Sujet Précédent Sujet Suivant

Désespérée : FastNetSrv.exe lsm32.sys opeia

sarah01 -  
 Utilisateur anonyme -
Bonjour,
Alors sous Vista, gros souci depuis 48-72h, je suis infectée, je m'en suis aperçue car tous mes dossiers se sont mis auto en lecture seule et je n'arrive plus à accéder aux sites sécuritaire (avast, malwarebytes...) et autres (microsoft...) et ni faire certaines mises à jour. Pensant à un virus j'ai regardé les programmes actifs du pc et la que vois-je : FastNetSrv.exe lsm32.sys opeia.exe....
Bref je lance Malwarebytes : impossible de faire les mises à jour, je scan quand même, je mets en quarantaine puis delete. mais souci, je n'ai pas l'impression qu'il me trouve FastnetSrv.exe car il est toujours là et quand je redémarre mon pc, tout revient, c rageant.
J'ai lancé égallement l'outils de suppression de logiciels malvaillants de Windows, là après plus de 13h de scan (et ce n'est pas fini) il ne trouve pour l'instant rien. J'ai également fait spyware terminator : rien.
Je voulais faire Dr web cure it mais impossible d'accéder au site (comme si je n'avais pas de connection internet, or j'ai bien internet).
Mon pc était lent hier et je n'arrivais pas à lancer prog (il apparaissait au moins 10 à 15min après la demande, et aujourd'hui cela n'arrive pas)
J'ai envie de stopper le processus de c prog manuellement (dans le gestionnaire de tache via TuneUp car c prog n'apparaisse pas ds le gestionnaire de tache de windows) mais j'ai peur de causer plus de prob que maintenant. Puis je le faire ?
Et j'aimerai également savoir ce que font ce genre de programmes car je n'arrive pas à trouver sur le web étant super restreinte.
Merci à ceux qui veulent bien se pencher sur mon souci.

5 réponses

Réponse 1 / 5
Utilisateur anonyme
 
bonjour
fait ce test pour voir
TEST CONFICKER
http://consultaide.e-monsite.com/rubrique,conficker-simples-tests,355935.html
et tu me diras ce que tu vois
0
sarah01
 
Alors merci pour ta réactivité.
Donc je ne vois pas F-secure (1iere ligne tout a gauche) et Trendmicro (1iere ligne tout a droite)
0
Utilisateur anonyme > sarah01
 
que crains que cela soit conficker, ce ver bloque les liens aidant
il faudrai essayer de me faire ceci pour voir

ton anti-virus fonctionne-t-il ?

Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

- http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

- Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


- laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
sarah01 > Utilisateur anonyme
 
Impossible d'accéder à ton lien... Satané virus...
0
Réponse 2 / 5
Utilisateur anonyme
 
up
0
Utilisateur anonyme
 
As tu un second PC ?
0
sarah01 > Utilisateur anonyme
 
chez mon voisin, jy cours...
0
Utilisateur anonyme > sarah01
 
si tu as une clé USB il faut d'abord la vacciner, fait le sur un PC sain


Télécharge USBFix de Chiquitine29 , C_XX et Chimay8 sur ton bureau
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau .


# Sélectionne l'option 3 ( Vaccination )

# Laisse travailler l'outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


ensuite, tu me télécharges sur le PC sain RSIT et tu le met dans la clé USB, puis tu scan le PC infecté avec, et tu me postes les 2 rapports en les hébergeant sur ci joint.com
ensuite, essaye de télécharger aussi dans la clé USB l'outil Sophos, puis place le dans le PC infecté
et scanne le
Je te conseille de déconnecter ton PC pendant toutes ces manips, et tu le reconnectes après

e
0
sarah01 > Utilisateur anonyme
 
alors j'ai double cliqué sur usbfix un ecran apparait meme pas 1sec puis disparait, et plus rien... donc j'arrive pas à lancer usbfix
0
sarah01 > Utilisateur anonyme
 
usbfix ne fonctionne que sur mon pc infecté.

Voici le rapport


############################## | UsbFix V6.046 |

User : sarah (Administrateurs) # PC-DE-SARAH
Update on 29/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:44:36 | 29/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 223,48 Go (33,68 Go free) # NTFS
D:\ -> Disque fixe local # 9,4 Go (1,68 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,89 Go (1,88 Go free) [LEXAR] # FAT
I:\ -> Disque amovible # 1,85 Go (206,03 Mo free) # FAT

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# I:\autorun.inf -> Dossier créé par UsbFix.

################## | ! Fin du rapport # UsbFix V6.046 ! |
0
Réponse 3 / 5
sarah01
 
Je te post quand même le rapport rsit car j'ai lu ton mess un peu trop tard et j'avais déjà fait le test.

log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by sarah at 2009-10-29 15:17:57
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 34 GB (15%) free of 229 GB
Total RAM: 3068 MB (64% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{C6F09370-7925-40B4-9425-B106AD033721}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2009-10-08 1219584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
Burn4Free Toolbar Helper - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2009-10-06 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - Burn4Free Toolbar - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2009-10-06 815104]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\ctbr.dll [2009-10-08 1219584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
""= []
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-04-15 462848]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-23 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-23 92704]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-10-29 1803776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2310144]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 145920]
"ter8m"=C:\Windows\TEMP\msxm192z.dll [2009-10-25 65536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"
"C:\Windows\system32\winlogon.exe"="C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{346f78ec-327b-11de-b803-001e68e9a6bf}]
shell\AutoRun\command - F:\AutoDPFMate.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5741355b-ac58-11de-a236-001e68e9a6bf}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3bbab3e-d426-11dd-9578-001e68e9a6bf}]
shell\AutoRun\command - I:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fed97154-f8d5-11dd-abff-001e68e9a6bf}]
shell\AutoRun\command - explorer .
shell\mobile\command - G:\MobileLaunch.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2009-10-29 15:17:58 ----D---- C:\Program Files\trend micro
2009-10-29 15:17:57 ----D---- C:\rsit
2009-10-28 23:16:16 ----D---- C:\Program Files\Crawler
2009-10-28 03:26:07 ----D---- C:\Program Files\Clear Read-Only
2009-10-25 12:44:51 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-10-25 11:45:08 ----A---- C:\Windows\system32\7274,546.exe
2009-10-25 11:44:56 ----A---- C:\Windows\system32\2943,842.exe
2009-10-25 11:44:36 ----SHD---- C:\Windows\system32\%APPDATA%
2009-10-25 11:35:57 ----D---- C:\ProgramData\FLEXnet
2009-10-25 11:21:14 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-22 12:56:11 ----A---- C:\Windows\system32\mshtml.dll
2009-10-22 12:56:09 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 12:56:08 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 12:56:08 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 12:56:07 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 12:56:07 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 12:56:06 ----A---- C:\Windows\system32\occache.dll
2009-10-22 12:56:06 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-22 12:56:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 12:56:05 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\iepeers.dll
2009-10-22 12:56:05 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-22 12:56:04 ----A---- C:\Windows\system32\iernonce.dll
2009-10-18 02:05:18 ----D---- C:\Users\sarah\AppData\Roaming\TortoiseSVN
2009-10-18 01:57:23 ----D---- C:\Users\sarah\AppData\Roaming\Subversion
2009-10-18 00:59:44 ----D---- C:\Program Files\TortoiseSVN
2009-10-18 00:59:44 ----D---- C:\Program Files\Common Files\TortoiseOverlays
2009-10-16 07:40:53 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-16 07:40:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-16 07:40:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-16 07:40:00 ----A---- C:\Windows\system32\msasn1.dll
2009-10-16 07:39:51 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-07 02:06:23 ----D---- C:\ProgramData\Office Genuine Advantage
2009-10-06 18:35:43 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 18:35:42 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 18:35:42 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 18:35:42 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 18:34:30 ----A---- C:\Windows\system32\wups.dll
2009-10-06 18:34:30 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 18:34:30 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 18:34:20 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 18:34:20 ----A---- C:\Windows\system32\wuapp.exe
2009-10-06 14:50:13 ----A---- C:\Windows\Burn4Free_Toolbar_Uninstaller_1940.exe
2009-10-04 00:20:57 ----D---- C:\Program Files\adslTV
2009-10-02 18:24:34 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-28 00:42:22 ----D---- C:\Windows\system32\eu-ES
2009-09-28 00:42:22 ----D---- C:\Windows\system32\ca-ES
2009-09-28 00:42:20 ----D---- C:\Windows\system32\vi-VN
2009-09-27 23:08:51 ----D---- C:\Windows\system32\EventProviders
2009-09-25 16:32:12 ----D---- C:\Program Files\Common Files\DivX Shared
2009-09-25 16:31:29 ----D---- C:\Program Files\Google
2009-09-24 20:06:56 ----D---- C:\Program Files\Safari
2009-09-24 00:12:31 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-24 00:12:27 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-24 00:12:27 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-24 00:12:25 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-24 00:12:25 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-24 00:12:24 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-24 00:12:22 ----A---- C:\Windows\system32\mssrch.dll
2009-09-24 00:12:20 ----A---- C:\Windows\system32\tquery.dll
2009-09-24 00:12:19 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-24 00:12:18 ----A---- C:\Windows\system32\scavenge.dll
2009-09-24 00:12:18 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-24 00:12:17 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-24 00:12:16 ----A---- C:\Windows\system32\msi.dll
2009-09-24 00:12:15 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-24 00:12:15 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-24 00:12:14 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-24 00:12:14 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-24 00:12:14 ----A---- C:\Windows\system32\sysmain.dll
2009-09-24 00:12:13 ----A---- C:\Windows\system32\icardagt.exe
2009-09-24 00:12:12 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-24 00:12:11 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-24 00:12:10 ----A---- C:\Windows\system32\spreview.exe
2009-09-24 00:12:10 ----A---- C:\Windows\system32\spinstall.exe
2009-09-24 00:12:10 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-24 00:12:09 ----A---- C:\Windows\system32\spwizui.dll
2009-09-24 00:12:09 ----A---- C:\Windows\system32\secproc.dll
2009-09-24 00:12:09 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-24 00:12:08 ----A---- C:\Windows\system32\shell32.dll
2009-09-24 00:12:07 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-24 00:12:07 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-24 00:12:07 ----A---- C:\Windows\system32\mssvp.dll
2009-09-24 00:12:06 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-24 00:12:06 ----A---- C:\Windows\system32\mssph.dll
2009-09-24 00:12:06 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-24 00:12:06 ----A---- C:\Windows\system32\mscoree.dll
2009-09-24 00:12:06 ----A---- C:\Windows\system32\imapi2.dll
2009-09-24 00:12:04 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-24 00:12:04 ----A---- C:\Windows\system32\esent.dll
2009-09-24 00:12:03 ----A---- C:\Windows\system32\sperror.dll
2009-09-24 00:12:03 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-24 00:12:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-24 00:12:03 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-24 00:12:02 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-24 00:12:02 ----A---- C:\Windows\system32\SLC.dll
2009-09-24 00:12:02 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-24 00:12:02 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-24 00:12:02 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-24 00:12:01 ----A---- C:\Windows\system32\msshsq.dll
2009-09-24 00:12:00 ----A---- C:\Windows\system32\msjet40.dll
2009-09-24 00:12:00 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-24 00:11:59 ----A---- C:\Windows\system32\Query.dll
2009-09-24 00:11:59 ----A---- C:\Windows\system32\qmgr.dll
2009-09-24 00:11:59 ----A---- C:\Windows\system32\msxml6.dll
2009-09-24 00:11:58 ----A---- C:\Windows\system32\msexch40.dll
2009-09-24 00:11:58 ----A---- C:\Windows\system32\diagperf.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\ole32.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\ntdll.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\msxml3.dll
2009-09-24 00:11:57 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-24 00:11:56 ----A---- C:\Windows\system32\winload.exe
2009-09-24 00:11:56 ----A---- C:\Windows\system32\uDWM.dll
2009-09-24 00:11:56 ----A---- C:\Windows\system32\mmc.exe
2009-09-24 00:11:56 ----A---- C:\Windows\system32\mblctr.exe
2009-09-24 00:11:56 ----A---- C:\Windows\system32\EncDec.dll
2009-09-24 00:11:55 ----A---- C:\Windows\system32\riched20.dll
2009-09-24 00:11:55 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-24 00:11:55 ----A---- C:\Windows\system32\fdBth.dll
2009-09-24 00:11:55 ----A---- C:\Windows\system32\dfsr.exe
2009-09-24 00:11:54 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-24 00:11:54 ----A---- C:\Windows\system32\kernel32.dll
2009-09-24 00:11:53 ----A---- C:\Windows\system32\spoolss.dll
2009-09-24 00:11:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-24 00:11:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-24 00:11:53 ----A---- C:\Windows\system32\milcore.dll
2009-09-24 00:11:53 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-24 00:11:53 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-24 00:11:52 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-24 00:11:52 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-24 00:11:50 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-24 00:11:50 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-24 00:11:50 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-24 00:11:50 ----A---- C:\Windows\system32\gpedit.dll
2009-09-24 00:11:50 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-24 00:11:46 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-24 00:11:46 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-24 00:11:46 ----A---- C:\Windows\system32\es.dll
2009-09-24 00:11:45 ----A---- C:\Windows\system32\mstext40.dll
2009-09-24 00:11:45 ----A---- C:\Windows\system32\Magnify.exe
2009-09-24 00:11:45 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-24 00:11:45 ----A---- C:\Windows\system32\advapi32.dll
2009-09-24 00:11:44 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-24 00:11:44 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-24 00:11:43 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-24 00:11:43 ----A---- C:\Windows\system32\slwmi.dll
2009-09-24 00:11:43 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-24 00:11:43 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-24 00:11:43 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-24 00:11:42 ----A---- C:\Windows\system32\vssapi.dll
2009-09-24 00:11:42 ----A---- C:\Windows\system32\authui.dll
2009-09-24 00:11:41 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-24 00:11:41 ----A---- C:\Windows\system32\newdev.dll
2009-09-24 00:11:41 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-24 00:11:41 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-24 00:11:40 ----A---- C:\Windows\system32\propsys.dll
2009-09-24 00:11:40 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-24 00:11:40 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-24 00:11:40 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-24 00:11:40 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-24 00:11:40 ----A---- C:\Windows\system32\crypt32.dll
2009-09-24 00:11:39 ----A---- C:\Windows\system32\setupapi.dll
2009-09-24 00:11:39 ----A---- C:\Windows\system32\rpcss.dll
2009-09-24 00:11:39 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-24 00:11:39 ----A---- C:\Windows\explorer.exe
2009-09-24 00:11:38 ----A---- C:\Windows\system32\msltus40.dll
2009-09-24 00:11:38 ----A---- C:\Windows\system32\mfc42.dll
2009-09-24 00:11:38 ----A---- C:\Windows\system32\davclnt.dll
2009-09-24 00:11:38 ----A---- C:\Windows\system32\d3d9.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-24 00:11:37 ----A---- C:\Windows\system32\browseui.dll
2009-09-24 00:11:36 ----A---- C:\Windows\system32\photowiz.dll
2009-09-24 00:11:36 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-24 00:11:35 ----A---- C:\Windows\system32\user32.dll
2009-09-24 00:11:35 ----A---- C:\Windows\system32\samsrv.dll
2009-09-24 00:11:35 ----A---- C:\Windows\system32\quartz.dll
2009-09-24 00:11:35 ----A---- C:\Windows\system32\ci.dll
2009-09-24 00:11:34 ----A---- C:\Windows\system32\win32spl.dll
2009-09-24 00:11:34 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-24 00:11:34 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-24 00:11:34 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-24 00:11:34 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-24 00:11:33 ----A---- C:\Windows\system32\winhttp.dll
2009-09-24 00:11:33 ----A---- C:\Windows\system32\netshell.dll
2009-09-24 00:11:33 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-24 00:11:33 ----A---- C:\Windows\system32\compcln.exe
2009-09-24 00:11:33 ----A---- C:\Windows\system32\apds.dll
2009-09-24 00:11:32 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-24 00:11:32 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-24 00:11:32 ----A---- C:\Windows\system32\msctf.dll
2009-09-24 00:11:32 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-24 00:11:32 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-24 00:11:31 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-24 00:11:31 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-24 00:11:31 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-24 00:11:31 ----A---- C:\Windows\system32\gdi32.dll
2009-09-24 00:11:30 ----A---- C:\Windows\system32\SLUI.exe
2009-09-24 00:11:30 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-24 00:11:30 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-24 00:11:30 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-24 00:11:30 ----A---- C:\Windows\system32\eapphost.dll
2009-09-24 00:11:29 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-24 00:11:28 ----A---- C:\Windows\system32\winresume.exe
2009-09-24 00:11:28 ----A---- C:\Windows\system32\propdefs.dll
2009-09-24 00:11:28 ----A---- C:\Windows\system32\odbc32.dll
2009-09-24 00:11:27 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-24 00:11:27 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-24 00:11:27 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-24 00:11:26 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-24 00:11:26 ----A---- C:\Windows\system32\swprv.dll
2009-09-24 00:11:26 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-24 00:11:25 ----A---- C:\Windows\system32\usp10.dll
2009-09-24 00:11:25 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-24 00:11:24 ----N---- C:\Windows\system32\vds.exe
2009-09-24 00:11:24 ----A---- C:\Windows\system32\netlogon.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\msscb.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\msctfp.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\drvinst.exe
2009-09-24 00:11:24 ----A---- C:\Windows\system32\devmgr.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-24 00:11:24 ----A---- C:\Windows\system32\BFE.DLL
2009-09-24 00:11:24 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-24 00:11:23 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-24 00:11:23 ----A---- C:\Windows\system32\evr.dll
2009-09-24 00:11:22 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-24 00:11:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-24 00:11:21 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-24 00:11:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-24 00:11:21 ----A---- C:\Windows\system32\services.exe
2009-09-24 00:11:21 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-24 00:11:20 ----A---- C:\Windows\system32\wercon.exe
2009-09-24 00:11:20 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-24 00:11:20 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-24 00:11:20 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-24 00:11:20 ----A---- C:\Windows\system32\adtschema.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\taskeng.exe
2009-09-24 00:11:19 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\reg.exe
2009-09-24 00:11:19 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\msjter40.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\msdrm.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-24 00:11:19 ----A---- C:\Windows\system32\certcli.dll
2009-09-24 00:11:18 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-24 00:11:18 ----A---- C:\Windows\system32\w32time.dll
2009-09-24 00:11:18 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-24 00:11:18 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-24 00:11:18 ----A---- C:\Windows\system32\certutil.exe
2009-09-24 00:11:17 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-24 00:11:17 ----A---- C:\Windows\system32\msshooks.dll
2009-09-24 00:11:17 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-24 00:11:17 ----A---- C:\Windows\system32\msihnd.dll
2009-09-24 00:11:17 ----A---- C:\Windows\system32\bthserv.dll
2009-09-24 00:11:17 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-24 00:11:16 ----A---- C:\Windows\system32\netapi32.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\msstrc.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\inetpp.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-24 00:11:16 ----A---- C:\Windows\system32\dfshim.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\termsrv.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\profsvc.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\mscories.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\hidserv.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\fundisc.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-24 00:11:15 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-24 00:11:14 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-24 00:11:14 ----A---- C:\Windows\system32\msiexec.exe
2009-09-24 00:11:14 ----A---- C:\Windows\system32\imapi.dll
2009-09-24 00:11:13 ----A---- C:\Windows\system32\wdc.dll
2009-09-24 00:11:13 ----A---- C:\Windows\system32\rasmans.dll
2009-09-24 00:11:13 ----A---- C:\Windows\system32\iassdo.dll
2009-09-24 00:11:13 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-24 00:11:12 ----A---- C:\Windows\system32\wersvc.dll
2009-09-24 00:11:12 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-24 00:11:12 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-24 00:11:12 ----A---- C:\Windows\system32\scrrun.dll
2009-09-24 00:11:12 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-24 00:11:12 ----A---- C:\Windows\system32\pnidui.dll
2009-09-24 00:11:12 ----A---- C:\Windows\system32\icardres.dll
2009-09-24 00:11:12 ----A---- C:\Windows\system32\autofmt.exe
2009-09-24 00:11:11 ----A---- C:\Windows\system32\pdh.dll
2009-09-24 00:11:11 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-24 00:11:11 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-24 00:11:11 ----A---- C:\Windows\system32\azroles.dll
2009-09-24 00:11:10 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-24 00:11:10 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-24 00:11:09 ----A---- C:\Windows\system32\winlogon.exe
2009-09-24 00:11:09 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\sethc.exe
2009-09-24 00:11:08 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\kd1394.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\comuid.dll
2009-09-24 00:11:08 ----A---- C:\Windows\system32\certmgr.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\wisptis.exe
2009-09-24 00:11:07 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\untfs.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\spp.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\scrobj.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\rtutils.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\iassam.dll
2009-09-24 00:11:07 ----A---- C:\Windows\system32\dwm.exe
2009-09-24 00:11:06 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-24 00:11:06 ----A---- C:\Windows\system32\autochk.exe
2009-09-24 00:11:05 ----A---- C:\Windows\system32\printui.dll
2009-09-24 00:11:05 ----A---- C:\Windows\system32\iasnap.dll
2009-09-24 00:11:04 ----A---- C:\Windows\system32\autoconv.exe
2009-09-24 00:11:03 ----A---- C:\Windows\system32\winsrv.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\wow32.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\userenv.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\osk.exe
2009-09-24 00:11:02 ----A---- C:\Windows\system32\onex.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\kdcom.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\cscript.exe
2009-09-24 00:11:02 ----A---- C:\Windows\system32\basecsp.dll
2009-09-24 00:11:02 ----A---- C:\Windows\system32\audiodg.exe
2009-09-24 00:11:01 ----A---- C:\Windows\system32\winmm.dll
2009-09-24 00:11:01 ----A---- C:\Windows\system32\RelMon.dll
2009-09-24 00:11:01 ----A---- C:\Windows\system32\mswsock.dll
2009-09-24 00:11:01 ----A---- C:\Windows\system32\kdusb.dll
2009-09-24 00:11:00 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-24 00:11:00 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-24 00:11:00 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-24 00:11:00 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-24 00:11:00 ----A---- C:\Windows\system32\offfilt.dll
2009-09-24 00:11:00 ----A---- C:\Windows\system32\msftedit.dll
2009-09-24 00:10:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\wsepno.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\WerFault.exe
2009-09-24 00:10:58 ----A---- C:\Windows\system32\Utilman.exe
2009-09-24 00:10:58 ----A---- C:\Windows\system32\stobject.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\mfplat.dll
2009-09-24 00:10:58 ----A---- C:\Windows\system32\diskraid.exe
2009-09-24 00:10:58 ----A---- C:\Windows\system32\apphelp.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\wscript.exe
2009-09-24 00:10:57 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\sysclass.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\SndVol.exe
2009-09-24 00:10:57 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\mscms.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\mcmde.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-24 00:10:57 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-24 00:10:56 ----A---- C:\Windows\system32\ulib.dll
2009-09-24 00:10:56 ----A---- C:\Windows\system32\rastapi.dll
2009-09-24 00:10:56 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-24 00:10:56 ----A---- C:\Windows\system32\dsound.dll
2009-09-24 00:10:56 ----A---- C:\Windows\system32\cryptui.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\rastls.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\gpapi.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-24 00:10:55 ----A---- C:\Windows\system32\diskpart.exe
2009-09-24 00:10:55 ----A---- C:\Windows\system32\brcpl.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-24 00:10:54 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\regsvc.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\ntprint.dll
2009-09-24 00:10:54 ----A---- C:\Windows\system32\logman.exe
2009-09-24 00:10:53 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-24 00:10:53 ----A---- C:\Windows\system32\wusa.exe
2009-09-24 00:10:53 ----A---- C:\Windows\system32\wshext.dll
2009-09-24 00:10:53 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-24 00:10:53 ----A---- C:\Windows\system32\mscorier.dll
2009-09-24 00:10:53 ----A---- C:\Windows\system32\iasrad.dll
2009-09-24 00:10:53 ----A---- C:\Windows\system32\findstr.exe
2009-09-24 00:10:52 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-24 00:10:52 ----A---- C:\Windows\system32\wer.dll
2009-09-24 00:10:52 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-24 00:10:52 ----A---- C:\Windows\system32\netcenter.dll
2009-09-24 00:10:52 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-24 00:10:51 ----A---- C:\Windows\system32\uxsms.dll
2009-09-24 00:10:51 ----A---- C:\Windows\system32\themecpl.dll
2009-09-24 00:10:51 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-24 00:10:51 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\slcc.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\scansetting.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\powrprof.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\msutb.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\mstsc.exe
2009-09-24 00:10:50 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-24 00:10:50 ----A---- C:\Windows\system32\iasads.dll
2009-09-24 00:10:49 ----A---- C:\Windows\system32\powercpl.dll
2009-09-24 00:10:49 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-24 00:10:49 ----A---- C:\Windows\system32\networkmap.dll
2009-09-24 00:10:49 ----A---- C:\Windows\system32\iasacct.dll
2009-09-24 00:10:49 ----A---- C:\Windows\system32\authz.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\themeui.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\sud.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\pcaui.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\newdev.exe
2009-09-24 00:10:48 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\connect.dll
2009-09-24 00:10:48 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-24 00:10:47 ----A---- C:\Windows\system32\usercpl.dll
2009-09-24 00:10:47 ----A---- C:\Windows\system32\samlib.dll
2009-09-24 00:10:47 ----A---- C:\Windows\system32\qdvd.dll
2009-09-24 00:10:47 ----A---- C:\Windows\system32\mmci.dll
2009-09-24 00:10:47 ----A---- C:\Windows\system32\autoplay.dll
2009-09-24 00:10:46 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-24 00:10:46 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-24 00:10:45 ----A---- C:\Windows\system32\regapi.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\wpcao.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\scksp.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\scesrv.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-24 00:10:43 ----A---- C:\Windows\system32\mpr.dll
2009-09-24 00:10:43 ----A---- C:\Windows\system32\feclient.dll
2009-09-24 00:10:42 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-24 00:10:42 ----A---- C:\Windows\system32\oleprn.dll
2009-09-24 00:10:42 ----A---- C:\Windows\system32\imm32.dll
2009-09-24 00:10:42 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-24 00:10:40 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-24 00:10:39 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-24 00:10:39 ----A---- C:\Windows\system32\sdclt.exe
2009-09-24 00:10:39 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-24 00:10:39 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-24 00:10:39 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-24 00:10:39 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-24 00:10:39 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-24 00:10:38 ----A---- C:\Windows\system32\scecli.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\qedit.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\pnpui.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-24 00:10:38 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-24 00:10:38 ----A---- C:\Windows\system32\certreq.exe
2009-09-24 00:10:37 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-24 00:10:37 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-24 00:10:37 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-24 00:10:37 ----A---- C:\Windows\system32\rasplap.dll
2009-09-24 00:10:37 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-24 00:10:36 ----A---- C:\Windows\system32\whealogr.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\srcore.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-24 00:10:36 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-24 00:10:36 ----A---- C:\Windows\system32\conime.exe
2009-09-24 00:10:36 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-24 00:10:36 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-24 00:10:35 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-24 00:10:35 ----A---- C:\Windows\system32\raschap.dll
2009-09-24 00:10:34 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-24 00:10:34 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-24 00:10:34 ----A---- C:\Windows\system32\fontext.dll
2009-09-24 00:10:33 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-24 00:10:33 ----A---- C:\Windows\system32\wlanui.dll
2009-09-24 00:10:33 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-24 00:10:33 ----A---- C:\Windows\system32\rasppp.dll
2009-09-24 00:10:33 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-24 00:10:33 ----A---- C:\Windows\system32\dsprop.dll
2009-09-24 00:10:32 ----A---- C:\Windows\system32\shsetup.dll
2009-09-24 00:10:32 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-24 00:10:32 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-24 00:10:32 ----A---- C:\Windows\system32\modemui.dll
2009-09-24 00:10:32 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-24 00:10:31 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-24 00:10:31 ----A---- C:\Windows\system32\mscandui.dll
2009-09-24 00:10:31 ----A---- C:\Windows\system32\dataclen.dll
2009-09-24 00:10:31 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-24 00:10:30 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-24 00:10:30 ----A---- C:\Windows\system32\smss.exe
2009-09-24 00:10:30 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-24 00:10:30 ----A---- C:\Windows\system32\credui.dll
2009-09-24 00:10:30 ----A---- C:\Windows\system32\blackbox.dll
2009-09-24 00:10:29 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-24 00:10:29 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-24 00:10:29 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-24 00:10:29 ----A---- C:\Windows\system32\certprop.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\wscapi.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\msscp.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\msimtf.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\logagent.exe
2009-09-24 00:10:28 ----A---- C:\Windows\system32\InkEd.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\ifmon.dll
2009-09-24 00:10:28 ----A---- C:\Windows\system32\gpresult.exe
2009-09-24 00:10:28 ----A---- C:\Windows\system32\cipher.exe
2009-09-24 00:10:27 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-24 00:10:27 ----A---- C:\Windows\system32\softkbd.dll
2009-09-24 00:10:27 ----A---- C:\Windows\system32\sendmail.dll
2009-09-24 00:10:27 ----A---- C:\Windows\system32\msctfui.dll
2009-09-24 00:10:27 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-24 00:10:26 ----A---- C:\Windows\system32\olepro32.dll
2009-09-24 00:10:26 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-24 00:10:26 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\wshbth.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\version.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-24 00:10:25 ----A---- C:\Windows\system32\puiapi.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\msisip.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\mprapi.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\input.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-24 00:10:25 ----A---- C:\Windows\system32\cdd.dll
2009-09-24 00:10:24 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-24 00:10:24 ----A---- C:\Windows\system32\fc.exe
2009-09-24 00:10:24 ----A---- C:\Windows\system32\dmusic.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\msjint40.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\ftp.exe
2009-09-24 00:10:23 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\cscdll.dll
2009-09-24 00:10:23 ----A---- C:\Windows\system32\cscapi.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\Storprop.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\rasdial.exe
2009-09-24 00:10:22 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-24 00:10:22 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-24 00:10:22 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-24 00:10:22 ----A---- C:\Windows\system32\bthci.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-24 00:10:21 ----A---- C:\Windows\system32\slcinst.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-24 00:10:21 ----A---- C:\Windows\system32\nslookup.exe
2009-09-24 00:10:21 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-24 00:10:21 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-24 00:10:20 ----A---- C:\Windows\system32\mmcico.dll
2009-09-24 00:10:20 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-24 00:10:19 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-24 00:10:18 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-24 00:10:18 ----A---- C:\Windows\system32\csrstub.exe
2009-09-24 00:10:18 ----A---- C:\Windows\system32\cbsra.exe
2009-09-24 00:10:18 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-24 00:10:17 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-24 00:10:17 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\winrnr.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\slwga.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\midimap.dll
2009-09-24 00:10:16 ----A---- C:\Windows\system32\inetppui.dll
2009-09-24 00:10:12 ----A---- C:\Windows\system32\msimsg.dll
2009-09-24 00:10:12 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-24 00:09:25 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-24 00:09:21 ----A---- C:\Windows\system32\wdscore.dll
2009-09-24 00:09:21 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-24 00:09:09 ----A---- C:\Windows\system32\drvstore.dll
2009-09-17 20:37:18 ----D---- C:\Program Files\Utilitaire de configuration iPhone
2009-09-17 20:34:46 ----A---- C:\Windows\system32\GEARAspi.dll
2009-09-17 20:33:31 ----D---- C:\Program Files\iPod
2009-09-17 20:33:29 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 20:33:29 ----D---- C:\Program Files\iTunes
2009-09-17 20:31:37 ----D---- C:\Program Files\QuickTime
2009-09-14 17:28:48 ----D---- C:\Users\sarah\AppData\Roaming\FileZilla
2009-09-14 17:28:03 ----D---- C:\Program Files\FileZilla FTP Client
2009-09-10 04:47:33 ----D---- C:\Users\sarah\AppData\Roaming\vlc
2009-09-09 08:20:57 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 08:20:33 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 08:20:31 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 08:20:31 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 08:20:31 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 08:20:31 ----A---- C:\Windows\system32\finger.exe
2009-09-09 08:20:31 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 08:20:30 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 08:20:30 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 08:20:29 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 08:19:08 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 08:19:08 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 08:19:08 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 08:19:08 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-09 08:19:08 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 08:19:07 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 08:19:02 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 08:19:01 ----A---- C:\Windows\system32\mf.dll
2009-09-09 08:19:00 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-09 08:19:00 ----A---- C:\Windows\system32\mfps.dll
2009-09-09 08:19:00 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-09 08:18:59 ----A---- C:\Windows\system32\mferror.dll
2009-09-08 16:26:12 ----A---- C:\Windows\system32\javaws.exe
2009-09-08 16:26:12 ----A---- C:\Windows\system32\javaw.exe
2009-09-08 16:26:12 ----A---- C:\Windows\system32\java.exe
2009-09-02 22:20:30 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-02 22:20:29 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-31 16:56:14 ----D---- C:\Users\sarah\AppData\Roaming\HpUpdate
2009-08-31 16:55:35 ----D---- C:\Windows\Hewlett-Packard

======List of files/folders modified in the last 2 months======

2009-10-29 15:17:58 ----RD---- C:\Program Files
2009-10-29 15:17:43 ----D---- C:\Windows\Temp
2009-10-29 15:17:11 ----D---- C:\Windows\inf
2009-10-29 15:15:05 ----D---- C:\Program Files\Mozilla Firefox
2009-10-29 13:56:39 ----SHD---- C:\System Volume Information
2009-10-29 12:53:31 ----SHD---- C:\Windows\Installer
2009-10-29 12:37:25 ----D---- C:\Windows
2009-10-29 12:36:47 ----D---- C:\Users\sarah\AppData\Roaming\Spyware Terminator
2009-10-29 12:36:33 ----D---- C:\Program Files\Spyware Terminator
2009-10-29 12:14:39 ----D---- C:\Windows\System32
2009-10-28 23:49:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-28 23:44:27 ----D---- C:\Multimedia Files
2009-10-28 23:42:13 ----D---- C:\Windows\system32\drivers
2009-10-28 19:03:18 ----D---- C:\Windows\system32\Tasks
2009-10-28 16:46:09 ----D---- C:\Windows\Prefetch
2009-10-28 16:37:38 ----D---- C:\Users\sarah\AppData\Roaming\Adobe
2009-10-28 16:37:07 ----D---- C:\ProgramData
2009-10-28 16:30:52 ----D---- C:\Windows\Tasks
2009-10-28 16:30:26 ----D---- C:\Program Files\Common Files
2009-10-28 16:09:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-28 12:31:37 ----D---- C:\Windows\LiveKernelReports
2009-10-26 15:17:03 ----D---- C:\Program Files\SecondLife
2009-10-26 03:19:29 ----D---- C:\downloads
2009-10-25 15:36:31 ----D---- C:\Program Files\Adobe
2009-10-25 15:36:03 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 15:04:53 ----D---- C:\Users\sarah\AppData\Roaming\Download Manager
2009-10-25 12:55:53 ----D---- C:\ProgramData\Adobe
2009-10-25 12:53:42 ----RSD---- C:\Windows\Fonts
2009-10-25 12:04:16 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-10-25 11:22:28 ----DC---- C:\Windows\system32\DRVSTORE
2009-10-25 11:22:28 ----D---- C:\Windows\system32\catroot
2009-10-25 03:01:01 ----D---- C:\Program Files\SendBlaster
2009-10-25 02:57:12 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-25 02:55:09 ----D---- C:\Users\sarah\AppData\Roaming\RayV
2009-10-25 02:53:13 ----D---- C:\Program Files\WorldCast
2009-10-25 02:51:49 ----D---- C:\Users\sarah\AppData\Roaming\Vso
2009-10-25 02:51:47 ----A---- C:\Users\sarah\AppData\Roaming\inst.exe
2009-10-24 19:49:08 ----SD---- C:\Windows\Downloaded Program Files
2009-10-23 02:17:37 ----D---- C:\Windows\system32\migration
2009-10-23 02:17:36 ----D---- C:\Program Files\Internet Explorer
2009-10-23 02:01:34 ----D---- C:\Windows\winsxs
2009-10-22 12:54:10 ----D---- C:\Windows\system32\catroot2
2009-10-17 02:56:16 ----D---- C:\Windows\rescache
2009-10-17 02:45:44 ----D---- C:\Windows\Microsoft.NET
2009-10-17 02:45:35 ----RSD---- C:\Windows\assembly
2009-10-17 02:26:38 ----D---- C:\Windows\system32\it-IT
2009-10-17 02:26:38 ----D---- C:\Windows\system32\fr-FR
2009-10-17 02:26:38 ----D---- C:\Windows\system32\de-DE
2009-10-17 02:26:37 ----D---- C:\Windows\ehome
2009-10-17 02:26:37 ----D---- C:\Program Files\Windows Mail
2009-10-17 02:06:06 ----D---- C:\ProgramData\Microsoft Help
2009-10-06 18:49:45 ----D---- C:\Windows\system32\zh-TW
2009-10-06 18:49:45 ----D---- C:\Windows\system32\zh-HK
2009-10-06 18:49:45 ----D---- C:\Windows\system32\tr-TR
2009-10-06 18:49:45 ----D---- C:\Windows\system32\sv-SE
2009-10-06 18:49:45 ----D---- C:\Windows\system32\pt-BR
2009-10-06 18:49:45 ----D---- C:\Windows\system32\nl-NL
2009-10-06 18:49:45 ----D---- C:\Windows\system32\nb-NO
2009-10-06 18:49:45 ----D---- C:\Windows\system32\ko-KR
2009-10-06 18:49:45 ----D---- C:\Windows\system32\he-IL
2009-10-06 18:49:45 ----D---- C:\Windows\system32\fi-FI
2009-10-06 18:49:45 ----D---- C:\Windows\system32\es-ES
2009-10-06 18:49:45 ----D---- C:\Windows\system32\en-US
2009-10-06 18:49:45 ----D---- C:\Windows\system32\el-GR
2009-10-06 18:49:45 ----D---- C:\Windows\system32\da-DK
2009-10-06 18:49:45 ----D---- C:\Windows\system32\ar-SA
2009-10-06 15:26:35 ----D---- C:\Program Files\Free Music Zilla
2009-10-06 14:50:16 ----D---- C:\Program Files\Burn4Free
2009-10-06 14:50:12 ----D---- C:\Program Files\Burn4Free Toolbar
2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe
2009-09-28 00:55:24 ----SHD---- C:\boot
2009-09-28 00:43:17 ----D---- C:\Program Files\Windows Sidebar
2009-09-28 00:43:17 ----D---- C:\Program Files\Windows Media Player
2009-09-28 00:43:17 ----D---- C:\Program Files\Windows Journal
2009-09-28 00:43:17 ----D---- C:\Program Files\Windows Collaboration
2009-09-28 00:43:17 ----D---- C:\Program Files\Windows Calendar
2009-09-28 00:43:17 ----D---- C:\Program Files\Movie Maker
2009-09-28 00:43:15 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-28 00:43:15 ----D---- C:\Program Files\Common Files\System
2009-09-28 00:43:11 ----D---- C:\Windows\servicing
2009-09-28 00:43:11 ----D---- C:\Program Files\Windows Defender
2009-09-28 00:43:03 ----D---- C:\Windows\system32\XPSViewer
2009-09-28 00:43:03 ----D---- C:\Windows\system32\sk-SK
2009-09-28 00:43:03 ----D---- C:\Windows\system32\lv-LV
2009-09-28 00:43:03 ----D---- C:\Windows\system32\hr-HR
2009-09-28 00:43:03 ----D---- C:\Windows\system32\et-EE
2009-09-28 00:43:03 ----D---- C:\Windows\IME
2009-09-28 00:42:53 ----D---- C:\Windows\system32\oobe
2009-09-28 00:42:53 ----D---- C:\Windows\system32\fr
2009-09-28 00:42:52 ----D---- C:\Windows\system32\ru-RU
2009-09-28 00:42:52 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-28 00:42:49 ----D---- C:\Windows\system32\SLUI
2009-09-28 00:42:49 ----D---- C:\Windows\system32\setup
2009-09-28 00:42:49 ----D---- C:\Windows\system32\pt-PT
2009-09-28 00:42:49 ----D---- C:\Windows\system32\hu-HU
2009-09-28 00:42:49 ----D---- C:\Windows\system32\cs-CZ
2009-09-28 00:42:48 ----D---- C:\Windows\system32\zh-CN
2009-09-28 00:42:48 ----D---- C:\Windows\system32\uk-UA
2009-09-28 00:42:48 ----D---- C:\Windows\system32\th-TH
2009-09-28 00:42:48 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-28 00:42:48 ----D---- C:\Windows\system32\sl-SI
2009-09-28 00:42:48 ----D---- C:\Windows\system32\ro-RO
2009-09-28 00:42:48 ----D---- C:\Windows\system32\pl-PL
2009-09-28 00:42:48 ----D---- C:\Windows\system32\manifeststore
2009-09-28 00:42:48 ----D---- C:\Windows\system32\ja-JP
2009-09-28 00:42:48 ----D---- C:\Windows\system32\it
2009-09-28 00:42:48 ----D---- C:\Windows\system32\bg-BG
2009-09-28 00:42:47 ----D---- C:\Windows\system32\wbem
2009-09-28 00:42:46 ----D---- C:\Windows\system32\migwiz
2009-09-28 00:42:46 ----D---- C:\Windows\system32\lt-LT
2009-09-28 00:42:28 ----D---- C:\Windows\AppPatch
2009-09-28 00:42:20 ----D---- C:\Windows\system32\Boot
2009-09-28 00:38:56 ----D---- C:\ProgramData\NVIDIA
2009-09-28 00:23:42 ----D---- C:\Program Files\HP
2009-09-25 16:32:24 ----D---- C:\Program Files\DivX
2009-09-19 22:23:01 ----D---- C:\Windows\system32\WDI
2009-09-17 20:33:30 ----D---- C:\Program Files\Common Files\Apple
2009-09-17 20:33:29 ----D---- C:\ProgramData\Apple Computer
2009-09-15 18:07:06 ----D---- C:\Users\sarah\AppData\Roaming\CoreFTP
2009-09-10 10:15:08 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-08 16:26:11 ----D---- C:\Program Files\Java
2009-09-05 14:29:13 ----D---- C:\wamp
2009-09-03 10:17:47 ----A---- C:\Windows\system32\lsdelete.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-08-17 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-12-27 141312]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-05-30 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-08-17 53328]
R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 BCM43XX;Treiber für Broadcom 802.11-Netzwerkadapter; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-09-24 1207288]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-23 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-23 7494976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-04-15 378368]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R4 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R4 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\Windows\System32\DRIVERS\AvgAsCln.sys []
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-09-24 1207288]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-08-24 47360]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTC
0
Utilisateur anonyme
 
lance USBFix, et sélectionne l'option 1, et poste le rapport
0
sarah01 > Utilisateur anonyme
 
alors pendant l'analyse j'ai mon avast qui est apparu en me disant qu'il a trouvé un virus
nom du fichier : C:\UsbFix\Tools\swerg.exe
Nom du logicile malveillant : Win32:vitro
Type du logiciel malveillant : Virus/Ver
Version VPS : 091028-0,28/10/2009

Dois-je le supprimer ? le mettre en quarantaine ou ne rien faire ?
0
sarah01 > Utilisateur anonyme
 
voici le rapport (ps : jlai mis en quarantaine)


############################## | UsbFix V6.046 |

User : sarah (Administrateurs) # PC-DE-SARAH
Update on 29/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 15:47:02 | 29/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 223,48 Go (33,68 Go free) # NTFS
D:\ -> Disque fixe local # 9,4 Go (1,68 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,89 Go (1,88 Go free) [LEXAR] # FAT
I:\ -> Disque amovible # 1,85 Go (206,03 Mo free) # FAT

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\TUProgSt.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\FastNetSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\System32\vdsldr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

C:\Users\sarah\AppData\Local\Temp\21007797-5292-3c6d-d89c-99059a8661ac.tmp.exe
C:\Users\sarah\AppData\Local\Temp\dcf39690-209a-567c-e9e6-f52df091a4e4.tmp.exe

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Suspect | https://www.virustotal.com/gui/ |


################## | Cracks / Keygens / Serials |

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation\OS-Adobe_CS2_KeyGen_Tryout_to_Full.exe"
04/05/2005 23:42 |Size 81920 |Crc32 3ac472ac |Md5 f86c6fa13318e60f7c896326f3f1c2f7

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe"
02/08/2004 20:34 |Size 180224 |Crc32 44a43768 |Md5 50b443e1feb48b48b4188253df13e0c0

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsia.exe"
11/03/2002 05:45 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsiw.exe"
11/03/2002 09:06 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\setup.exe"
25/03/2005 08:49 |Size 245760 |Crc32 f0183bbd |Md5 495f9fb32f53d6df35e4e2b545901136

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsia.exe"
11/03/2002 05:45 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsiw.exe"
11/03/2002 09:06 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\setup.exe"
11/04/2005 09:15 |Size 245760 |Crc32 6462e3f2 |Md5 495d8f56f8eac3f80120834feeede6d6


################## | ! Fin du rapport # UsbFix V6.046 ! |
0
Utilisateur anonyme > sarah01
 
ton logiciel photoshop est cracké, c'est dangereux ce que tu fais, car les cracks sont vecteurs d'infections

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# Sélectionne l'option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

# Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
sarah01 > Utilisateur anonyme
 
Je m'excuse, il manquait un périphérique branché.

De nouveau le rapport


############################## | UsbFix V6.046 |

User : sarah (Administrateurs) # PC-DE-SARAH
Update on 29/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:07:05 | 29/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 223,48 Go (33,68 Go free) # NTFS
D:\ -> Disque fixe local # 9,4 Go (1,68 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,89 Go (1,88 Go free) [LEXAR] # FAT
G:\ -> Disque fixe local # 149,01 Go (11,17 Go free) [HD-PFU2] # FAT32
I:\ -> Disque amovible # 1,85 Go (205,97 Mo free) # FAT

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\TUProgSt.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\FastNetSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

C:\Users\sarah\AppData\Local\Temp\21007797-5292-3c6d-d89c-99059a8661ac.tmp.exe
C:\Users\sarah\AppData\Local\Temp\dcf39690-209a-567c-e9e6-f52df091a4e4.tmp.exe
G:\autorun.inf

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{346f78ec-327b-11de-b803-001e68e9a6bf}
shell\AutoRun\command =F:\AutoDPFMate.exe

HKCU\..\..\Explorer\MountPoints2\{5741355b-ac58-11de-a236-001e68e9a6bf}
shell\AutoRun\command =G:\LaunchU3.exe -a

HKCU\..\..\Explorer\MountPoints2\{c3bbab3e-d426-11dd-9578-001e68e9a6bf}
shell\AutoRun\command =I:\start.exe

HKCU\..\..\Explorer\MountPoints2\{fed97154-f8d5-11dd-abff-001e68e9a6bf}
shell\AutoRun\command =explorer .
shell\mobile\command =G:\MobileLaunch.exe

################## | Suspect | https://www.virustotal.com/gui/ |


################## | Cracks / Keygens / Serials |

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation\OS-Adobe_CS2_KeyGen_Tryout_to_Full.exe"
04/05/2005 23:42 |Size 81920 |Crc32 3ac472ac |Md5 f86c6fa13318e60f7c896326f3f1c2f7

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe"
02/08/2004 20:34 |Size 180224 |Crc32 44a43768 |Md5 50b443e1feb48b48b4188253df13e0c0

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsia.exe"
11/03/2002 05:45 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsiw.exe"
11/03/2002 09:06 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\setup.exe"
25/03/2005 08:49 |Size 245760 |Crc32 f0183bbd |Md5 495f9fb32f53d6df35e4e2b545901136

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsia.exe"
11/03/2002 05:45 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsiw.exe"
11/03/2002 09:06 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\setup.exe"
11/04/2005 09:15 |Size 245760 |Crc32 6462e3f2 |Md5 495d8f56f8eac3f80120834feeede6d6

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Adobe Photoshop 8.0 + serial\setup.exe"
12/02/2009 20:11 |Size 107512 |Crc32 2ccbee6e |Md5 5b2065fa6f2ec63fe28be26fdb7b0480

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe"
28/10/2009 02:11 |Size 180224 |Crc32 44a43768 |Md5 50b443e1feb48b48b4188253df13e0c0

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsia.exe"
06/05/2009 22:24 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsiw.exe"
06/05/2009 22:24 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\setup.exe"
28/10/2009 02:11 |Size 245760 |Crc32 f0183bbd |Md5 495f9fb32f53d6df35e4e2b545901136

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation\OS-Adobe_CS2_KeyGen_Tryout_to_Full.exe"
26/10/2009 03:35 |Size 81920 |Crc32 3ac472ac |Md5 f86c6fa13318e60f7c896326f3f1c2f7

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsia.exe"
06/05/2009 22:30 |Size 1708856 |Crc32 3ccaccf9 |Md5 43f7305c2e5dd4a8f3c5abeb2ffe4833

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\instmsiw.exe"
06/05/2009 22:30 |Size 1822520 |Crc32 be716ace |Md5 61a5fb191ae2ae876db31dcce75e4183

"G:\pc doc\Memeo\sauvegarde fevrier 2009\C_\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f\TryOut\setup.exe"
28/10/2009 02:11 |Size 245760 |Crc32 6462e3f2 |Md5 495d8f56f8eac3f80120834feeede6d6


################## | ! Fin du rapport # UsbFix V6.046 ! |
0
Réponse 4 / 5
Utilisateur anonyme
 
il faudrai répondre après mon dernier post, car on ne va pas s'y retrouver
met tout en quarantaine et supprime avec Avast
un conseil tu devrais supprimer tous les cracks car c'est probablement cela qui a infecté ton PC

on infecte souvent les PC en téléchargeant des cracks par les logiciels P2P

Les toolbars, c'est pas obligatoire
Je vais te donner ceci en passant, c'est à lire
https://forum.malekal.com/viewtopic.php?f=45&t=6173
Désactive l'UAC: controle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr

Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

!! Déconnecte toi et ferme toute tes applications en cours le temps de la manipe !! Désactive ton antivirus.

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Clic droit sur le raccourci de Toolbar-S&D, et sur exécuter en tant qu'administrateur pour le lancer
* Sélectionne la langue souhaitée en tapant la lettre de ton choix, puis appuie sur la touche Entrée.
* Sélectionne l'option 1 (Recherche), puis appuie sur la touche entrée. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
sarah01
 
voici le rapport :


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : Default System BIOS
USER : sarah ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:223 Go (Free:33 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT - Total:1935 Mo (Free:1 Go)
G:\ (Local Disk) - FAT32 - Total:149 Go (Free:11 Go)
I:\ (USB) - FAT - Total:1899 Mo (Free:0 Go)
Z:\ (Network Disk)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 29/10/2009|16:54 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Users\Public\Desktop\Burn4Free.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Burn4Free Toolbar
C:\Users\sarah\AppData\Roaming\MICROS~1\Windows\Cookies\sarah@iredirect.burn4free[2].txt
C:\Users\sarah\AppData\Roaming\MICROS~1\Windows\Cookies\sarah@iredirect468.burn4free[1].txt
C:\Users\sarah\AppData\Roaming\MICROS~1\Windows\Cookies\sarah@www.burn4free[1].txt
C:\Program Files\Mozilla Firefox\extensions\support@burn4free-toolbar.com
C:\Program Files\Burn4Free
C:\Program Files\Burn4Free\bass.dll
C:\Program Files\Burn4Free\basscd.dll
C:\Program Files\Burn4Free\bassflac.dll
C:\Program Files\Burn4Free\basswma.dll
C:\Program Files\Burn4Free\basswv.dll
C:\Program Files\Burn4Free\bass_ape.dll
C:\Program Files\Burn4Free\bass_mpc.dll
C:\Program Files\Burn4Free\BURN4FREE.CFG
C:\Program Files\Burn4Free\Burn4Free.exe
C:\Program Files\Burn4Free\languages
C:\Program Files\Burn4Free\license.txt
C:\Program Files\Burn4Free\queue
C:\Program Files\Burn4Free\temp
C:\Program Files\Burn4Free\uninstall.exe
C:\Program Files\Burn4Free\wav
C:\Program Files\Burn4Free\languages\ARABIC.INI
C:\Program Files\Burn4Free\languages\BELARUSSIAN.INI
C:\Program Files\Burn4Free\languages\CATALAN.INI
C:\Program Files\Burn4Free\languages\CHINESEBIG5.INI
C:\Program Files\Burn4Free\languages\CHINESEGB.INI
C:\Program Files\Burn4Free\languages\CROATIAN_FUN.INI
C:\Program Files\Burn4Free\languages\CZECH.INI
C:\Program Files\Burn4Free\languages\DUTCH.INI
C:\Program Files\Burn4Free\languages\ENGLISH.INI
C:\Program Files\Burn4Free\languages\FRENCH.INI
C:\Program Files\Burn4Free\languages\GALEGO.INI
C:\Program Files\Burn4Free\languages\GERMAN.INI
C:\Program Files\Burn4Free\languages\GERMAN_2.INI
C:\Program Files\Burn4Free\languages\HEBREW.INI
C:\Program Files\Burn4Free\languages\HELLENIC.INI
C:\Program Files\Burn4Free\languages\ITALIANO.INI
C:\Program Files\Burn4Free\languages\JAPANESE.INI
C:\Program Files\Burn4Free\languages\KOREAN.INI
C:\Program Files\Burn4Free\languages\LITHUANIAN.INI
C:\Program Files\Burn4Free\languages\MACEDONIAN.INI
C:\Program Files\Burn4Free\languages\MAGYAR.INI
C:\Program Files\Burn4Free\languages\NORSK.INI
C:\Program Files\Burn4Free\languages\POLISH.INI
C:\Program Files\Burn4Free\languages\PORTUGUESE.INI
C:\Program Files\Burn4Free\languages\ROMANA.INI
C:\Program Files\Burn4Free\languages\RUSSIAN.INI
C:\Program Files\Burn4Free\languages\RUSSIAN_2.INI
C:\Program Files\Burn4Free\languages\SERBIAN.INI
C:\Program Files\Burn4Free\languages\SLOVAK.INI
C:\Program Files\Burn4Free\languages\SLOVENIAN.INI
C:\Program Files\Burn4Free\languages\SPANISH.INI
C:\Program Files\Burn4Free\languages\SUOMI.INI
C:\Program Files\Burn4Free\languages\SVENSKA.INI
C:\Program Files\Burn4Free\languages\TURKISH.INI
C:\Program Files\Burn4Free\languages\UKRAINIAN.INI
C:\Program Files\Burn4Free\languages\VALENCIAN.INI
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Burn4Free Toolbar
C:\Program Files\Burn4Free Toolbar
C:\Program Files\Burn4Free Toolbar\uninstall.txt
C:\Program Files\Burn4Free Toolbar\v3.3.0.1
C:\Program Files\Burn4Free Toolbar\v3.3.0.3
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\installer.ico
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome.manifest
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\install.rdf
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\content
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\skin
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\content\toolbar.js
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\content\toolbar.xul
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\skin\go.GIF
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\skin\overlay.css
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\skin\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\Firefox\chrome\skin\toolbar_logo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\checkmark.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\configure.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\configure_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\cookies.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\cookies_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\favorites.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\favorites_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\find.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\find_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go1.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go1_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go2.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\go2_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\help.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\help_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\highlight.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\highlight_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\history.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\history_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\images.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\images_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\mag.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\magnifying_glass.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\magnifying_glass_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\multi_home_page.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\multi_home_page_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\panic.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\panic_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\popup_blocker_off.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\popup_blocker_on.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\radiodot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\run_application.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\run_application_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\save_web_pages_urls.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\save_web_pages_urls_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\searchbg.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\source.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\source_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\temporary_internet_files.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\temporary_internet_files_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Toolbar.js
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\Toolbar4Free.exe
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\toolbar_logo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\typed_urls.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\typed_urls_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_in.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_in_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_out.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\zoom_out_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\bin
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\css
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\dropdown.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\models.sm
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\preferences.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\bin\CSA.dll
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\css\main.css
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\cancel.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\compare.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar1.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar2.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\dollar3.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\empty.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\gradient.jpg
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\prontologo.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\csa\images\update.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_bg.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_feature_bracket.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_logo.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_search_bracket.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_star_bullet.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\intro_toolbar.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\intro\toolbar_intro.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\accuweather.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\amazon.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\dictionary.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\ebay.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\flickr.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_groups.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_images.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_maps.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\google_news.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\shopping.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\technorati.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\wikipedia.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\yahoo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\yahoo_answers.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.1\resources\search\youtube.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\installer.ico
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome.manifest
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\install.rdf
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\content
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\skin
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\content\toolbar.js
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\content\toolbar.xul
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\skin\go.GIF
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\skin\overlay.css
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\skin\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Firefox\chrome\skin\toolbar_logo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\checkmark.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\configure.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\configure_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\cookies.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\cookies_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\favorites.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\favorites_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\find.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\find_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\go1.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\go1_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\go2.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\go2_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\help.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\help_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\highlight.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\highlight_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\history.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\history_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\images.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\images_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\mag.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\magnifying_glass.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\magnifying_glass_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\multi_home_page.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\multi_home_page_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\panic.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\panic_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\popup_blocker_off.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\popup_blocker_on.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\radiodot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\run_application.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\run_application_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\save_web_pages_urls.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\save_web_pages_urls_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\searchbg.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\source.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\source_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\temporary_internet_files.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\temporary_internet_files_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\Toolbar.js
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\Toolbar4Free.exe
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\toolbar_logo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\typed_urls.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\typed_urls_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\zoom_in.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\zoom_in_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\zoom_out.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\zoom_out_hot.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby\beruby.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby\downloads_logo_small.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby\shopping_logo_small.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby\travel_logo_small.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\beruby\webmasters_logo_small.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\bin
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\css
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\dropdown.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\models.sm
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\preferences.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\bin\CSA.dll
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\css\main.css
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\cancel.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\compare.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\dollar1.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\dollar2.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\dollar3.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\empty.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\gradient.jpg
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\prontologo.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\csa\images\update.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_bg.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_feature_bracket.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_logo.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_search_bracket.gif
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_star_bullet.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\intro_toolbar.png
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\intro\toolbar_intro.htm
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\accuweather.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\amazon.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\dictionary.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\ebay.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\flickr.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\google_groups.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\google_images.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\google_maps.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\google_news.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\shopping.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\technorati.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\Thumbs.db
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\wikipedia.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\yahoo.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\yahoo_answers.bmp
C:\Program Files\Burn4Free Toolbar\v3.3.0.3\resources\search\youtube.bmp
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
C:\Program Files\Crawler
C:\Program Files\Crawler\adrkeys.dat
C:\Program Files\Crawler\COMMON_FF.dat
C:\Program Files\Crawler\confirm.dat
C:\Program Files\Crawler\ctbcomm.dll
C:\Program Files\Crawler\ctbr.dll
C:\Program Files\Crawler\CTConf.dat
C:\Program Files\Crawler\CTipsDef.dll
C:\Program Files\Crawler\CToolbar.exe
C:\Program Files\Crawler\CUpdate.exe
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\firefox
C:\Program Files\Crawler\Languages
C:\Program Files\Crawler\STWSGLanguageAct
C:\Program Files\Crawler\STWSG_FF.dat
C:\Program Files\Crawler\TBR5LanguageAct
C:\Program Files\Crawler\Update
C:\Program Files\Crawler\WebSecurityGuard.dll
C:\Program Files\Crawler\WSGData
C:\Program Files\Crawler\firefox\chrome
C:\Program Files\Crawler\firefox\chrome.manifest
C:\Program Files\Crawler\firefox\components
C:\Program Files\Crawler\firefox\install.ini
C:\Program Files\Crawler\firefox\install.rdf
C:\Program Files\Crawler\firefox\stwsg_ff.ini
C:\Program Files\Crawler\firefox\chrome\common.jar
C:\Program Files\Crawler\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\firefox\components\xcomm.dll
C:\Program Files\Crawler\firefox\components\xplugin.xpt
C:\Program Files\Crawler\firefox\components\xshared.dll
C:\Program Files\Crawler\firefox\components\xshared.xpt
C:\Program Files\Crawler\firefox\components\xsupport.dll
C:\Program Files\Crawler\firefox\components\xsupport.xpt
C:\Program Files\Crawler\firefox\components\xwsg.dll
C:\Program Files\Crawler\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Languages\TBR5_RU.cab
C:\Program Files\Crawler\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Update\domains.cab
C:\Program Files\Crawler\WSGData\domains
C:\Program Files\Crawler\WSGData\g_S-1-5-21-3606140413-2695310924-407586061-1000.dat
C:\Program Files\Crawler\WSGData\wfilter.dat
C:\Program Files\Crawler\WSGData\w_S-1-5-21-3606140413-2695310924-407586061-1000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_032.dat
C:\Program Files\Crawler\WSGData\domains\domains_032_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_033.dat
C:\Program Files\Crawler\WSGData\domains\domains_033_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_034.dat
C:\Program Files\Crawler\WSGData\domains\domains_034_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_035.dat
C:\Program Files\Crawler\WSGData\domains\domains_035_diff.dat
C:\Program Files\Crawler\WSGData\domains\domains_036.dat
C:\Program Files\Crawler\WSGData\domains\domains_036_diff.dat
C:\Program Files\Crawler\WSGData\domains\index.dat
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Dealio
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\Program Files\Search Settings\kb127\temp
C:\Windows\Burn4Free_Toolbar_Uninstaller_107.exe
C:\Windows\Burn4Free_Toolbar_Uninstaller_1940.exe
C:\Windows\System32\b4fm.dll
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
C:\Users\Public\Desktop\Burn4Free.lnk

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Page_URL"="https://www.msn.com/de-ch?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr"
"Default_Page_URL"="https://www.msn.com/de-ch?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\sarah\AppData\Roaming\Microsoft\Windows\Recent\Adobe Photoshop CS4 Full+crack+trdu‡aä_NazgoOlM3_FWBrasil.rar.lnk
C:\Users\sarah\Application Data\Microsoft\Windows\Recent\Adobe Photoshop CS4 Full+crack+trdu‡aä_NazgoOlM3_FWBrasil.rar.lnk
C:\Users\sarah\Documents\ADOBE\(Keygen Photoshop Cs2 Patch Fr) (Keygen Nero) (Crack Clone CD) (Keygen Pinacle Studio Plus10) 100%Ok Par Edden
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2
C:\Users\sarah\Documents\ADOBE\(Keygen Photoshop Cs2 Patch Fr) (Keygen Nero) (Crack Clone CD) (Keygen Pinacle Studio Plus10) 100%Ok Par Edden\Patch Fran‡ais - photoshop CS2 Traduction Us-Fr.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\PS9_Tryout_f
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation\OS-Adobe_CS2_KeyGen_Tryout_to_Full.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Adobe_Photoshop_CS2_Tryout_to_Full_Activation\ReadMeFirst.txt
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Activation Read Me.html
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe DNG Converter
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AUTORUN.INF
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\epic_eula.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Goodies
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Help
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\How To Install.html
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\LegalNotices.pdf
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Photoshop At A Glance.pdf
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Photoshop New Features.pdf
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Read Me First.html
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe.manifest
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Technical Information
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\unicows.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe DNG Converter\Adobe DNG 3.0 Converter Read Me.pdf
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe DNG Converter\Adobe DNG Converter.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\0x0409.ini
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Abcpy.ini
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Adobe Photoshop CS2.msi
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\bridge
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\commonfilesinstaller
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Data1.cab
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\help center
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsia.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\instmsiw.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Photoshop Read Me.wri
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\setup.exe
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\Setup.ini
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\stock photography
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\bridge\Adobe Bridge 1.0.msi
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\commonfilesinstaller\Adobe Common File Installer.msi
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\commonfilesinstaller\Data1.cab
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\help center\Adobe Help Center 1.0.msi
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\Adobe(R) Photoshop(R) CS2\stock photography\Adobe Stock Photos 1.0.msi
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesda_DK.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesde_DE.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesen_GB.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesen_US.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eulareses_ES.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesfi_FI.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesfr_FR.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesit_IT.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesja_JP.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesko_KR.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesnl_NL.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularesno_NO.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularespt_BR.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eularessv_SE.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eulareszh_CN.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\eulareszh_TW.dll
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LEGAL
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\main.ini
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\RESDATA
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\DA_DK
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\DE_DE
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\EN_GB
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\EN_US
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ES_ES
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\FI_FI
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\FR_FR
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\IT_IT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\JA_JP
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\KO_KR
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\NL_NL
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\NO_NO
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\PT_BR
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\SV_SE
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ZH_CN
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ZH_TW
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\DA_DK\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\DE_DE\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\EN_GB\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\EN_US\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ES_ES\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\FI_FI\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\FR_FR\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\IT_IT\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\JA_JP\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\KO_KR\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\NL_NL\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\NO_NO\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\PT_BR\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\SV_SE\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ZH_CN\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LANGDATA\ZH_TW\LANG.DAT
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LEGAL\Adobe Photoshop CS2
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LEGAL\Adobe Photoshop CS2\4.0.0
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LEGAL\Adobe Photoshop CS2\4.0.0\da_DK
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photoshop CS2\AutoPlay\LEGAL\Adobe Photoshop CS2\4.0.0\de_DE
C:\Users\sarah\Documents\ADOBE\Crack_photoshop_CS2\Photoshop_CS2_tryout\Photosho
0
Utilisateur anonyme > sarah01
 
Clic droit sur Toolbar-S&D, et sur exécuter en tant qu'administrateur . Tape sur 2 puis appuie sur la touche entrée.
Ne ferme pas la fenêtre lors de la suppression
Un rapport sera créé, poste son contenu ici.
0
sarah01 > Utilisateur anonyme
 
C'est ce que j'ai fait, mais la c bien pire, après un redémarrage systeme, impossible d'accéder au bureau en mode normal et avast en quelque sorte se retourne contre lui meme. Tout devient un virus, et meme lui meme se signale en virus. En mode normal plus aucune fonction ne marche (ctrl alt sup : le chemin n'est plus spécifié; redemarrer ne marche plus) bref la cata. Puis le faire en mode sans echec ?
et je crois qu'en fait c un joli win32 qui se déclare que maintenant...
0
Utilisateur anonyme > sarah01
 
Je crains que ce soit un rootkit qui a pris le contrôle du PC, et a camouflé l'installation des backdoor
je t'avais prévenu, faut pas télécharger de cracks, c'est un vrai danger
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
sarah01
 
Et que puis je faire maintenant ?
0
Utilisateur anonyme
 
j'espère que ton Avast s'est pas mis en quarantaine lui même

Désactive l'UAC: controle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr


Attention, avant de commencer, lit attentivement la procédure, et imprime la

Télécharge ComboFix de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et DESACTIVES TOUTES LES DEFENSES, antivirus et antispyware y compris /!\
---> Clic droit sur ComboFix.exe, et sur exécuter en tant qu'administrateur
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie...Clique sur oui pour accepter
SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt
0
sarah01 > Utilisateur anonyme
 
En mode sans échec impossible de désactiver l'UAC et j'ai essayé de redémarrer en mode normal, je n'accède même plus à la partir mot de passe... Je suis perdue...
0
sarah01 > Utilisateur anonyme
 
Bon bein je crois que c mort, en mode sans echec jai un mess qui dit que j'ai un spyware sur l'ordi et qu'il faut absolument coupé le pc, ce que j'ai fait.
Donc je vais appeler microsoft ce matin a la première heure mais je pense que je vais malheuresement formater...
Je posterai pour tenir informé
0
Utilisateur anonyme > sarah01
 
bonjour, avant de formater, il faut sauvegarder tous tes documents, désolée, j'ai fait ce que j'ai pu, je pense que tu n'as plus le choix, c'est la meilleure solution
0
sarah01 > Utilisateur anonyme
 
Merci pour ton aide (avec du retard, et oui je n'avais plus de pc).

J'ai du aller poser mon pc chez un pro, qui a réussi à recup toutes mes données et a irradiquer le mechant virus ! ct un win32.virut.cf
Un plutot mechant qui se propage rapidement (pour info, il bloque l'accès aux sites sécuritaires, genre coficker, et il infecte tous les .exe et fichiers systèmes, en gros, il tue l'ordinateur et vous ne pouvez plus rien utiliser jusqu'à ne plus pouvoir accéder au bureau). Donc j'ai viré avast selon le conseil de cet informaticien et suis passé a norton security.

Donc voilou, encore merci à toi de t'être penché sur mon souci.
0