Web Media Player\COMDLG32.OCX
C:\Program Files\Web Media Player\Control.oca
C:\Program Files\Web Media Player\Control.ocx
C:\Program Files\Web Media Player\images\-10.jpg
C:\Program Files\Web Media Player\images\13h tf1.jpg
C:\Program Files\Web Media Player\images\20h tf1.jpg
C:\Program Files\Web Media Player\images\20h10pét.gif
C:\Program Files\Web Media Player\images\48 fm.jpg
C:\Program Files\Web Media Player\images\6minutes_soir.jpg
C:\Program Files\Web Media Player\images\7 FM.jpg
C:\Program Files\Web Media Player\images\about.gif
C:\Program Files\Web Media Player\images\about.jpg
C:\Program Files\Web Media Player\images\actualisation.jpg
C:\Program Files\Web Media Player\images\actv.JPG
C:\Program Files\Web Media Player\images\ado-fm.bmp
C:\Program Files\Web Media Player\images\africa hit tv.jpg
C:\Program Files\Web Media Player\images\aktiv radio.gif
C:\Program Files\Web Media Player\images\alouette.jpg
C:\Program Files\Web Media Player\images\alpes 1 grenoble.gif
C:\Program Files\Web Media Player\images\alternantes.gif
C:\Program Files\Web Media Player\images\antipode.jpg
C:\Program Files\Web Media Player\images\arrow_se.gif
C:\Program Files\Web Media Player\images\art channel.jpg
C:\Program Files\Web Media Player\images\astrocenter.jpg
C:\Program Files\Web Media Player\images\bbc.bmp
C:\Program Files\Web Media Player\images\bbc.JPG
C:\Program Files\Web Media Player\images\bel rtl.jpg
C:\Program Files\Web Media Player\images\berbere.gif
C:\Program Files\Web Media Player\images\bfm tv.jpg
C:\Program Files\Web Media Player\images\bfm.JPG
C:\Program Files\Web Media Player\images\bloomberg.gif
C:\Program Files\Web Media Player\images\boardriders TV.JPG
C:\Program Files\Web Media Player\images\boite_questions.jpg
C:\Program Files\Web Media Player\images\booster.GIF
C:\Program Files\Web Media Player\images\brf1.gif
C:\Program Files\Web Media Player\images\c9 tv.gif
C:\Program Files\Web Media Player\images\calais tv.JPG
C:\Program Files\Web Media Player\images\canal zoom.jpg
C:\Program Files\Web Media Player\images\cash tv.jpg
C:\Program Files\Web Media Player\images\casque msn.JPG
C:\Program Files\Web Media Player\images\catalogne.gif
C:\Program Files\Web Media Player\images\check.gif
C:\Program Files\Web Media Player\images\chériefm.JPG
C:\Program Files\Web Media Player\images\ciel radio.jpg
C:\Program Files\Web Media Player\images\cityradio.jpg
C:\Program Files\Web Media Player\images\clap tv.jpg
C:\Program Files\Web Media Player\images\classic 21.jpg
C:\Program Files\Web Media Player\images\clermont 1ere.jpg
C:\Program Files\Web Media Player\images\clickrock.jpg
C:\Program Files\Web Media Player\images\clé.jpg
C:\Program Files\Web Media Player\images\cnn.jpg
C:\Program Files\Web Media Player\images\comédie.jpg
C:\Program Files\Web Media Player\images\config.gif
C:\Program Files\Web Media Player\images\config.jpg
C:\Program Files\Web Media Player\images\contact.jpg
C:\Program Files\Web Media Player\images\Cool FM.gif
C:\Program Files\Web Media Player\images\Copie de wmp.ico
C:\Program Files\Web Media Player\images\crock fm.jpg
C:\Program Files\Web Media Player\images\crooze fm.gif
C:\Program Files\Web Media Player\images\cybertika.gif
C:\Program Files\Web Media Player\images\dble fleche.gif
C:\Program Files\Web Media Player\images\delta fm.gif
C:\Program Files\Web Media Player\images\DIFE.JPG
C:\Program Files\Web Media Player\images\direct8.jpg
C:\Program Files\Web Media Player\images\discofunk.jpg
C:\Program Files\Web Media Player\images\dj radio.gif
C:\Program Files\Web Media Player\images\domino tv.JPG
C:\Program Files\Web Media Player\images\drapeau espagnol.jpg
C:\Program Files\Web Media Player\images\drapeau_anglais.jpg
C:\Program Files\Web Media Player\images\drapeau_néerlandais.jpg
C:\Program Files\Web Media Player\images\E_Music.gif
C:\Program Files\Web Media Player\images\ecclesia.gif
C:\Program Files\Web Media Player\images\ecn.gif
C:\Program Files\Web Media Player\images\eng.jpg
C:\Program Files\Web Media Player\images\equipetv.gif
C:\Program Files\Web Media Player\images\espace fm.gif
C:\Program Files\Web Media Player\images\est fm.gif
C:\Program Files\Web Media Player\images\euronews.JPG
C:\Program Files\Web Media Player\images\Europe 2.gif
C:\Program Files\Web Media Player\images\europe1.JPG
C:\Program Files\Web Media Player\images\europe2 rock uk.gif
C:\Program Files\Web Media Player\images\europe2 rock us.gif
C:\Program Files\Web Media Player\images\europe2.JPG
C:\Program Files\Web Media Player\images\eurosport.jpg
C:\Program Files\Web Media Player\images\eux tv.jpg
C:\Program Files\Web Media Player\images\evasion fm.gif
C:\Program Files\Web Media Player\images\explorer.jpg
C:\Program Files\Web Media Player\images\FG-radio.gif
C:\Program Files\Web Media Player\images\flash fm.gif
C:\Program Files\Web Media Player\images\fleche bas (downnload).gif
C:\Program Files\Web Media Player\images\fleche bas.GIF
C:\Program Files\Web Media Player\images\fleche bas.JPG
C:\Program Files\Web Media Player\images\fleche haut.gif
C:\Program Files\Web Media Player\images\fleche haut.jpg
C:\Program Files\Web Media Player\images\fleche lecture.jpg
C:\Program Files\Web Media Player\images\fleche xp droite.gif
C:\Program Files\Web Media Player\images\fm goud.gif
C:\Program Files\Web Media Player\images\forum.JPG
C:\Program Files\Web Media Player\images\fox news.jpg
C:\Program Files\Web Media Player\images\fr2.jpg
C:\Program Files\Web Media Player\images\fr2JT13h.JPG
C:\Program Files\Web Media Player\images\fr2JT8h.JPG
C:\Program Files\Web Media Player\images\fr2soirJT.JPG
C:\Program Files\Web Media Player\images\fr3.jpg
C:\Program Files\Web Media Player\images\fr3JTmidi.JPG
C:\Program Files\Web Media Player\images\fr3JTsoir.JPG
C:\Program Files\Web Media Player\images\france-info.JPG
C:\Program Files\Web Media Player\images\france 24.jpg
C:\Program Files\Web Media Player\images\france bleu nat.bmp
C:\Program Files\Web Media Player\images\france culture.jpg
C:\Program Files\Web Media Player\images\france2.gif
C:\Program Files\Web Media Player\images\france3.jpg
C:\Program Files\Web Media Player\images\franrock.gif
C:\Program Files\Web Media Player\images\frbleu.JPG
C:\Program Files\Web Media Player\images\frequence horizon.gif
C:\Program Files\Web Media Player\images\frequence jazz.gif
C:\Program Files\Web Media Player\images\frequence plus.gif
C:\Program Files\Web Media Player\images\frequence3.jpg
C:\Program Files\Web Media Player\images\frinter.JPG
C:\Program Files\Web Media Player\images\fun.JPG
C:\Program Files\Web Media Player\images\generation hit.jpg
C:\Program Files\Web Media Player\images\germain fait sa télé.JPG
C:\Program Files\Web Media Player\images\gignols.JPG
C:\Program Files\Web Media Player\images\globe.gif
C:\Program Files\Web Media Player\images\grd_journal.jpg
C:\Program Files\Web Media Player\images\groland.JPG
C:\Program Files\Web Media Player\images\groland2.jpg
C:\Program Files\Web Media Player\images\Haut couleur.jpg
C:\Program Files\Web Media Player\images\haut.GIF
C:\Program Files\Web Media Player\images\haut.JPG
C:\Program Files\Web Media Player\images\haut.PNG
C:\Program Files\Web Media Player\images\help.gif
C:\Program Files\Web Media Player\images\hit_sport_01.gif
C:\Program Files\Web Media Player\images\hitmusicstation.jpg
C:\Program Files\Web Media Player\images\hitwest.gif
C:\Program Files\Web Media Player\images\hot radio.gif
C:\Program Files\Web Media Player\images\hotmixradio.gif
C:\Program Files\Web Media Player\images\ie.gif
C:\Program Files\Web Media Player\images\IE.jpg
C:\Program Files\Web Media Player\images\impactFM.gif
C:\Program Files\Web Media Player\images\itele.jpg
C:\Program Files\Web Media Player\images\jet tv.JPG
C:\Program Files\Web Media Player\images\journalsorties.gif
C:\Program Files\Web Media Player\images\jt rtl.jpg
C:\Program Files\Web Media Player\images\junior fm.bmp
C:\Program Files\Web Media Player\images\KD2A.jpg
C:\Program Files\Web Media Player\images\kif radio.gif
C:\Program Files\Web Media Player\images\kissfm.JPG
C:\Program Files\Web Media Player\images\ks one.JPG
C:\Program Files\Web Media Player\images\ksonelogo.jpg
C:\Program Files\Web Media Player\images\la radio de la mer.jpg
C:\Program Files\Web Media Player\images\labelle tv.jpg
C:\Program Files\Web Media Player\images\lagrosseradio.jpg
C:\Program Files\Web Media Player\images\lci.jpg
C:\Program Files\Web Media Player\images\lcp.jpg
C:\Program Files\Web Media Player\images\le mouv.jpg
C:\Program Files\Web Media Player\images\letsgozik.gif
C:\Program Files\Web Media Player\images\liberty tv.jpg
C:\Program Files\Web Media Player\images\linas jazz.GIF
C:\Program Files\Web Media Player\images\logo.bmp
C:\Program Files\Web Media Player\images\logo.JPG
C:\Program Files\Web Media Player\images\lyon FM.gif
C:\Program Files\Web Media Player\images\lyon tv.jpg
C:\Program Files\Web Media Player\images\m6.jpg
C:\Program Files\Web Media Player\images\madikera mix.jpg
C:\Program Files\Web Media Player\images\mediatropical.jpg
C:\Program Files\Web Media Player\images\meteo-fr2.jpg
C:\Program Files\Web Media Player\images\meteo-fr3.jpg
C:\Program Files\Web Media Player\images\meteo-tf1.jpg
C:\Program Files\Web Media Player\images\meteo france.jpg
C:\Program Files\Web Media Player\images\mfm.jpg
C:\Program Files\Web Media Player\images\microphone.gif
C:\Program Files\Web Media Player\images\min_blonde.jpg
C:\Program Files\Web Media Player\images\minblode.JPG
C:\Program Files\Web Media Player\images\ministery of sound.jpg
C:\Program Files\Web Media Player\images\mint.jpg
C:\Program Files\Web Media Player\images\mistral fm.gif
C:\Program Files\Web Media Player\images\mizik tv.jpg
C:\Program Files\Web Media Player\images\mona fm.gif
C:\Program Files\Web Media Player\images\MTI.gif
C:\Program Files\Web Media Player\images\net fm.gif
C:\Program Files\Web Media Player\images\news fm.gif
C:\Program Files\Web Media Player\images\NGTV.JPG
C:\Program Files\Web Media Player\images\normandie fm.gif
C:\Program Files\Web Media Player\images\normandie tv.JPG
C:\Program Files\Web Media Player\images\nostalgie.JPG
C:\Program Files\Web Media Player\images\note.gif
C:\Program Files\Web Media Player\images\note.jpg
C:\Program Files\Web Media Player\images\Nouveau Image bitmap.bmp
C:\Program Files\Web Media Player\images\nova radio.jpg
C:\Program Files\Web Media Player\images\nrj.JPG
C:\Program Files\Web Media Player\images\NT1.jpg
C:\Program Files\Web Media Player\images\ods radio.gif
C:\Program Files\Web Media Player\images\Open.gif
C:\Program Files\Web Media Player\images\options.gif
C:\Program Files\Web Media Player\images\orleans tv.JPG
C:\Program Files\Web Media Player\images\ouest fm.gif
C:\Program Files\Web Media Player\images\ouifm.JPG
C:\Program Files\Web Media Player\images\oxygene fm.GIF
C:\Program Files\Web Media Player\images\paris cap.JPG
C:\Program Files\Web Media Player\images\pas des anges.JPG
C:\Program Files\Web Media Player\images\perpignan tv.JPG
C:\Program Files\Web Media Player\images\plein air.jpg
C:\Program Files\Web Media Player\images\pointroute.gif
C:\Program Files\Web Media Player\images\ptroute.gif
C:\Program Files\Web Media Player\images\public sante.gif
C:\Program Files\Web Media Player\images\puls radio.gif
C:\Program Files\Web Media Player\images\pure fm.gif
C:\Program Files\Web Media Player\images\quartz.jpg
C:\Program Files\Web Media Player\images\radio +.gif
C:\Program Files\Web Media Player\images\radio +.JPG
C:\Program Files\Web Media Player\images\radio 6.gif
C:\Program Files\Web Media Player\images\radio 74.gif
C:\Program Files\Web Media Player\images\radio 8.gif
C:\Program Files\Web Media Player\images\radio canut.jpg
C:\Program Files\Web Media Player\images\radio city.jpg
C:\Program Files\Web Media Player\images\radio contact.jpg
C:\Program Files\Web Media Player\images\radio cote azur.jpg
C:\Program Files\Web Media Player\images\radio courtoisie.gif
C:\Program Files\Web Media Player\images\radio dreyeckland.gif
C:\Program Files\Web Media Player\images\radio espace.gif
C:\Program Files\Web Media Player\images\radio latina.gif
C:\Program Files\Web Media Player\images\radio orient.gif
C:\Program Files\Web Media Player\images\radio plus.jpg
C:\Program Files\Web Media Player\images\radio scoop.jpg
C:\Program Files\Web Media Player\images\radio si.gif
C:\Program Files\Web Media Player\images\radio star marseille.gif
C:\Program Files\Web Media Player\images\radio tempo.jpg
C:\Program Files\Web Media Player\images\radio wave.gif
C:\Program Files\Web Media Player\images\radio.gif
C:\Program Files\Web Media Player\images\radiolatina.JPG
C:\Program Files\Web Media Player\images\rado espace.gif
C:\Program Files\Web Media Player\images\rap.JPG
C:\Program Files\Web Media Player\images\refesh.jpg
C:\Program Files\Web Media Player\images\refresh.gif
C:\Program Files\Web Media Player\images\resonnance.gif
C:\Program Files\Web Media Player\images\rfi.gif
C:\Program Files\Web Media Player\images\rfm.JPG
C:\Program Files\Web Media Player\images\RFO.JPG
C:\Program Files\Web Media Player\images\rires.JPG
C:\Program Files\Web Media Player\images\rmcinfo.JPG
C:\Program Files\Web Media Player\images\rnb.JPG
C:\Program Files\Web Media Player\images\rne.jpg
C:\Program Files\Web Media Player\images\rock_fm_tr.gif
C:\Program Files\Web Media Player\images\rtbf.gif
C:\Program Files\Web Media Player\images\rtc.jpg
C:\Program Files\Web Media Player\images\rtl.JPG
C:\Program Files\Web Media Player\images\rtl2.JPG
C:\Program Files\Web Media Player\images\rtv.jpg
C:\Program Files\Web Media Player\images\rve.gif
C:\Program Files\Web Media Player\images\saint malo tv.JPG
C:\Program Files\Web Media Player\images\samantha.jpg
C:\Program Files\Web Media Player\images\scoplia.jpg
C:\Program Files\Web Media Player\images\seven tv.JPG
C:\Program Files\Web Media Player\images\SkyNewsLogo130.gif
C:\Program Files\Web Media Player\images\skyrock.JPG
C:\Program Files\Web Media Player\images\soir 3.jpg
C:\Program Files\Web Media Player\images\soleiltv.jpg
C:\Program Files\Web Media Player\images\sportFm.gif
C:\Program Files\Web Media Player\images\st tropez webradio.gif
C:\Program Files\Web Media Player\images\star radio.jpg
C:\Program Files\Web Media Player\images\stop.jpg
C:\Program Files\Web Media Player\images\stop2.gif
C:\Program Files\Web Media Player\images\stop2.jpg
C:\Program Files\Web Media Player\images\sudradio.JPG
C:\Program Files\Web Media Player\images\sunvibz.gif
C:\Program Files\Web Media Player\images\synergie.gif
C:\Program Files\Web Media Player\images\synergie.jpg
C:\Program Files\Web Media Player\images\systray.gif
C:\Program Files\Web Media Player\images\teepik.jpg
C:\Program Files\Web Media Player\images\tele essone.JPG
C:\Program Files\Web Media Player\images\telebruxelles.gif
C:\Program Files\Web Media Player\images\telesambre.jpg
C:\Program Files\Web Media Player\images\telif.jpg
C:\Program Files\Web Media Player\images\tf1-jt-13h.jpg
C:\Program Files\Web Media Player\images\tf1-jt-20h.jpg
C:\Program Files\Web Media Player\images\TF1%20PERNAUD.jpg
C:\Program Files\Web Media Player\images\tf1.jpg
C:\Program Files\Web Media Player\images\Tf1_13h.JPG
C:\Program Files\Web Media Player\images\tf1_jt_20h.jpg
C:\Program Files\Web Media Player\images\tfc tv.jpg
C:\Program Files\Web Media Player\images\the lol tv.JPG
C:\Program Files\Web Media Player\images\title.bmp
C:\Program Files\Web Media Player\images\title.gif
C:\Program Files\Web Media Player\images\tlm.gif
C:\Program Files\Web Media Player\images\TLM.jpg
C:\Program Files\Web Media Player\images\top music.gif
C:\Program Files\Web Media Player\images\trafic.JPG
C:\Program Files\Web Media Player\images\tsr.gif
C:\Program Files\Web Media Player\images\télé 102.JPG
C:\Program Files\Web Media Player\images\tumbuktoo.JPG
C:\Program Files\Web Media Player\images\tv alsace.JPG
C:\Program Files\Web Media Player\images\tv caraibes.gif
C:\Program Files\Web Media Player\images\tv grenoble.jpg
C:\Program Files\Web Media Player\images\TV.gif
C:\Program Files\Web Media Player\images\TV2.gif
C:\Program Files\Web Media Player\images\TV3.gif
C:\Program Files\Web Media Player\images\tv8 mont blanc.jpg
C:\Program Files\Web Media Player\images\tve.jpg
C:\Program Files\Web Media Player\images\TVSF.JPG
C:\Program Files\Web Media Player\images\vendredi pet.jpg
C:\Program Files\Web Media Player\images\vibra.JPG
C:\Program Files\Web Media Player\images\vibration.gif
C:\Program Files\Web Media
C:\Program Files\Web Media Player\images\villagesFM.JPG
C:\Program Files\Web Media Player\images\vitamine.gif
C:\Program Files\Web Media Player\images\vivacité.jpg
C:\Program Files\Web Media Player\images\voltage.gif
C:\Program Files\Web Media Player\images\vpro.jpg
C:\Program Files\Web Media Player\images\vrai_journal.jpg
C:\Program Files\Web Media Player\images\vraijournal.gif
C:\Program Files\Web Media Player\images\vtm.jpg
C:\Program Files\Web Media Player\images\wam TV.JPG
C:\Program Files\Web Media Player\images\web tv 1.gif
C:\Program Files\Web Media Player\images\web tv1.gif
C:\Program Files\Web Media Player\images\wit fm.gif
C:\Program Files\Web Media Player\images\wmp.gif
C:\Program Files\Web Media Player\images\wmp.jpg
C:\Program Files\Web Media Player\images\wmp2.gif
C:\Program Files\Web Media Player\images\x-stream80.jpg
C:\Program Files\Web Media Player\images\xtreme.jpg
C:\Program Files\Web Media Player\images\zapping.JPG
C:\Program Files\Web Media Player\images\ziktubesradio.jpg
C:\Program Files\Web Media Player\images\ZiOne.gif
C:\Program Files\Web Media Player\images\zone 80.jpg
C:\Program Files\Web Media Player\License.txt
C:\Program Files\Web Media Player\unins000.dat
C:\Program Files\Web Media Player\unins000.exe
C:\Program Files\Web Media Player\VB6FR.DLL
C:\Program Files\Web Media Player\webMedia0.64.1.exe
C:\Program Files\Web Media Player\webMedia0.64.1.url
C:\Program Files\Web Media Player\wheel.ctl
C:\Program Files\Web Media Player\wmpdatabase.wmedia
C:\Program Files\Web Media Player\wmpdatabase2.wmedia
C:\Program Files\WinZix
C:\Program Files\WinZix\Flexi.skf
C:\Program Files\WinZix\minime.exe
C:\Program Files\WinZix\search_error.htm
C:\Program Files\WinZix\settings.ini
C:\Program Files\WinZix\settings.stp
C:\Program Files\WinZix\SkinCrafterDll.dll
C:\Program Files\WinZix\support_error.htm
C:\Program Files\WinZix\t_bg.jpg
C:\Program Files\WinZix\unins000.dat
C:\Program Files\WinZix\unins000.exe
C:\Program Files\WinZix\winzix.exe
C:\Program Files\WinZix\WinZixManager.dll
C:\Program Files\YesMessenger
C:\Program Files\YesMessenger\conditions.txt
C:\Program Files\YesMessenger\mfc42d.dll
C:\Program Files\YesMessenger\MFCO42D.DLL
C:\Program Files\YesMessenger\Msvcp60d.dll
C:\Program Files\YesMessenger\MSVCRTD.DLL
C:\Program Files\YesMessenger\unins000.dat
C:\Program Files\YesMessenger\unins000.exe
C:\Program Files\YesMessenger\UpdateRes.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\YesMessenger\Yesuninstall.exe
C:\qbptb.exe~
C:\WINDOWS\cdmxtras
C:\WINDOWS\cdmxtras\uninst.exe
C:\WINDOWS\LBTWiz.exe~
C:\WINDOWS\LBTWiz.MSNFix
C:\WINDOWS\Nokia_19_jpg.MSNFix
C:\WINDOWS\photo album
C:\WINDOWS\photo album.MSNFix
C:\WINDOWS\photo album\photo album2007.pif
C:\WINDOWS\system\bpmdm32.dll
C:\WINDOWS\system32\36.tmp
C:\WINDOWS\system32\alm7tas.exe
C:\WINDOWS\system32\crehcjid.dll
C:\WINDOWS\system32\dllcache\mlqm.exe
C:\WINDOWS\system32\dllcache\wintcps.exe
C:\WINDOWS\system32\ipv6motp.dll
C:\WINDOWS\system32\jfiehayd.dll
C:\WINDOWS\system32\P2P Networking v126.cpl
C:\WINDOWS\system32\P2P Networking
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10001-128.sig
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-5001-2923253610.sig
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\WINDOWS\system32\rdihost.MSNFix
C:\WINDOWS\system32\tcpip_patcher.sys
C:\WINDOWS\yes_messenger.ini
C:\WINDOWS\yesmessenger.ini
C:\WINDOWS\zeqbqwp.sys
C:\xx7c7c3n5d8d.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_zeqbqwp
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 12:35:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 12:31:03 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 14:40:32
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 14:41:50
ComboFix-quarantined-files.txt 2008-04-22 12:41:40
ComboFix2.txt 2008-04-21 18:59:16
Pre-Run: 7,861,362,688 octets libres
Post-Run: 7,854,374,912 octets libres
1278
C:\Program Files\Web Media Player\images\vitamine.gif
C:\Program Files\Web Media Player\images\vivacité.jpg
C:\Program Files\Web Media Player\images\voltage.gif
C:\Program Files\Web Media Player\images\vpro.jpg
C:\Program Files\Web Media Player\images\vrai_journal.jpg
C:\Program Files\Web Media Player\images\vraijournal.gif
C:\Program Files\Web Media Player\images\vtm.jpg
C:\Program Files\Web Media Player\images\wam TV.JPG
C:\Program Files\Web Media Player\images\web tv 1.gif
C:\Program Files\Web Media Player\images\web tv1.gif
C:\Program Files\Web Media Player\images\wit fm.gif
C:\Program Files\Web Media Player\images\wmp.gif
C:\Program Files\Web Media Player\images\wmp.jpg
C:\Program Files\Web Media Player\images\wmp2.gif
C:\Program Files\Web Media Player\images\x-stream80.jpg
C:\Program Files\Web Media Player\images\xtreme.jpg
C:\Program Files\Web Media Player\images\zapping.JPG
C:\Program Files\Web Media Player\images\ziktubesradio.jpg
C:\Program Files\Web Media Player\images\ZiOne.gif
C:\Program Files\Web Media Player\images\zone 80.jpg
C:\Program Files\Web Media Player\License.txt
C:\Program Files\Web Media Player\unins000.dat
C:\Program Files\Web Media Player\unins000.exe
C:\Program Files\Web Media Player\VB6FR.DLL
C:\Program Files\Web Media Player\webMedia0.64.1.exe
C:\Program Files\Web Media Player\webMedia0.64.1.url
C:\Program Files\Web Media Player\wheel.ctl
C:\Program Files\Web Media Player\wmpdatabase.wmedia
C:\Program Files\Web Media Player\wmpdatabase2.wmedia
C:\Program Files\WinZix
C:\Program Files\WinZix\Flexi.skf
C:\Program Files\WinZix\minime.exe
C:\Program Files\WinZix\search_error.htm
C:\Program Files\WinZix\settings.ini
C:\Program Files\WinZix\settings.stp
C:\Program Files\WinZix\SkinCrafterDll.dll
C:\Program Files\WinZix\support_error.htm
C:\Program Files\WinZix\t_bg.jpg
C:\Program Files\WinZix\unins000.dat
C:\Program Files\WinZix\unins000.exe
C:\Program Files\WinZix\winzix.exe
C:\Program Files\WinZix\WinZixManager.dll
C:\Program Files\YesMessenger
C:\Program Files\YesMessenger\conditions.txt
C:\Program Files\YesMessenger\mfc42d.dll
C:\Program Files\YesMessenger\MFCO42D.DLL
C:\Program Files\YesMessenger\Msvcp60d.dll
C:\Program Files\YesMessenger\MSVCRTD.DLL
C:\Program Files\YesMessenger\unins000.dat
C:\Program Files\YesMessenger\unins000.exe
C:\Program Files\YesMessenger\UpdateRes.exe
C:\Program Files\YesMessenger\YesMessenger.exe
C:\Program Files\YesMessenger\Yesuninstall.exe
C:\qbptb.exe~
C:\WINDOWS\cdmxtras
C:\WINDOWS\cdmxtras\uninst.exe
C:\WINDOWS\LBTWiz.exe~
C:\WINDOWS\LBTWiz.MSNFix
C:\WINDOWS\Nokia_19_jpg.MSNFix
C:\WINDOWS\photo album
C:\WINDOWS\photo album.MSNFix
C:\WINDOWS\photo album\photo album2007.pif
C:\WINDOWS\system\bpmdm32.dll
C:\WINDOWS\system32\36.tmp
C:\WINDOWS\system32\alm7tas.exe
C:\WINDOWS\system32\crehcjid.dll
C:\WINDOWS\system32\dllcache\mlqm.exe
C:\WINDOWS\system32\dllcache\wintcps.exe
C:\WINDOWS\system32\ipv6motp.dll
C:\WINDOWS\system32\jfiehayd.dll
C:\WINDOWS\system32\P2P Networking v126.cpl
C:\WINDOWS\system32\P2P Networking
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-10001-128.sig
C:\WINDOWS\system32\P2P Networking\Cache\Database\file-5001-2923253610.sig
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\WINDOWS\system32\rdihost.MSNFix
C:\WINDOWS\system32\tcpip_patcher.sys
C:\WINDOWS\yes_messenger.ini
C:\WINDOWS\yesmessenger.ini
C:\WINDOWS\zeqbqwp.sys
C:\xx7c7c3n5d8d.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_zeqbqwp
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:52 . 2005-08-17 14:55 98,709 --a------ C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 11:19 . 2008-04-12 15:01 2,816 --a------ C:\Documents and Settings\BoobFan\msdirect.sys
2008-04-12 10:58 . 2008-04-12 11:01 2 --a------ C:\-119436011
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 12:35:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P2P Networking"="C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 12:31:03 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 14:40:32
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 14:41:50
ComboFix-quarantined-files.txt 2008-04-22 12:41:40
ComboFix2.txt 2008-04-21 18:59:16
Pre-Run: 7,861,362,688 octets libres
Post-Run: 7,854,374,912 octets libres
1278
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:26, on 2008-04-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\z_Drivers\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\z_Drivers\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [CDriver] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [DDriver] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [alpha] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [beta] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [gamma] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [CDriver] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [DDriver] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [alpha] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [beta] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [gamma] c:\z_Drivers\svchost.exe
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DriverLoad] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DriverCheck] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [SystemDriverLoad] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [SystemDriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [FDriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [ADriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [CDriver] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DDriver] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [alpha] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [beta] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [gamma] c:\z_Drivers\svchost.exe (User '?')
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe (User '?')
O4 - Startup: Scheduler.lnk = C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
--
End of file - 6850 bytes
Voilà, toujour des messages d'erreur mais l'ordi marche bcp mieux![;)]( ";)")
!
Scan saved at 16:26, on 2008-04-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\z_Drivers\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\z_Drivers\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\z_Drivers\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [CDriver] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [DDriver] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [alpha] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [beta] c:\z_Drivers\svchost.exe
O4 - HKCU\..\Run: [gamma] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [CDriver] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [DDriver] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [alpha] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [beta] c:\z_Drivers\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [gamma] c:\z_Drivers\svchost.exe
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DriverLoad] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DriverCheck] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [SystemDriverLoad] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [SystemDriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [FDriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [ADriver] (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [CDriver] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [DDriver] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [alpha] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [beta] c:\z_Drivers\svchost.exe (User '?')
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [gamma] c:\z_Drivers\svchost.exe (User '?')
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe (User '?')
O4 - Startup: Scheduler.lnk = C:\Program Files\3B Software\Common\Scheduler\wcomschd.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
--
End of file - 6850 bytes
Voilà, toujour des messages d'erreur mais l'ordi marche bcp mieux
!
Encore bien infecté.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
re
SDFix: Version 1.173
Run by BoobFan on 2008-04-22 at 16:57
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\-11943~1 - Deleted
C:\Documents and Settings\BoobFan\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareCrush 3.7.lnk - Deleted
C:\Documents and Settings\BoobFan\msdirect.sys - Deleted
C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 17:01:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
"appinit_dlls"=""
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe:*:Enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Documents and Settings\\BoobFan\\Application Data\\printer.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Menu D‚marrer\\Programmes\\D‚marrage\\findfast.exe"="C:\\Documents and Settings\\BoobFan\\Menu D‚marrer\\Programmes\\D‚marrage\\findfast.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\All Users\\Menu D‚marrer\\Programmes\\D‚marrage\\autorun.exe"="C:\\Documents and Settings\\All Users\\Menu D‚marrer\\Programmes\\D‚marrage\\autorun.exe:*:Enabled:@xpsp2res.dll,-22019"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Application Data\\mcrupdate.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe:*:Enabled:@xpsp2res.dll,-22019"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Thu 5 Aug 2004 93,184 A.SH. --- "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
Sun 23 Mar 2008 4 A..H. --- "C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\wtslist.tmpp"
Finished!
SDFix: Version 1.173
Run by BoobFan on 2008-04-22 at 16:57
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\-11943~1 - Deleted
C:\Documents and Settings\BoobFan\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareCrush 3.7.lnk - Deleted
C:\Documents and Settings\BoobFan\msdirect.sys - Deleted
C:\Documents and Settings\BoobFan\Application Data\sysdefender.exe - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 17:01:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
"appinit_dlls"=""
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe:*:Enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Documents and Settings\\BoobFan\\Application Data\\printer.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Menu D‚marrer\\Programmes\\D‚marrage\\findfast.exe"="C:\\Documents and Settings\\BoobFan\\Menu D‚marrer\\Programmes\\D‚marrage\\findfast.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\All Users\\Menu D‚marrer\\Programmes\\D‚marrage\\autorun.exe"="C:\\Documents and Settings\\All Users\\Menu D‚marrer\\Programmes\\D‚marrage\\autorun.exe:*:Enabled:@xpsp2res.dll,-22019"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Application Data\\mcrupdate.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe"="C:\\Documents and Settings\\BoobFan\\Application Data\\sysdefender.exe:*:Enabled:@xpsp2res.dll,-22019"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Thu 5 Aug 2004 93,184 A.SH. --- "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
Sun 23 Mar 2008 4 A..H. --- "C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\wtslist.tmpp"
Finished!
Voilou
ComboFix 08-04-20.2 - BoobFan 2008-04-22 18:00:28.7 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 15:06:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-22 14:56:01 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:56:01 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-22 14:55:59 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:55:59 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 15:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 18:01:38
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 18:02:26
ComboFix-quarantined-files.txt 2008-04-22 16:02:21
ComboFix2.txt 2008-04-22 12:41:51
ComboFix3.txt 2008-04-21 18:59:16
Pre-Run: 7,805,054,976 octets libres
Post-Run: 7,818,403,840 octets libres
144
ComboFix 08-04-20.2 - BoobFan 2008-04-22 18:00:28.7 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 17:13 . 2008-03-23 17:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Circle Developement
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 15:06:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-22 14:56:01 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:56:01 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-22 14:55:59 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:55:59 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"="" []
"DriverCheck"="" []
"SystemDriverLoad"="" []
"alpha"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"beta"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"gamma"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"SystemDriver"="" []
"FDriver"="" []
"ADriver"="" []
"CDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
"DDriver"="c:\z_Drivers\svchost.exe" [2008-04-12 11:19 198144]
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"= c:\z_Drivers\svchost.exe
"DDriver"= c:\z_Drivers\svchost.exe
"alpha"= c:\z_Drivers\svchost.exe
"beta"= c:\z_Drivers\svchost.exe
"gamma"= c:\z_Drivers\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 15:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 18:01:38
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 18:02:26
ComboFix-quarantined-files.txt 2008-04-22 16:02:21
ComboFix2.txt 2008-04-22 12:41:51
ComboFix3.txt 2008-04-21 18:59:16
Pre-Run: 7,805,054,976 octets libres
Post-Run: 7,818,403,840 octets libres
144
Re,
[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
![]()
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
File::
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\WINDOWS\Nokia_19_jpg
Folder::
C:\Documents and Settings\BoobFan\Application Data\BullGuard
C:\Documents and Settings\All Users\Application Data\BullGuard
C:\Program Files\Circle Developement
C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
C:\Documents and Settings\BoobFan\Application Data\NetPumper
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"=-
"DriverCheck"=-
"SystemDriverLoad"=-
"alpha"=-
"beta"=-
"gamma"=-
"SystemDriver"=-
"FDriver"=-
"ADriver"=-
"CDriver"=-
"DDriver"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"=-
"DDriver"=-
"alpha"=-
"beta"=-
"gamma"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ ]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨ ]
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\WINDOWS\Nokia_19_jpg
Folder::
C:\Documents and Settings\BoobFan\Application Data\BullGuard
C:\Documents and Settings\All Users\Application Data\BullGuard
C:\Program Files\Circle Developement
C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
C:\Documents and Settings\BoobFan\Application Data\NetPumper
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverLoad"=-
"DriverCheck"=-
"SystemDriverLoad"=-
"alpha"=-
"beta"=-
"gamma"=-
"SystemDriver"=-
"FDriver"=-
"ADriver"=-
"CDriver"=-
"DDriver"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"CDriver"=-
"DDriver"=-
"alpha"=-
"beta"=-
"gamma"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ ]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨ ]
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
re
ComboFix 08-04-20.2 - BoobFan 2008-04-22 18:17:25.8 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
Command switches used :: C:\Documents and Settings\BoobFan\Bureau\CFScript.txt
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
FILE ::
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\WINDOWS\Nokia_19_jpg
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\BullGuard
C:\Documents and Settings\All Users\Application Data\BullGuard\BGMainSvc.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BgSupport.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsFileScan.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsFwall.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsMailProxy.log
C:\Documents and Settings\All Users\Application Data\BullGuard\LiveService.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\Firewall\fw-2008-03-23.txt
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\LiveUpdate.BoobFan.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\OnAccess.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\OnAccessMail.log
C:\Documents and Settings\All Users\Application Data\BullGuard\pattern.ini
C:\Documents and Settings\All Users\Application Data\BullGuard\support\fabricepd@hotmail.fr\messages\local.db
C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\BgSpamPort.ini
C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\wtslist.tmpp
C:\Documents and Settings\All Users\Application Data\BullGuard\words.db
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 15:06:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-22 14:56:01 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:56:01 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-22 14:55:59 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:55:59 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 15:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 18:18:26
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 18:19:04
ComboFix-quarantined-files.txt 2008-04-22 16:19:00
ComboFix2.txt 2008-04-22 16:02:27
ComboFix3.txt 2008-04-22 12:41:51
ComboFix4.txt 2008-04-21 18:59:16
Pre-Run: 7,819,239,424 octets libres
Post-Run: 7,815,172,096 octets libres
150
ComboFix 08-04-20.2 - BoobFan 2008-04-22 18:17:25.8 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
Command switches used :: C:\Documents and Settings\BoobFan\Bureau\CFScript.txt
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
FILE ::
C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
C:\WINDOWS\Nokia_19_jpg
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\BullGuard
C:\Documents and Settings\All Users\Application Data\BullGuard\BGMainSvc.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BgSupport.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsFileScan.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsFwall.log
C:\Documents and Settings\All Users\Application Data\BullGuard\BsMailProxy.log
C:\Documents and Settings\All Users\Application Data\BullGuard\LiveService.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\Firewall\fw-2008-03-23.txt
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\LiveUpdate.BoobFan.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\OnAccess.log
C:\Documents and Settings\All Users\Application Data\BullGuard\Logs\OnAccessMail.log
C:\Documents and Settings\All Users\Application Data\BullGuard\pattern.ini
C:\Documents and Settings\All Users\Application Data\BullGuard\support\fabricepd@hotmail.fr\messages\local.db
C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\BgSpamPort.ini
C:\Documents and Settings\All Users\Application Data\BullGuard\Temp\wtslist.tmpp
C:\Documents and Settings\All Users\Application Data\BullGuard\words.db
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))))))
.
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:37 . 2005-08-17 19:36 18,944 --a------ C:\Documents and Settings\BoobFan\Application Data\nvsvc1024.dll
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 11:19 . 2008-04-12 11:19 <REP> d-------- C:\z_Drivers
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
2008-03-22 20:04 . 2008-03-22 20:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 19:06 . 2008-03-22 19:06 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 19:04 . 2008-03-22 19:04 <REP> d-------- C:\Program Files\Google
2008-03-22 19:04 . 2008-04-22 14:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-22 18:42 . 2008-03-22 18:42 <REP> d-------- C:\Program Files\Software Assist
2008-03-22 18:42 . 2003-08-05 17:08 348,160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll
2008-03-22 18:42 . 2003-06-06 12:21 81,920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll
2008-03-22 18:41 . 1998-02-06 23:37 299,520 --a------ C:\WINDOWS\uninst.exe
2008-03-22 18:19 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\MSN Messenger
2008-03-22 16:57 . 2008-03-22 16:57 <REP> d-------- C:\WINDOWS\system32\MsDtc
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-04-12 08:55 359,040 ------w C:\WINDOWS\system32\drivers\tcpip.sys
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
.
------- Sigcheck -------
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-12 10:55 359040 3bb4b08619c111c7be8bda07aa0de6a2 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 21:41:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-22 15:06:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-04-22 14:56:01 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:56:01 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-04-21 00:32:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-22 14:55:59 1,667,072 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-04-22 14:55:59 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-04-20 21:42:28 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2008-04-21 10:13:53 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-20 21:42:28 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2008-04-21 10:13:53 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
C:\Documents and Settings\BoobFan\Menu D‚marrer\Programmes\D‚marrage\
Scheduler.lnk - C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir [2008-03-22 19:59:49 464240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\°xˆ]
°xˆ
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Ѐ¨]
Ѐ¨
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch REG_MULTI_SZ DcomLaunch
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-30 16:03:35 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart.BoobFan+Runs ErrorSmart to optimize your registry.
"2008-04-22 15:31:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 18:18:26
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-22 18:19:04
ComboFix-quarantined-files.txt 2008-04-22 16:19:00
ComboFix2.txt 2008-04-22 16:02:27
ComboFix3.txt 2008-04-22 12:41:51
ComboFix4.txt 2008-04-21 18:59:16
Pre-Run: 7,819,239,424 octets libres
Post-Run: 7,815,172,096 octets libres
150
Hop :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:31, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir (User '?')
O4 - Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
--
End of file - 4709 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:31, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir (User '?')
O4 - Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS1\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O17 - HKLM\System\CS2\Services\Tcpip\..\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}: NameServer = 85.255.115.36,85.255.112.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.36 85.255.112.151
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
--
End of file - 4709 bytes
Re,
Installe d'ugence l'antivirus AntiVir.
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
----------
-> Démarrer
-> Exécuter...
Tape Services.msc puis valide
Double clique sur Logitech QuickCam Manager
Type de démarrage : "Désactiver"
Clique en bas sur "Arrêter"
Valide les changements.
Recommence avec : Microsoft Windows TCP Protocol
-----
Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape logitech quickcam manager puis valide.
Recommence avec : microsoft windows tcp protocol
----------
&
Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.
Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
**Si le lien ne fonctionne pas, clique [#ff0000]ici**
Lance le fix (FixWareout.exe), clique sur Next puis Install.
Assure-toi que Run fixit soit bien activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Au final, poste le contenu du rapport C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
Installe d'ugence l'antivirus AntiVir.
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir (User '?')
O4 - Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] YYYYYYYYFR O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
O3 - Toolbar: Need2Find Bar - {4D1C4E89-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O4 - S-1-5-21-436374069-1993962763-1060284298-1002 Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir (User '?')
O4 - Startup: Scheduler.lnk = C:\QooBox\Quarantine\C\Program Files\3B Software\Common\Scheduler\wcomschd.exe.vir
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] YYYYYYYYFR O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O20 - Winlogon Notify: °xˆ - °xˆ (file missing)
O20 - Winlogon Notify: Ѐ¨ - Ѐ¨ (file missing)
O23 - Service: Logitech QuickCam Manager (logitech quickcam manager) - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing)
O23 - Service: Microsoft Windows TCP Protocol (microsoft windows tcp protocol) - Unknown owner - C:\WINDOWS\system32\dllcache\wintcps.exe (file missing)
----------
-> Démarrer
-> Exécuter...
Tape Services.msc puis valide
Double clique sur Logitech QuickCam Manager
Type de démarrage : "Désactiver"
Clique en bas sur "Arrêter"
Valide les changements.
Recommence avec : Microsoft Windows TCP Protocol
-----
Ouvre Hijackthis puis:
-> Open the Misc Tools Section
-> Delete an NT Service
Tape logitech quickcam manager puis valide.
Recommence avec : microsoft windows tcp protocol
----------
&
Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.
Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
**Si le lien ne fonctionne pas, clique [#ff0000]ici**
Lance le fix (FixWareout.exe), clique sur Next puis Install.
Assure-toi que Run fixit soit bien activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Au final, poste le contenu du rapport C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
rapport fixcareout :
Username "BoobFan" - 22/04/2008 19:41:26 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.36 85.255.112.151" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}
"nameserver"="85.255.115.36,85.255.112.151" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{C0A05393-3F17-42D5-B476-DD4ADC5AA5B3}
"DhcpNameServer"="85.255.115.36,85.255.112.151" <Value cleared.
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
Username "BoobFan" - 22/04/2008 19:41:26 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.36 85.255.112.151" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{77B11B95-ACF6-4AF0-994A-A7D2D7A800F6}
"nameserver"="85.255.115.36,85.255.112.151" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{C0A05393-3F17-42D5-B476-DD4ADC5AA5B3}
"DhcpNameServer"="85.255.115.36,85.255.112.151" <Value cleared.
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
hey voici le rapport mbam demande plus haut
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 670
Type de recherche: Examen complet (C:\|)
Eléments examinés: 44262
Temps écoulé: 19 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 128
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 49
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videokey (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videokey (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RX ToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VideoKey (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\z_Drivers (Trojan.Downloader) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Files-Secure\secure.exe.vir (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Spyware-Secure\Spyware-Secure_trial.exe.vir (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\VideoKey\Uninstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028216.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0001049.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0001051.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0003199.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010451.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024849.exe (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024889.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024900.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Files Secure 2.1.lnk (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\MalwareCrush.lnk (Rogue.MalwareCrush) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
Je poset la suite ...
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 670
Type de recherche: Examen complet (C:\|)
Eléments examinés: 44262
Temps écoulé: 19 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 128
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 49
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3} (Adware.Need2Find) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\oberontb.band.1 (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videokey (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videokey (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RXToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RX ToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VideoKey (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\z_Drivers (Trojan.Downloader) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Files-Secure\secure.exe.vir (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\Spyware-Secure\Spyware-Secure_trial.exe.vir (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Program Files\VideoKey\Uninstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028216.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0001049.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0001051.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0003199.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010451.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024849.exe (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024889.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024900.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Files Secure 2.1.lnk (Rogue.Files-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\MalwareCrush.lnk (Rogue.MalwareCrush) -> Quarantined and deleted successfully.
C:\Documents and Settings\BoobFan\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
Je poset la suite ...
Antivir :
Avira AntiVir Personal
Report file date: mardi 22 avril 2008 22:22
Scanning for 1165085 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: XMICHOUX
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 22 avril 2008 22:22
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'mbam.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
23 processes with 23 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '13' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\BoobFan\Bureau\Upload_Me.zip
[0] Archive type: ZIP
--> DOCUME~1/BoobFan/Bureau/Upload_Me/flvm.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/flvm.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/BoobFan/Bureau/Upload_Me/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/BoobFan/Bureau/Upload_Me/photo album.zip
[1] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
--> DOCUME~1/BoobFan/Bureau/Upload_Me/prplu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/qbptb.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/xx7c7c3n5d8d.exe
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\Documents and Settings\BoobFan\Bureau\MSNFix\MSNFix\21042008_14570901.zip
[0] Archive type: ZIP
--> backup/carlton
[DETECTION] Is the Trojan horse TR/Dialer.US.7
--> backup/flvm.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> backup/flvm.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> backup/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/photo album.zip
[1] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
--> backup/prplu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/rdihost.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\QooBox\Quarantine\catchme2008-04-20_234104.25.zip
[0] Archive type: ZIP
--> wowfx.dll
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\catchme2008-04-22_143405,08.zip
[0] Archive type: ZIP
--> zeqbqwp.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\qbptb.exe~.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\QooBox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Documents and Settings\BoobFan\Application Data\printer.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Documents and Settings\BoobFan\Menu Démarrer\Programmes\Démarrage\findfast.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Altnet\Download Manager\asm.exe.vir
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487b4abf.qua'!
C:\QooBox\Quarantine\C\Program Files\BitGrabber\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\BitRoll\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Circle Developement\Uninstall.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoCodec\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoCodec\WakeSplitter.ax.vir
[DETECTION] Is the Trojan horse TR/Obfuscated.IB.1
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoPlayer\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Carlson\carlton.MSNFix.vir
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\MailSkinner\MailSkinner.exe.vir
[DETECTION] Is the Trojan horse TR/Skintrim.A.1
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\MailSkinner\OLSkinner.dll.vir
[DETECTION] Is the Trojan horse TR/Skintrim.A.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\NetPumper\ZM\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\TorrentSoftware\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\WinZix\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\WinZix\WinZixManager.dll.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.WinZix.A
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\LBTWiz.exe~.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\LBTWiz.MSNFix.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\Nokia_19_jpg.MSNFix.vir
[0] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\photo album.MSNFix.vir
[0] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\shell.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\xpupdate.exe.vir
[DETECTION] Is the Trojan horse TR/Bravesentry.N.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\photo album\photo album2007.pif.vir
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system\bpmdm32.dll.vir
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\36.tmp.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\alm7tas.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.66560.21
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\crehcjid.dll.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\ipv6motp.dll.vir
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\jfiehayd.dll.vir
[DETECTION] Is the Trojan horse TR/Agent.10000.70
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\kdhsp.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\printer.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\rdihost.MSNFix.vir
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\spoolvs.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\wowfx.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\dllcache\mlqm.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Agent.fbl
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\dllcache\wintcps.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.389120.19
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\100224.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\54578.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\60416.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/msdirect.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
--> backups/sysdefender.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028195.dll
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028196.exe
[DETECTION] Is the Trojan horse TR/Dldr.Barrako
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0002108.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.V.7
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0006367.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JR
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0007365.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008370.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008384.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008392.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008398.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008399.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0009398.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0009399.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010404.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.SpywareSecure.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010412.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010413.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010428.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010457.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011455.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011456.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011457.exe
[DETECTION] Is the Trojan horse TR/Click.Delf.LP
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012455.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012456.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012467.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012479.dll
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012480.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.65536
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012481.exe
[DETECTION] Contains detection pattern of the dropper DR/Dldr.DNSChanger.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012482.exe
[DETECTION] Contains detection pattern of the dropper DR/Dldr.DNSChanger.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012483.dll
[DETECTION] Is the Trojan horse TR/Agent.18432
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012484.exe
[DETECTION] Is the Trojan horse TR/Agent.16384
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012485.dll
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012486.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.crx.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012487.sys
[DETECTION] Is the Trojan horse TR/Drop.Small.adg
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012488.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.53248.29
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012489.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.53248.29
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012490.dll
[DETECTION] Is the Trojan horse TR/Agent.FD.78
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012491.exe
[DETECTION] Is the Trojan horse TR/Dldr.Murlo.EK.47
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012492.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.eio
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012493.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012494.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.eio
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012495.exe
[DETECTION] Contains detection pattern of the dropper DR/Spy.Agent.IR.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012496.dll
[DETECTION] Is the Trojan horse TR/Agent.CS.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012497.exe
[DETECTION] Is the Trojan horse TR/Bravesentry.N.5
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012498.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012500.exe
[DETECTION] Is the Trojan horse TR/Dldr.Tiny.BN.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012501.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012503.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.V.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012504.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.IeDefender.CB
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012506.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.MalwareCrush.D.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012512.com
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.28672.12
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012513.com
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012518.exe
[DETECTION] Is the Trojan horse TR/Downloader.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019520.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019527.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019698.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019699.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019705.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019706.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019712.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019720.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019721.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019722.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024809.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '483e4b18.qua'!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024813.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024820.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024826.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024829.ax
[DETECTION] Is the Trojan horse TR/Obfuscated.IB.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024831.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024870.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024885.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024893.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024923.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024929.dll
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.WinZix.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024939.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024942.dll
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024943.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.66560.21
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024944.dll
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024945.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.fbl
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024946.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.389120.19
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024947.dll
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024948.dll
[DETECTION] Is the Trojan horse TR/Agent.10000.70
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024952.exe
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026973.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026974.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026979.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026980.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0028023.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
End of the scan: mardi 22 avril 2008 22:38
Used time: 15:28 min
The scan has been canceled!
1304 Scanning directories
58895 Files were scanned
146 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
130 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
58749 Files not concerned
445 Archives were scanned
6 Warnings
132 Notes
Avira AntiVir Personal
Report file date: mardi 22 avril 2008 22:22
Scanning for 1165085 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: XMICHOUX
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 22 avril 2008 22:22
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'mbam.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
23 processes with 23 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '13' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\BoobFan\Bureau\Upload_Me.zip
[0] Archive type: ZIP
--> DOCUME~1/BoobFan/Bureau/Upload_Me/flvm.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/flvm.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/BoobFan/Bureau/Upload_Me/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> DOCUME~1/BoobFan/Bureau/Upload_Me/photo album.zip
[1] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
--> DOCUME~1/BoobFan/Bureau/Upload_Me/prplu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/qbptb.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> DOCUME~1/BoobFan/Bureau/Upload_Me/xx7c7c3n5d8d.exe
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\Documents and Settings\BoobFan\Bureau\MSNFix\MSNFix\21042008_14570901.zip
[0] Archive type: ZIP
--> backup/carlton
[DETECTION] Is the Trojan horse TR/Dialer.US.7
--> backup/flvm.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> backup/flvm.exe~
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
--> backup/LBTWiz.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/Nokia_19_jpg.zip
[1] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
--> backup/photo album.zip
[1] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
--> backup/prplu.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/rdihost.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\QooBox\Quarantine\catchme2008-04-20_234104.25.zip
[0] Archive type: ZIP
--> wowfx.dll
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\catchme2008-04-22_143405,08.zip
[0] Archive type: ZIP
--> zeqbqwp.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\qbptb.exe~.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
C:\QooBox\Quarantine\C\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autorun.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Documents and Settings\BoobFan\Application Data\printer.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Documents and Settings\BoobFan\Menu Démarrer\Programmes\Démarrage\findfast.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Altnet\Download Manager\asm.exe.vir
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487b4abf.qua'!
C:\QooBox\Quarantine\C\Program Files\BitGrabber\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\BitRoll\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Circle Developement\Uninstall.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoCodec\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoCodec\WakeSplitter.ax.vir
[DETECTION] Is the Trojan horse TR/Obfuscated.IB.1
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\DivoPlayer\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Carlson\carlton.MSNFix.vir
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\Kazaa\My Shared Folder\kazaa327_en.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\MailSkinner\MailSkinner.exe.vir
[DETECTION] Is the Trojan horse TR/Skintrim.A.1
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\MailSkinner\OLSkinner.dll.vir
[DETECTION] Is the Trojan horse TR/Skintrim.A.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\NetPumper\ZM\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\TorrentSoftware\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\WinZix\minime.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Program Files\WinZix\WinZixManager.dll.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.WinZix.A
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\LBTWiz.exe~.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\LBTWiz.MSNFix.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\Nokia_19_jpg.MSNFix.vir
[0] Archive type: ZIP
--> www.Nokia_19_jpg-msn.com
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\photo album.MSNFix.vir
[0] Archive type: ZIP
--> photo album2007.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\shell.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\xpupdate.exe.vir
[DETECTION] Is the Trojan horse TR/Bravesentry.N.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\photo album\photo album2007.pif.vir
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system\bpmdm32.dll.vir
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\36.tmp.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\alm7tas.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.66560.21
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\crehcjid.dll.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\ipv6motp.dll.vir
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\jfiehayd.dll.vir
[DETECTION] Is the Trojan horse TR/Agent.10000.70
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\kdhsp.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\printer.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\rdihost.MSNFix.vir
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\spoolvs.exe.vir
[DETECTION] Is the Trojan horse TR/Qhost.Aes.10
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\wowfx.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\dllcache\mlqm.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Agent.fbl
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\dllcache\wintcps.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/SdBot.389120.19
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\100224.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\54578.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\60416.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was deleted!
C:\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/msdirect.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
--> backups/sysdefender.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028195.dll
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP10\A0028196.exe
[DETECTION] Is the Trojan horse TR/Dldr.Barrako
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP3\A0002108.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.V.7
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0006367.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.JR
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0007365.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008370.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008384.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008392.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008398.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP5\A0008399.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0009398.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0009399.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010404.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.SpywareSecure.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010412.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP6\A0010413.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010428.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0010457.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011455.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011456.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0011457.exe
[DETECTION] Is the Trojan horse TR/Click.Delf.LP
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012455.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012456.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012467.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012479.dll
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012480.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.65536
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012481.exe
[DETECTION] Contains detection pattern of the dropper DR/Dldr.DNSChanger.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012482.exe
[DETECTION] Contains detection pattern of the dropper DR/Dldr.DNSChanger.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012483.dll
[DETECTION] Is the Trojan horse TR/Agent.18432
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012484.exe
[DETECTION] Is the Trojan horse TR/Agent.16384
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012485.dll
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012486.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.crx.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012487.sys
[DETECTION] Is the Trojan horse TR/Drop.Small.adg
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012488.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.53248.29
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012489.exe
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.53248.29
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012490.dll
[DETECTION] Is the Trojan horse TR/Agent.FD.78
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012491.exe
[DETECTION] Is the Trojan horse TR/Dldr.Murlo.EK.47
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012492.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.eio
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012493.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012494.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.eio
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012495.exe
[DETECTION] Contains detection pattern of the dropper DR/Spy.Agent.IR.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012496.dll
[DETECTION] Is the Trojan horse TR/Agent.CS.8
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012497.exe
[DETECTION] Is the Trojan horse TR/Bravesentry.N.5
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012498.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012500.exe
[DETECTION] Is the Trojan horse TR/Dldr.Tiny.BN.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012501.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012503.exe
[DETECTION] Contains detection pattern of the dropper DR/Shopper.V.4
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012504.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.IeDefender.CB
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012506.exe
[DETECTION] Contains detection pattern of the dropper DR/FraudTool.MalwareCrush.D.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012512.com
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.28672.12
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012513.com
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0012518.exe
[DETECTION] Is the Trojan horse TR/Downloader.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019520.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019527.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019698.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019699.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019705.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019706.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019712.exe
[DETECTION] Is the Trojan horse TR/Crypt.XDR.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019720.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019721.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0019722.dll
[DETECTION] Is the Trojan horse TR/Agent.22016.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024809.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '483e4b18.qua'!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024813.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024820.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024826.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024829.ax
[DETECTION] Is the Trojan horse TR/Obfuscated.IB.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024831.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024870.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.561152.2
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024885.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024893.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024923.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024929.dll
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.WinZix.A
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024939.pif
[DETECTION] Is the Trojan horse TR/Agent.24772
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024942.dll
[DETECTION] Is the Trojan horse TR/Spy.Agent.IR.42
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024943.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.66560.21
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024944.dll
[DETECTION] Contains detection pattern of the worm WORM/SdBot.90112.5
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024945.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agent.fbl
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024946.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.389120.19
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024947.dll
[DETECTION] Is the Trojan horse TR/Drop.Age.93696.B
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024948.dll
[DETECTION] Is the Trojan horse TR/Agent.10000.70
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0024952.exe
[DETECTION] Is the Trojan horse TR/Dialer.US.7
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026973.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026974.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026979.sys
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/ForBot.AF Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0026980.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.MA.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{9F4BA278-9A4D-4577-B267-C9460F2DCBF8}\RP7\A0028023.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
End of the scan: mardi 22 avril 2008 22:38
Used time: 15:28 min
The scan has been canceled!
1304 Scanning directories
58895 Files were scanned
146 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
130 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
58749 Files not concerned
445 Archives were scanned
6 Warnings
132 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:49:46, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 3027 bytes
Scan saved at 00:49:46, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 3027 bytes
ComboFix 08-04-20.2 - BoobFan 2008-04-23 13:11:02.9 - NTFSx86
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-23 to 2008-04-23 ))))))))))))))))))))))))))))))))))))
.
2008-04-23 12:23 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-23 12:23 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-23 12:23 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-23 12:23 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-23 12:23 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-23 12:23 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-23 12:23 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-23 12:23 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-23 12:23 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-23 12:22 . 2008-04-23 12:23 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-22 22:21 . 2008-04-23 12:24 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-04-22 22:21 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Avira
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Malwarebytes
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-04-22 22:17 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-22 22:17 . 2008-04-22 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-22 19:41 . 2008-04-22 19:42 <REP> d-------- C:\fixwareout
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-22 22:25 --------- d-----w C:\Program Files\MSN Messenger
2008-04-22 12:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-03-22 18:04 --------- d-----w C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 17:06 --------- d-----w C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 17:04 --------- d-----w C:\Program Files\Google
2008-03-22 16:42 --------- d-----w C:\Program Files\Software Assist
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-17 17:41:19 354,304 ----a-w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-10-14 08:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 08:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 08:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 08:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-10-28 01:29:47 728,576 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
+ 2004-10-28 01:15:16 448,128 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
+ 2004-10-28 01:14:56 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2004-09-29 22:31:17 134,912 ----a-w C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys
+ 2004-10-14 18:35:06 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll
+ 2004-10-14 18:36:20 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe
+ 2004-10-14 18:36:19 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll
+ 2004-10-14 18:35:11 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2004-10-13 16:21:24 1,694,208 ----a-w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2004-12-07 19:32:32 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-11-30 12:46:52 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 18:22:42 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
+ 2004-11-30 18:22:42 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-11-30 12:46:52 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2005-04-22 05:20:19 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-05-17 00:44:44 19,456 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\spru040c.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-03-02 18:20:31 62,464 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:13:13 2,137,600 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 18:13:12 2,059,008 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 18:13:16 2,017,280 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 18:13:23 2,181,632 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 18:20:32 578,048 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:13:08 1,836,416 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 18:20:32 291,840 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-02-24 17:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 17:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 17:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 17:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 17:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
+ 2004-11-30 12:46:52 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 18:22:42 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 18:22:42 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 12:46:52 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2005-07-08 16:30:34 249,344 ----a-w C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe
+ 2005-07-07 17:27:08 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll
+ 2005-04-28 19:36:10 1,286,144 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll
+ 2005-04-28 19:36:09 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll
+ 2005-04-28 19:36:09 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
+ 2005-04-28 19:36:09 396,288 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll
+ 2005-05-26 23:26:50 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:11:03 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:11:03 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:11:03 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-06-11 00:17:13 57,856 ----a-w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-05-11 02:33:19 78,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-02-25 03:35:24 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:24 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:24 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:24 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:25 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2005-06-15 17:48:49 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\kerberos.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\updspapi.dll
+ 2005-06-10 04:06:01 139,528 ----a-w C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll
+ 2006-02-15 00:30:07 142,464 ----a-w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-09-01 01:46:30 19,968 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-23 03:26:14 8,508,928 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-03 00:08:21 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-27 00:47:42 23,552 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\spru040c.dll
+ 2005-09-01 01:46:31 292,352 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
+ 2005-09-26 15:36:24 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-09-10 01:53:06 2,068,480 ----a-w C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe
+ 2005-09-09 14:26:26 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll
+ 2005-06-29 01:54:24 254,976 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:54:24 73,728 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-07-26 04:29:18 225,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:29:19 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:29:20 110,080 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:29:21 498,688 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:29:21 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:29:22 195,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:29:23 97,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:29:25 1,267,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:29:27 540,160 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:29:28 243,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-25 23:42:35 8,704 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-26 04:29:29 425,472 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:29:31 945,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:29:32 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:29:32 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:29:32 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:29:37 1,285,632 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:29:38 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:29:38 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:29:39 398,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:29:40 101,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:29:40 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
+ 2005-07-25 17:21:18 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
+ 2006-03-24 04:49:05 49,152 ----a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2005-08-22 18:26:27 197,632 ----a-w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-02-25 03:35:24 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:35:24 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
+ 2005-08-19 23:50:31 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-02-25 03:35:24 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:35:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:35:25 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-08-23 03:41:23 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
+ 2005-08-22 16:01:30 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-10-17 21:26:30 80,896 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:26:30 117,760 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
+ 2006-03-17 04:49:25 8,510,976 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-22 01:51:44 25,088 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\spru040c.dll
+ 2006-03-17 01:05:35 28,672 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
+ 2005-10-20 22:32:17 1,097,728 ----a-w C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\updspapi.dll
+ 2006-06-22 10:38:25 180,736 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-03-23 05:53:24 143,360 ----a-w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
+ 2006-01-04 04:19:19 68,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
+ 2006-03-01 19:42:12 426,496 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:42:12 956,416 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:42:12 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:42:12 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:42:12 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:42:12 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
+ 2006-05-19 14:16:50 112,640 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 14:16:51 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 14:16:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
+ 2006-05-05 10:16:39 454,400 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:22:52 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 ----a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2006-03-17 01:08:10 262,656 ----a-w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
+ 2006-11-27 15:18:34 539,136 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:18:34 433,664 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
+ 2006-06-01 19:46:25 163,840 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
+ 2006-06-01 19:46:25 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll
+ 2006-07-13 11:43:08 202,496 ----a-w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
+ 2006-10-12 13:55:58 42,496 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
+ 2006-10-12 13:55:58 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
+ 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2006-10-16 11:19:09 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040c.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll
+ 2006-07-21 08:29:04 72,704 ----a-w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
+ 2006-06-26 17:47:08 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:47:08 7,680 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
+ 2006-06-22 05:22:11 69,120 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll
+ 2006-06-22 05:22:12 1,440,768 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll
+ 2006-06-14 08:50:19 172,416 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:19 6,272 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 09:17:04 82,944 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
+ 2006-08-21 12:29:03 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll
+ 2006-08-21 09:43:32 23,040 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2006-08-21 09:43:32 128,768 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\6to4svc.dll
+ 2006-08-16 10:13:39 225,664 ----a-w C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\tcpip6.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB922819\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB922819\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\updspapi.dll
+ 2006-08-14 12:00:42 332,928 ----a-w C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\updspapi.dll
+ 2006-10-13 12:43:07 64,000 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwapi32.dll
+ 2006-10-13 12:43:07 145,920 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
+ 2006-10-13 10:39:12 163,456 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwrdr.sys
+ 2006-10-13 12:43:07 65,536 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwwks.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB923980\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB923980\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\updspapi.dll
+ 2006-08-17 12:43:04 733,184 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll
+ 2006-08-17 12:43:04 337,408 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\netapi32.dll
+ 2006-08-17 12:43:04 132,096 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\wkssvc.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\updspapi.dll
+ 2006-09-04 06:14:50 1,497,088 ----a-w C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\shdocvw.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\updspapi.dll
+ 2007-03-08 15:50:30 282,112 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\gdi32.dll
+ 2007-03-08 15:50:30 40,960 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\mf3216.dll
+ 2007-03-08 15:50:30 579,072 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
+ 2007-03-08 15:45:59 1,844,096 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\win32k.sys
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\updspapi.dll
+ 2006-10-20 01:40:33 716,800 ----a-w C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\sxs.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\updspapi.dll
+ 2006-10-16 17:14:12 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\oledlg.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\updspapi.dll
+ 2006-12-26 13:20:21 536,576 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msado15.dll
+ 2006-12-26 13:20:21 180,224 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadomd.dll
+ 2006-12-26 13:20:21 200,704 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadox.dll
+ 2006-12-26 13:20:21 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msjro.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927779\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927779\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\updspapi.dll
+ 2006-12-19 18:48:57 334,336 ----a-w C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927802\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927802\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\updspapi.dll
+ 2007-04-18 16:16:25 2,854,400 ----a-w C:\WINDOWS\$hf_mig$\KB927891\SP2QFE\msi31.dll
+ 2006-12-14 08:53:58 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927891\spmsg.dll
+ 2006-12-14 08:53:58 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927891\spuninst.exe
+ 2006-12-14 08:53:58 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\spcustom.dll
+ 2006-12-14 08:53:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2006-12-14 08:53:58 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\updspapi.dll
+ 2006-12-19 21:48:29 8,515,072 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
+ 2006-12-19 21:48:29 135,680 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
+ 2006-12-19 16:29:57 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\spru040c.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\updspapi.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\updspapi.dll
+ 2007-05-16 15:28:27 86,528 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\directdb.dll
+ 2007-05-16 15:28:28 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\inetcomm.dll
+ 2007-05-16 15:28:31 1,314,816 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\msoe.dll
+ 2007-05-16 15:28:32 510,976 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wab32.dll
+ 2007-05-16 15:28:33 85,504 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wabimp.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\updspapi.dll
+ 2007-03-17 13:47:04 293,376 ----a-w C:\WINDOWS\$hf_mig$\KB930178\SP2QFE\winsrv.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB930178\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB930178\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\updspapi.dll
+ 2007-02-09 11:23:36 574,976 ----a-w C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\updspapi.dll
+ 2007-02-05 20:20:56 185,344 ----a-w C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-02-28 16:08:15 2,139,648 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlmp.exe
+ 2007-02-28 16:08:25 2,061,440 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
+ 2007-02-28 16:08:11 2,019,328 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrpamp.exe
+ 2007-02-28 16:08:21 2,184,192 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\updspapi.dll
+ 2007-03-09 14:00:38 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\agentdpv.dll
+ 2007-03-09 11:51:20 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\spru040c.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\updspapi.dll
+ 2007-07-09 13:19:28 582,656 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
+ 2007-06-18 22:24:36 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\spru040c.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
+ 2007-04-16 16:11:08 1,051,136 ----a-w C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\updspapi.dll
+ 2007-04-25 20:32:29 144,896 ----a-w C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll
+ 2007-06-26 06:07:05 1,104,896 ----a-w C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:09:51 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:09:51 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:09:51 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:09:51 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:09:51 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:09:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:09:51 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:09:51 527,360 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-06-26 14:46:09 851,968 ----a-w C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
+ 2007-06-13 13:10:53 1,037,312 ----a-w C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll
+ 2007-08-21 06:25:34 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-10-29 22:36:31 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:30:15 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\$hf_mig$\KB943460\SP2QFE\shell32.dll
+ 2007-10-29 14:07:16 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB943460\SP2QFE\spru040c.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943460\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943460\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
+ 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\updspapi.dll
+ 2007-11-07 09:50:06 733,696 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
+ 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\browseui.dll
+ 2008-02-16 09:31:57 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\danim.dll
+ 2008-02-16 09:31:58 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\extmgr.dll
+ 2008-02-15 09:07:53 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe
+ 2008-02-16 09:31:58 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iepeers.dll
+ 2008-02-16 09:31:58 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\inseng.dll
+ 2008-02-16 09:31:58 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtml.dll
+ 2008-02-16 09:31:59 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\msrating.dll
+ 2008-02-16 09:31:59 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mstime.dll
+ 2008-02-16 09:31:59 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shlwapi.dll
+ 2008-02-15 23:03:14 370,176 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\spru040c.dll
+ 2008-02-16 09:32:00 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\urlmon.dll
+ 2008-02-16 09:32:00 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\updspapi.dll
+ 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\up
Endroit: C:\Documents and Settings\BoobFan\Bureau\Combo-Fix.exe
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-23 to 2008-04-23 ))))))))))))))))))))))))))))))))))))
.
2008-04-23 12:23 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-23 12:23 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-23 12:23 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-23 12:23 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-23 12:23 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-23 12:23 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-23 12:23 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-23 12:23 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-23 12:23 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-23 12:22 . 2008-04-23 12:23 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-22 22:21 . 2008-04-23 12:24 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-04-22 22:21 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Avira
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Malwarebytes
2008-04-22 22:18 . 2008-04-22 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-04-22 22:17 . 2008-04-22 22:18 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-22 22:17 . 2008-04-22 22:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-22 19:41 . 2008-04-22 19:42 <REP> d-------- C:\fixwareout
2008-04-22 16:55 . 2008-04-22 16:55 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-22 16:54 . 2008-04-22 17:02 <REP> d-------- C:\SDFix
2008-04-20 13:58 . 2008-04-20 13:58 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 16:31 . 2008-04-12 16:31 <REP> d-------- C:\WINDOWS\Nokia_19_jpg
2008-04-12 10:54 . 2008-04-12 10:54 <REP> d-------- C:\Program Files\7-Zip
2008-04-05 13:19 . 2008-04-12 10:50 <REP> d-------- C:\WINDOWS\Winver
2008-03-24 13:47 . 2008-03-24 13:48 <REP> d-------- C:\Program Files\Java
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 13:46 . 2008-03-24 13:46 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-24 12:33 . 2008-03-24 12:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2008-03-24 12:32 . 2008-03-24 12:32 <REP> d-------- C:\MicroGaming
2008-03-23 23:47 . 2008-03-24 13:09 250 --a------ C:\WINDOWS\gmer.ini
2008-03-23 23:38 . 2008-04-12 11:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-23 18:41 . 2008-03-23 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-23 18:35 . 2008-03-24 01:44 <REP> d--h----- C:\DBBackup
2008-03-23 17:13 . 2008-03-23 17:29 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\BullGuard
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Windows Live
2008-03-23 16:37 . 2008-03-23 16:37 <REP> d---s---- C:\Documents and Settings\BoobFan\UserData
2008-03-23 16:36 . 2008-03-23 16:37 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-03-23 16:31 . 2008-03-23 16:37 <REP> d-------- C:\Documents and Settings\BoobFan\Contacts
2008-03-23 16:31 . 2008-03-23 16:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-03-23 16:29 . 2008-03-23 16:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-23 15:27 . 2008-03-23 15:27 <REP> d-------- C:\Program Files\TRELLIAN
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\cache329
2008-03-23 15:24 . 2008-03-23 15:24 <REP> d-------- C:\WINDOWS\system32\AdCache
2008-03-23 15:24 . 2008-03-30 18:04 <REP> d-------- C:\Documents and Settings\BoobFan\Application Data\Warez
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-23 15:22 . 2008-03-23 15:22 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-22 22:25 --------- d-----w C:\Program Files\MSN Messenger
2008-04-22 12:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-21 10:13 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2008-04-21 10:13 17,920 ----a-w C:\WINDOWS\system32\tftp.exe
2008-03-22 18:04 --------- d-----w C:\Documents and Settings\BoobFan\Application Data\ErrorSmart
2008-03-22 17:06 --------- d-----w C:\Documents and Settings\BoobFan\Application Data\NetPumper
2008-03-22 17:04 --------- d-----w C:\Program Files\Google
2008-03-22 16:42 --------- d-----w C:\Program Files\Software Assist
2008-03-22 15:10 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-22 15:08 --------- d-----w C:\Program Files\Services en ligne
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-20_23.43.03.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-11-17 17:41:19 354,304 ----a-w C:\WINDOWS\$hf_mig$\KB873339\SP2QFE\hypertrm.dll
+ 2004-10-14 08:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll
+ 2004-10-14 08:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
+ 2004-10-14 08:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\spcustom.dll
+ 2004-10-14 08:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
+ 2004-10-28 01:29:47 728,576 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\lsasrv.dll
+ 2004-10-28 01:15:16 448,128 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
+ 2004-10-28 01:14:56 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\rdbss.sys
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
+ 2004-09-29 22:31:17 134,912 ----a-w C:\WINDOWS\$hf_mig$\KB886185\SP2QFE\ipnat.sys
+ 2004-10-14 18:35:06 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll
+ 2004-10-14 18:36:20 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe
+ 2004-10-14 18:36:19 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\spcustom.dll
+ 2004-10-14 18:35:11 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
+ 2004-10-13 16:21:24 1,694,208 ----a-w C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2004-10-14 09:35:08 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll
+ 2004-10-14 09:36:22 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe
+ 2004-10-14 09:36:20 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\spcustom.dll
+ 2004-10-14 09:35:12 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
+ 2004-12-07 19:32:32 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB888302\SP2QFE\srvsvc.dll
+ 2004-11-30 12:46:52 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll
+ 2004-11-30 18:22:42 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe
+ 2004-11-30 18:22:42 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\spcustom.dll
+ 2004-11-30 12:46:52 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
+ 2005-04-22 05:20:19 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\agentdpv.dll
+ 2005-05-17 00:44:44 19,456 ----a-w C:\WINDOWS\$hf_mig$\KB890046\SP2QFE\spru040c.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB890046\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB890046\update\updspapi.dll
+ 2005-03-02 18:20:31 62,464 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\authz.dll
+ 2005-03-02 18:13:13 2,137,600 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe
+ 2005-03-02 18:13:12 2,059,008 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
+ 2005-03-02 18:13:16 2,017,280 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe
+ 2005-03-02 18:13:23 2,181,632 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
+ 2005-03-02 18:20:32 578,048 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
+ 2005-03-02 18:13:08 1,836,416 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
+ 2005-03-02 18:20:32 291,840 ----a-w C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\winsrv.dll
+ 2005-02-24 17:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll
+ 2005-02-24 17:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe
+ 2005-02-24 17:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\spcustom.dll
+ 2005-02-24 17:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
+ 2005-02-24 17:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB890859\update\updspapi.dll
+ 2004-11-30 12:46:52 8,192 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll
+ 2004-11-30 18:22:42 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe
+ 2004-11-30 18:22:42 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\spcustom.dll
+ 2004-11-30 12:46:52 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
+ 2005-07-08 16:30:34 249,344 ----a-w C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe
+ 2005-07-07 17:27:08 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB893756\update\updspapi.dll
+ 2005-04-28 19:36:10 1,286,144 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll
+ 2005-04-28 19:36:09 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecli32.dll
+ 2005-04-28 19:36:09 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\olecnv32.dll
+ 2005-04-28 19:36:09 396,288 ----a-w C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB894391\update\updspapi.dll
+ 2005-05-26 23:26:50 10,752 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2005-05-27 02:11:03 41,472 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hhsetup.dll
+ 2005-05-27 02:11:03 155,136 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itircl.dll
+ 2005-05-27 02:11:03 137,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\itss.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896358\update\updspapi.dll
+ 2005-06-11 00:17:13 57,856 ----a-w C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896423\update\updspapi.dll
+ 2005-05-11 02:33:19 78,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB896428\update\updspapi.dll
+ 2005-02-25 03:35:24 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:35:24 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:35:24 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:35:24 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:35:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:35:25 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2005-06-15 17:48:49 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB899587\SP2QFE\kerberos.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB899587\update\updspapi.dll
+ 2005-06-10 04:06:01 139,528 ----a-w C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe
+ 2005-06-29 14:54:32 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB899591\update\updspapi.dll
+ 2006-02-15 00:30:07 142,464 ----a-w C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB900485\update\updspapi.dll
+ 2005-09-01 01:46:30 19,968 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
+ 2005-09-23 03:26:14 8,508,928 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shell32.dll
+ 2005-09-03 00:08:21 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\shlwapi.dll
+ 2005-09-27 00:47:42 23,552 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\spru040c.dll
+ 2005-09-01 01:46:31 292,352 ----a-w C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\winsrv.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe
+ 2005-09-26 15:36:24 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB900725\update\updspapi.dll
+ 2005-09-10 01:53:06 2,068,480 ----a-w C:\WINDOWS\$hf_mig$\KB901017\SP2QFE\cdosys.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe
+ 2005-09-09 14:26:26 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB901017\update\updspapi.dll
+ 2005-06-29 01:54:24 254,976 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\icm32.dll
+ 2005-06-29 01:54:24 73,728 ----a-w C:\WINDOWS\$hf_mig$\KB901214\SP2QFE\mscms.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB901214\update\updspapi.dll
+ 2005-07-26 04:29:18 225,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll
+ 2005-07-26 04:29:19 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll
+ 2005-07-26 04:29:20 110,080 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatex.dll
+ 2005-07-26 04:29:21 498,688 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\clbcatq.dll
+ 2005-07-26 04:29:21 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\colbact.dll
+ 2005-07-26 04:29:22 195,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comadmin.dll
+ 2005-07-26 04:29:23 97,792 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comrepl.dll
+ 2005-07-26 04:29:25 1,267,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comsvcs.dll
+ 2005-07-26 04:29:27 540,160 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\comuid.dll
+ 2005-07-26 04:29:28 243,200 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
+ 2005-07-25 23:42:35 8,704 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2005-07-26 04:29:29 425,472 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll
+ 2005-07-26 04:29:31 945,152 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtctm.dll
+ 2005-07-26 04:29:32 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll
+ 2005-07-26 04:29:32 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxclu.dll
+ 2005-07-26 04:29:32 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\mtxoci.dll
+ 2005-07-26 04:29:37 1,285,632 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\ole32.dll
+ 2005-07-26 04:29:38 75,264 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecli32.dll
+ 2005-07-26 04:29:38 37,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\olecnv32.dll
+ 2005-07-26 04:29:39 398,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
+ 2005-07-26 04:29:40 101,376 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\txflog.dll
+ 2005-07-26 04:29:40 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\xolehlp.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe
+ 2005-07-25 17:21:18 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB902400\update\updspapi.dll
+ 2006-03-24 04:49:05 49,152 ----a-w C:\WINDOWS\$hf_mig$\KB904942\SP2QFE\wdigest.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB904942\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB904942\update\updspapi.dll
+ 2005-08-22 18:26:27 197,632 ----a-w C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
+ 2005-02-25 03:35:24 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll
+ 2005-02-25 03:35:24 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe
+ 2005-08-19 23:50:31 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe
+ 2005-02-25 03:35:24 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\spcustom.dll
+ 2005-02-25 03:35:24 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
+ 2005-02-25 03:35:25 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB905414\update\updspapi.dll
+ 2005-08-23 03:41:23 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll
+ 2005-02-24 18:35:26 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll
+ 2005-02-24 18:35:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe
+ 2005-08-22 16:01:30 30,720 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe
+ 2005-02-24 18:35:26 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\spcustom.dll
+ 2005-02-24 18:35:26 730,336 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
+ 2005-02-24 18:35:26 395,488 ----a-w C:\WINDOWS\$hf_mig$\KB905749\update\updspapi.dll
+ 2005-10-17 21:26:30 80,896 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\fontsub.dll
+ 2005-10-17 21:26:30 117,760 ----a-w C:\WINDOWS\$hf_mig$\KB908519\SP2QFE\t2embed.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB908519\update\updspapi.dll
+ 2006-03-17 04:49:25 8,510,976 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\shell32.dll
+ 2006-03-22 01:51:44 25,088 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\spru040c.dll
+ 2006-03-17 01:05:35 28,672 ----a-w C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB908531\update\updspapi.dll
+ 2005-10-20 22:32:17 1,097,728 ----a-w C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB910437\update\updspapi.dll
+ 2006-06-22 10:38:25 180,736 ----a-w C:\WINDOWS\$hf_mig$\KB911280\SP2QFE\rasmans.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911280\update\updspapi.dll
+ 2006-03-23 05:53:24 143,360 ----a-w C:\WINDOWS\$hf_mig$\KB911562\SP2QFE\msadco.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911562\update\updspapi.dll
+ 2006-01-04 04:19:19 68,096 ----a-w C:\WINDOWS\$hf_mig$\KB911927\SP2QFE\webclnt.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB911927\update\updspapi.dll
+ 2006-03-01 19:42:12 426,496 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcprx.dll
+ 2006-03-01 19:42:12 956,416 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtctm.dll
+ 2006-03-01 19:42:12 161,280 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\msdtcuiu.dll
+ 2006-03-01 19:42:12 66,560 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxclu.dll
+ 2006-03-01 19:42:12 91,136 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\mtxoci.dll
+ 2006-03-01 19:42:12 11,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\SP2QFE\xolehlp.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB913580\update\updspapi.dll
+ 2006-05-19 14:16:50 112,640 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dhcpcsvc.dll
+ 2006-05-19 14:16:51 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\dnsapi.dll
+ 2006-05-19 14:16:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB914388\SP2QFE\iphlpapi.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB914388\update\updspapi.dll
+ 2006-05-05 10:16:39 454,400 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys
+ 2006-05-05 10:22:52 174,592 ----a-w C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\rdbss.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB914389\update\updspapi.dll
+ 2006-07-14 15:52:22 121,856 ----a-w C:\WINDOWS\$hf_mig$\KB915865\SP2QFE\xmllite.dll
+ 2005-10-12 23:12:25 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll
+ 2005-10-12 23:12:26 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\spcustom.dll
+ 2005-10-12 23:12:28 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:33 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB915865\update\updspapi.dll
+ 2006-03-17 01:08:10 262,656 ----a-w C:\WINDOWS\$hf_mig$\KB916595\SP2QFE\http.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB916595\update\updspapi.dll
+ 2006-11-27 15:18:34 539,136 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\msftedit.dll
+ 2006-11-27 15:18:34 433,664 ----a-w C:\WINDOWS\$hf_mig$\KB918118\SP2QFE\riched20.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB918118\update\updspapi.dll
+ 2006-06-01 19:46:25 163,840 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgdw400.dll
+ 2006-06-01 19:46:25 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB918439\SP2QFE\jgpl400.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB918439\update\updspapi.dll
+ 2006-07-13 11:43:08 202,496 ----a-w C:\WINDOWS\$hf_mig$\KB919007\SP2QFE\rmcast.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB919007\update\updspapi.dll
+ 2006-10-12 13:55:58 42,496 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdp2.dll
+ 2006-10-12 13:55:58 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentdpv.dll
+ 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2006-10-16 11:19:09 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\spru040c.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920213\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920213\update\updspapi.dll
+ 2006-07-21 08:29:04 72,704 ----a-w C:\WINDOWS\$hf_mig$\KB920670\SP2QFE\hlink.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920670\update\updspapi.dll
+ 2006-06-26 17:47:08 147,456 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\dnsapi.dll
+ 2006-06-26 17:47:08 7,680 ----a-w C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920683\update\updspapi.dll
+ 2006-06-22 05:22:11 69,120 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\ciodm.dll
+ 2006-06-22 05:22:12 1,440,768 ----a-w C:\WINDOWS\$hf_mig$\KB920685\SP2QFE\query.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920685\update\updspapi.dll
+ 2006-06-14 08:50:19 172,416 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\kmixer.sys
+ 2006-06-14 08:50:19 6,272 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
+ 2006-06-14 09:17:04 82,944 ----a-w C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\wdmaud.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB920872\update\updspapi.dll
+ 2006-08-21 12:29:03 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltlib.dll
+ 2006-08-21 09:43:32 23,040 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2006-08-21 09:43:32 128,768 ----a-w C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmgr.sys
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB922582\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\6to4svc.dll
+ 2006-08-16 10:13:39 225,664 ----a-w C:\WINDOWS\$hf_mig$\KB922819\SP2QFE\tcpip6.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB922819\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB922819\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB922819\update\updspapi.dll
+ 2006-08-14 12:00:42 332,928 ----a-w C:\WINDOWS\$hf_mig$\KB923414\SP2QFE\srv.sys
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB923414\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB923414\update\updspapi.dll
+ 2006-10-13 12:43:07 64,000 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwapi32.dll
+ 2006-10-13 12:43:07 145,920 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwprovau.dll
+ 2006-10-13 10:39:12 163,456 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwrdr.sys
+ 2006-10-13 12:43:07 65,536 ----a-w C:\WINDOWS\$hf_mig$\KB923980\SP2QFE\nwwks.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB923980\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB923980\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB923980\update\updspapi.dll
+ 2006-08-17 12:43:04 733,184 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\lsasrv.dll
+ 2006-08-17 12:43:04 337,408 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\netapi32.dll
+ 2006-08-17 12:43:04 132,096 ----a-w C:\WINDOWS\$hf_mig$\KB924270\SP2QFE\wkssvc.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB924270\update\updspapi.dll
+ 2006-09-04 06:14:50 1,497,088 ----a-w C:\WINDOWS\$hf_mig$\KB924496\SP2QFE\shdocvw.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB924496\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB924496\update\updspapi.dll
+ 2007-03-08 15:50:30 282,112 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\gdi32.dll
+ 2007-03-08 15:50:30 40,960 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\mf3216.dll
+ 2007-03-08 15:50:30 579,072 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
+ 2007-03-08 15:45:59 1,844,096 ----a-w C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\win32k.sys
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB925902\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB925902\update\updspapi.dll
+ 2006-10-20 01:40:33 716,800 ----a-w C:\WINDOWS\$hf_mig$\KB926255\SP2QFE\sxs.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB926255\update\updspapi.dll
+ 2006-10-16 17:14:12 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB926436\SP2QFE\oledlg.dll
+ 2005-10-12 23:18:45 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll
+ 2005-10-12 23:18:45 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe
+ 2005-10-12 23:18:45 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\spcustom.dll
+ 2005-10-12 23:18:46 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
+ 2005-10-12 23:18:49 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB926436\update\updspapi.dll
+ 2006-12-26 13:20:21 536,576 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msado15.dll
+ 2006-12-26 13:20:21 180,224 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadomd.dll
+ 2006-12-26 13:20:21 200,704 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msadox.dll
+ 2006-12-26 13:20:21 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB927779\SP2QFE\msjro.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927779\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927779\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927779\update\updspapi.dll
+ 2006-12-19 18:48:57 334,336 ----a-w C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927802\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927802\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927802\update\updspapi.dll
+ 2007-04-18 16:16:25 2,854,400 ----a-w C:\WINDOWS\$hf_mig$\KB927891\SP2QFE\msi31.dll
+ 2006-12-14 08:53:58 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB927891\spmsg.dll
+ 2006-12-14 08:53:58 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB927891\spuninst.exe
+ 2006-12-14 08:53:58 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\spcustom.dll
+ 2006-12-14 08:53:58 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
+ 2006-12-14 08:53:58 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB927891\update\updspapi.dll
+ 2006-12-19 21:48:29 8,515,072 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shell32.dll
+ 2006-12-19 21:48:29 135,680 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
+ 2006-12-19 16:29:57 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\spru040c.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB928255\update\updspapi.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB928843\update\updspapi.dll
+ 2007-05-16 15:28:27 86,528 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\directdb.dll
+ 2007-05-16 15:28:28 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\inetcomm.dll
+ 2007-05-16 15:28:31 1,314,816 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\msoe.dll
+ 2007-05-16 15:28:32 510,976 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wab32.dll
+ 2007-05-16 15:28:33 85,504 ----a-w C:\WINDOWS\$hf_mig$\KB929123\SP2QFE\wabimp.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB929123\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB929123\update\updspapi.dll
+ 2007-03-17 13:47:04 293,376 ----a-w C:\WINDOWS\$hf_mig$\KB930178\SP2QFE\winsrv.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB930178\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB930178\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB930178\update\updspapi.dll
+ 2007-02-09 11:23:36 574,976 ----a-w C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB930916\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB930916\update\updspapi.dll
+ 2007-02-05 20:20:56 185,344 ----a-w C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB931261\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB931261\update\updspapi.dll
+ 2007-02-28 16:08:15 2,139,648 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlmp.exe
+ 2007-02-28 16:08:25 2,061,440 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
+ 2007-02-28 16:08:11 2,019,328 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrpamp.exe
+ 2007-02-28 16:08:21 2,184,192 ----a-w C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB931784\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB931784\update\updspapi.dll
+ 2007-03-09 14:00:38 57,344 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\agentdpv.dll
+ 2007-03-09 11:51:20 265,216 ----a-w C:\WINDOWS\$hf_mig$\KB932168\SP2QFE\spru040c.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932168\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932168\update\updspapi.dll
+ 2007-07-09 13:19:28 582,656 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
+ 2007-06-18 22:24:36 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\spru040c.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
+ 2007-04-16 16:11:08 1,051,136 ----a-w C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB935839\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB935839\update\updspapi.dll
+ 2007-04-25 20:32:29 144,896 ----a-w C:\WINDOWS\$hf_mig$\KB935840\SP2QFE\schannel.dll
+ 2006-01-19 19:29:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll
+ 2006-01-19 19:29:25 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB935840\spuninst.exe
+ 2006-01-19 19:29:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\spcustom.dll
+ 2006-01-19 19:29:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
+ 2006-01-19 19:29:26 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB935840\update\updspapi.dll
+ 2007-06-26 06:07:05 1,104,896 ----a-w C:\WINDOWS\$hf_mig$\KB936021\SP2QFE\msxml3.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB936021\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB936021\update\updspapi.dll
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:09:51 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:09:51 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:09:51 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:09:51 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:09:51 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:09:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:09:51 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:09:51 527,360 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-06-26 14:46:09 851,968 ----a-w C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
+ 2007-06-13 13:10:53 1,037,312 ----a-w C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938828\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938828\update\updspapi.dll
+ 2007-08-21 06:25:34 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-10-29 22:36:31 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:30:15 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-10-25 16:43:25 8,516,608 ----a-w C:\WINDOWS\$hf_mig$\KB943460\SP2QFE\shell32.dll
+ 2007-10-29 14:07:16 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB943460\SP2QFE\spru040c.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943460\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943460\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
+ 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943460\update\updspapi.dll
+ 2007-11-07 09:50:06 733,696 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
+ 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
+ 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\browseui.dll
+ 2008-02-16 09:31:57 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\danim.dll
+ 2008-02-16 09:31:58 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\extmgr.dll
+ 2008-02-15 09:07:53 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe
+ 2008-02-16 09:31:58 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iepeers.dll
+ 2008-02-16 09:31:58 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\inseng.dll
+ 2008-02-16 09:31:58 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtml.dll
+ 2008-02-16 09:31:59 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\msrating.dll
+ 2008-02-16 09:31:59 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\mstime.dll
+ 2008-02-16 09:31:59 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\shlwapi.dll
+ 2008-02-15 23:03:14 370,176 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\spru040c.dll
+ 2008-02-16 09:32:00 620,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\urlmon.dll
+ 2008-02-16 09:32:00 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864\update\updspapi.dll
+ 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\up
re![:)]( ":)")
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:46, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 3870 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:46, on 23/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-436374069-1993962763-1060284298-1002\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?477b58f031144e3fb32322b2cfa526b0
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?477b58f031144e3fb32322b2cfa526b0
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BGRaSvc - Unknown owner - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 3870 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
