Besoin daide pour désintaler total security [Résolu]

Salut

Fait ceci

~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~

- Telecharger Hijack
>http://www.infos-du-net.com/telecharger/HijackThis.html

Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"

- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier

- Poste moi le rapport entier

Bonjour,

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Bonne continuation Destrio5

Tchaô a vous deux

Je n'avais pas vu que tu avais posté.

HijackThis n'est pas assez complet.

Je n'avais pas vu que tu avais posté. 

Pas grave , sa c'est joué a 10 secondes

Je commence a fatiguer , donc a toi l'honneur

^^

bonjour Destrio5 et merci de ta rapidité ,
j'ai téléchargé RSIT comme tu me l'as conseillé mais il apparait seulement le Log est-ce normal?

Si tu l'as déjà lancé une fois, oui.

Tu trouveras le rapport info dans C:\rsit.

Très bien je te les donne :


>>>>>>>>>>>>>LOG<<<<<<<<<<<<
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-08-28 00:58:59
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 32 GB (22%) free of 146 GB
Total RAM: 382 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:59:05, on 28/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=13928&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.apple.com/fr/itunes/download/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] c:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] c:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [15820934] C:\Documents and Settings\All Users\Application Data\15820934\15820934.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Internet Connection Wizard Setup Tool] C:\Program Files\Internet Explorer\Connection Wizard\icwsetup.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: ikowin32.exe
O4 - Startup: Notification de cadeaux MSN.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: icwsetup.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{584EF6B8-7235-4758-B0EB-0064E512F6AF}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1D2AB50-1CEB-4AE7-B108-F6DED529D54C}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.58,85.255.112.116
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

Ah oui...

Commence par désinstaller un antivirus, il n'en faut qu'un seul.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Par "Commence par désinstaller un antivirus, il n'en faut qu'un seul. "
tu veux dire que j'en ai plusieurs ? étant donné que je ne suis pas le seul utilisateur de cet ordi cela ne m'entonnerai pas ...

Il y a Avast et Norton.

ComboFix 09-08-27.02 - HP_Propriétaire 28/08/2009 1:19.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.382.96 [GMT 2:00]
Running from: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 090827-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\data
c:\data\patch01_01.fs
c:\documents and settings\All Users\Application Data\15820934
c:\documents and settings\All Users\Application Data\15820934\15820934
c:\documents and settings\All Users\Application Data\15820934\15820934.exe
c:\documents and settings\All Users\Application Data\15820934\pc15820934ins
c:\documents and settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\documents and settings\All Users\Application Data\Solt Lake Software
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206002413546.log
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206104522500.log
c:\documents and settings\All Users\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081206110440140.log
c:\documents and settings\All Users\Application Data\Starware
c:\documents and settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\FindIt.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\FindItHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\findithotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\finditxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\games.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Highlight.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\highlighthotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\highlightxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\logo.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\logoxp.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Reference.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\referencehotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\referencexp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\screensaver.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\Weather.bmp
c:\documents and settings\All Users\Application Data\Starware\buttons\weatherhotxp.png
c:\documents and settings\All Users\Application Data\Starware\buttons\weatherxp.png
c:\documents and settings\All Users\Application Data\Starware\contexts\error.xml
c:\documents and settings\All Users\Application Data\Starware\contexts\related.xml
c:\documents and settings\All Users\Application Data\Starware\contexts\travel.xml
c:\documents and settings\All Users\Application Data\ZangoSA
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\Fichiers communs\WinAntiVirus Pro 2006
c:\program files\HbTools
c:\program files\HbTools\Bin\4.7.2.1\dBenderC.dll
c:\program files\HbTools\Bin\HbtUninst.exe
c:\program files\HbTools\HbTools.log
c:\program files\HbTools\HbTools_1136393056.log
c:\program files\HbTools\HbTools_1137566291.log
c:\program files\HbTools\HbTools_1138386967.log
c:\program files\HbTools\HbTools_1139211698.log
c:\program files\HbTools\HbTools_1139920975.log
c:\program files\HbTools\HbTools_1140685244.log
c:\program files\HbTools\HbTools_1141403599.log
c:\program files\HbTools\HbTools_1142185282.log
c:\program files\HbTools\HbTools_1143238130.log
c:\program files\HbTools\HbTools_1144774595.log
c:\program files\HbTools\HbTools_1145722514.log
c:\program files\instant access
c:\program files\instant access\Center\Fun-Games.lnk
c:\program files\instant access\Center\GAMES-DESKTOP.COM.upd
c:\program files\instant access\Center\GAMES-DESKTOP.upd
c:\program files\instant access\Center\SERIALPLAYERS.upd
c:\program files\instant access\Center\tray1.ico
c:\program files\instant access\DesktopIcons\Fun-Games.lnk
c:\program files\instant access\Dialer\113208559\es6-scripts.dlv4.com\Common\8886f7dca31f8f6eb1e9024a1e93ee36.html
c:\program files\instant access\Dialer\113208559\fp.gad-network.com\67d61db41f263527329270cf614a7a7b.html
c:\program files\instant access\Dialer\113208559\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\393005738\es6-scripts.dlv4.com\Common\a611f07e578804c79b3af325a252ca5b.html
c:\program files\instant access\Dialer\393005738\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\393005738\www.epass-key.com\9836705ee32a016de45b422a695c8720.html
c:\program files\instant access\Dialer\570370277\es6-scripts.dlv4.com\Common\b2f2c2bea4e6709a2e874e5c118e86f9.html
c:\program files\instant access\Dialer\570370277\GAMES-DESKTOP.lnk
c:\program files\instant access\Dialer\570370277\www.epass-key.com\4234b7c14a253961f7b6cf13e0201a49.html
c:\program files\instant access\Dialer\614962178\es6-scripts.dlv4.com\Common\4cc4d04cb7a3522aab3bfb79da8cbd7b.html
c:\program files\instant access\Dialer\614962178\fp.gad-network.com\d8303b55449276941453f794f02b7f55.html
c:\program files\instant access\Dialer\614962178\SERIALPLAYERS.lnk
c:\program files\instant access\Dialer\689325458\es6-scripts.dlv4.com\Common\2fd1c5875aa15ffb344a4ece29fe1244.html
c:\program files\instant access\Dialer\689325458\fp.gad-network.com\6c340d333594e3b87e5d19ba66d8b970.html
c:\program files\instant access\Dialer\689325458\GAMES-DESKTOP.lnk
c:\program files\instant access\Dialer\994874928\es6-scripts.dlv4.com\Common\51a8859237d759ebdedd5e3d06ae0c8a.html
c:\program files\instant access\Dialer\994874928\fp.gad-network.com\b52478c9c0928f7c305ce89677ec0a6a.html
c:\program files\instant access\Dialer\994874928\GAMES-DESKTOP.COM.lnk
c:\program files\instant access\Multi\20061004181048\Common\module.php
c:\program files\instant access\Multi\20061004181048\dialerexe.ini
c:\program files\instant access\Multi\20061004181048\js\js_api_dialer.php
c:\program files\instant access\Multi\20061004181048\medias\button1.gif
c:\program files\instant access\Multi\20061004181048\medias\button2.gif
c:\program files\instant access\Multi\20061004181048\medias\button3.gif
c:\program files\instant access\Multi\20061004181048\medias\button4.gif
c:\program files\instant access\Multi\20061004181048\medias\dialer.ico
c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
c:\program files\montorgueil
c:\program files\montorgueil\14.04948
c:\program files\montorgueil\ParisMec\ParisMec.ico
c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\program files\PCHealthCenter
c:\program files\PCHealthCenter\0.gif
c:\program files\PCHealthCenter\1.gif
c:\program files\PCHealthCenter\1.ico
c:\program files\PCHealthCenter\2.gif
c:\program files\PCHealthCenter\2.ico
c:\program files\PCHealthCenter\3.gif
c:\program files\PCHealthCenter\foo.txt
c:\program files\PCHealthCenter\sc.html
c:\program files\screensavers.com
c:\program files\screensavers.com\Installer\bin\iebyterange.xml
c:\program files\screensavers.com\Installer\bin\iebyterange.xml.backup
c:\program files\screensavers.com\Installer\bin\siuninst.exe
c:\program files\ShoppingReport
c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
c:\program files\ShoppingReport\Uninst.exe
c:\program files\TS-2009
c:\program files\TS-2009\totalsecure.s2
c:\program files\TS-2009\totalsecure.s3
c:\program files\TS-2009\totalsecure.s6
c:\program files\TS-2009\uninstall.exe
c:\program files\videosoft
c:\program files\videosoft\Uninstall.exe
c:\program files\winantivirus pro 2006
c:\program files\WinAntiVirus Pro 2006\history.db
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\program files\zango
c:\program files\zango\bin\10.3.75.0\arrow.ico
c:\program files\zango\bin\10.3.75.0\CntntCntr.dll
c:\program files\zango\bin\10.3.75.0\copyright.txt
c:\program files\zango\bin\10.3.75.0\CoreSrv.dll
c:\program files\zango\bin\10.3.75.0\firefox\extensions\chrome.manifest
c:\program files\zango\bin\10.3.75.0\firefox\extensions\components\npclntax.xpt
c:\program files\zango\bin\10.3.75.0\firefox\extensions\install.rdf
c:\program files\zango\bin\10.3.75.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
c:\program files\zango\bin\10.3.75.0\HostIE.dll
c:\program files\zango\bin\10.3.75.0\HostOE.dll
c:\program files\zango\bin\10.3.75.0\HostOL.dll
c:\program files\zango\bin\10.3.75.0\link.ico
c:\program files\zango\bin\10.3.75.0\OEAddOn.exe
c:\program files\zango\bin\10.3.75.0\Srv.exe
c:\program files\zango\bin\10.3.75.0\Toolbar.dll
c:\program files\zango\bin\10.3.75.0\Wallpaper.dll
c:\program files\zango\bin\10.3.75.0\Weather.exe
c:\program files\zango\bin\10.3.75.0\WeSkin.dll
c:\program files\zango\bin\10.3.75.0\ZangoSA.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAAX.dll
c:\program files\zango\bin\10.3.75.0\ZangoSADF.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAHook.dll
c:\program files\zango\bin\10.3.75.0\ZangoUninstaller.exe
c:\recycler\S-1-5-21-1242983221-992244275-1784959909-501
c:\recycler\S-1-5-21-308827527-3909201078-4104962599-1008
c:\recycler\S-1-5-21-3137409478-3730925868-1976940642-1008
c:\recycler\S-1-5-21-3245804521-2740501762-3650072237-1008
c:\recycler\S-1-5-21-3616617761-875328341-2521263613-1008
c:\recycler\S-1-5-21-3833088236-622994-2235584449-1008
c:\recycler\S-1-5-21-3970352356-535226454-1514621777-1008
C:\resycled
c:\windows\1009viz5565.dll
c:\windows\10131n5t-a-virusz6f9.dll
c:\windows\10592worm5zc.exe
c:\windows\10c9addwa5e1829z.dll
c:\windows\11206vi5u92c9z.ocx
c:\windows\11458z9y459.bin
c:\windows\11502zp9mbot5385.dll
c:\windows\1150s5eaz599.exe
c:\windows\11f4downzoad9r5825.bin
c:\windows\12779not5a-vizus551.dll
c:\windows\127955ozm749.exe
c:\windows\12z59not-a-v5rus1dc.dll
c:\windows\13057hackz5ol6b9.bin
c:\windows\13485szy3d99.exe
c:\windows\1349spyzare525.ocx
c:\windows\13785spambo9z9e5.bin
c:\windows\13b3szeal1592.bin
c:\windows\143069zy5c5.exe
c:\windows\14597hackt9ol3z5.bin
c:\windows\1460azdwar527129.bin
c:\windows\1513troj759z.cpl
c:\windows\155159a5ktooz692.cpl
c:\windows\15536hac5zool599.bin
c:\windows\155889irus14fz.cpl
c:\windows\1561z9arse664.bin
c:\windows\15754vi9us1ze.dll
c:\windows\15a3zparse9563.exe
c:\windows\15bzthief3984.exe
c:\windows\15z41tr9j3e.bin
c:\windows\15z8vir2911.dll
c:\windows\15zst5al26719.exe
c:\windows\1643vi522z99.dll
c:\windows\1658spy799z.bin
c:\windows\16699ha5kz9ol421.dll
c:\windows\169dba5kdoor301z.ocx
c:\windows\17aathreat9955z.ocx
c:\windows\1822not-a-vi5usz09.exe
c:\windows\1845hreat1z299.exe
c:\windows\186359ot-a-zirus1cd.dll
c:\windows\189esparsez517.exe
c:\windows\18z145roj36d9.ocx
c:\windows\18zcbac9d5or1388.ocx
c:\windows\19052troj3z.cpl
c:\windows\19209hacktzoldc5.ocx
c:\windows\19274virusz95.ocx
c:\windows\192bvzr815.cpl
c:\windows\19556virus56z.exe
c:\windows\196bs9zal1885.ocx
c:\windows\19740t5oz82.cpl
c:\windows\19895zr2693.ocx
c:\windows\1d9thie9589z.ocx
c:\windows\1z007hackto59600.ocx
c:\windows\1z595virus993.ocx
c:\windows\1zabspyw9r53124.bin
c:\windows\200565rojdz9.cpl
c:\windows\2050trzj926.bin
c:\windows\2065znot-9-virus525.exe
c:\windows\20983not-a-zi5us9a2.bin
c:\windows\20z08spam5ot910.bin
c:\windows\20z86tr5j916.cpl
c:\windows\20z98hacktool59d.bin
c:\windows\21527h5cktoo95zd.ocx
c:\windows\21557szy539.ocx
c:\windows\2249zs5y79c.cpl
c:\windows\22558sp9mbotzfb.bin
c:\windows\22585zpambotc9.exe
c:\windows\2292h5c9tzol4c1.exe
c:\windows\22z34troj5b9.bin
c:\windows\23237h9c5tool106z.exe
c:\windows\23312v9rus25z.cpl
c:\windows\235905pamboz25a.cpl
c:\windows\23654sz9mbot12e.ocx
c:\windows\23698not-a-zi5us6fd.exe
c:\windows\2395zpy2fd.cpl
c:\windows\23997not-a95iruz5f4.exe
c:\windows\23z13spam9ot595.exe
c:\windows\24754sp9mboz79.cpl
c:\windows\24900spambot265z.ocx
c:\windows\24925tzal355.ocx
c:\windows\24z58t9oj115.dll
c:\windows\24z745roj259.ocx
c:\windows\25129s9a5bot4a5z.dll
c:\windows\25295szy365.cpl
c:\windows\25539hack9ooz1c0.cpl
c:\windows\25583hackzool5f9.dll
c:\windows\2572t9reatz3406.cpl
c:\windows\25cddownlzade92353.exe
c:\windows\25dzs5yware5869.dll
c:\windows\25e0threat19z569.ocx
c:\windows\263cstealz952.bin
c:\windows\26506h9zktool754.bin
c:\windows\2666zw95m72c.cpl
c:\windows\26z989a5ktool461.ocx
c:\windows\27152noz-a-5irus9bc.cpl
c:\windows\27725spa9bot574z.cpl
c:\windows\27989viru558z.ocx
c:\windows\27z589ot-5-virus47d.dll
c:\windows\28482zi5u95f8.exe
c:\windows\2859virzs585.cpl
c:\windows\28947tr5jz39.exe
c:\windows\29438spambzt47c5.exe
c:\windows\2945t5oj60fz.exe
c:\windows\29595worz5e8.exe
c:\windows\296z3tr9j2895.ocx
c:\windows\29z5t9re5t19442.bin
c:\windows\29zfv9r1595.bin
c:\windows\2b3baczdo9r2519.dll
c:\windows\2b4azh9eat5023.dll
c:\windows\2b5zsteal297.ocx
c:\windows\2d9b5hief9294z.bin
c:\windows\2e50spyware935z.cpl
c:\windows\2z025troj591.dll
c:\windows\2z99spy529.exe
c:\windows\2z9fdo5nloader958.dll
c:\windows\2zc1a5dware569.ocx
c:\windows\30092h5ckzool5b9.dll
c:\windows\300fst9al1957z.cpl
c:\windows\3081w5rmzba9.ocx
c:\windows\30971spzmbo51e6.exe
c:\windows\31239hzeat283945.cpl
c:\windows\31289zirus750.exe
c:\windows\315569py3z.cpl
c:\windows\31676zr9j28c5.dll
c:\windows\32026notza-vi59s7a1.cpl
c:\windows\32551vz9us15d.exe
c:\windows\327z3tr9j555.bin
c:\windows\3459pz652.cpl
c:\windows\3503addza9e2301.bin
c:\windows\350thiez909.cpl
c:\windows\35259not-a-virus2d9z.cpl
c:\windows\354b9par5z2265.bin
c:\windows\354dspywa9e29z5.exe
c:\windows\3570hazkto9l20c.exe
c:\windows\3595s5yz92.ocx
c:\windows\3595zpambot91c.exe
c:\windows\359zworm7d.cpl
c:\windows\35e9thiefz6.cpl
c:\windows\35zathreat26196.dll
c:\windows\3618not-azv9rus525.cpl
c:\windows\37945p9626z.cpl
c:\windows\37dzth5e9139.dll
c:\windows\3832zp5mb9t3d9.ocx
c:\windows\39323hack5oolzc9.bin
c:\windows\3953zhie9938.ocx
c:\windows\39751virus2ze5.bin
c:\windows\3aebthrzat15159.dll
c:\windows\3azb59dware1758.cpl
c:\windows\3b30az5ware8819.exe
c:\windows\3b71t9re5z9077.cpl
c:\windows\3bz9stea52164.bin
c:\windows\3c55s9ywzre3128.dll
c:\windows\3e4abackzoor9115.exe
c:\windows\3ee3downlo9der1z95.dll
c:\windows\3z64spyware9593.exe
c:\windows\3zc79te5l3254.ocx
c:\windows\4009vizu529c.bin
c:\windows\40z9add5are3101.bin
c:\windows\419zd5wnloader1688.ocx
c:\windows\424c9hrzat51040.cpl
c:\windows\4259z9y46e.ocx
c:\windows\4335thizf947.cpl
c:\windows\438st5az2393.cpl
c:\windows\449backdooz1555.exe
c:\windows\44ba9kdoor2587z.bin
c:\windows\450as9arsez531.dll
c:\windows\4513spzware25935.bin
c:\windows\452f9irz433.dll
c:\windows\45a9virz956.cpl
c:\windows\45e4spywaze2969.exe
c:\windows\45e9tzief19925.ocx
c:\windows\4658threat189z2.ocx
c:\windows\4669nzt-a-viru9656.dll
c:\windows\48z7ba9kdo5r2099.exe
c:\windows\4909addwaze2569.cpl
c:\windows\4941zir1535.ocx
c:\windows\49465acktool629z.bin
c:\windows\4975backdozr2829.cpl
c:\windows\4a0aback5o9rz580.ocx
c:\windows\4b53thze9t22740.cpl
c:\windows\4b98baz5door1489.cpl
c:\windows\4c43threat1z1895.dll
c:\windows\4czdv5r9233.dll
c:\windows\4d295hief204z9.dll
c:\windows\4d88d9wnlzader27225.cpl
c:\windows\4e9ez5y9are387.exe
c:\windows\4eb2zpywar53059.exe
c:\windows\5000ha5kz9ol4fa.dll
c:\windows\5006th59at7944z.cpl
c:\windows\50964zroj649.cpl
c:\windows\5097no9za-virus6d.bin
c:\windows\50a6spy9aze3157.dll
c:\windows\50z4stea95186.ocx
c:\windows\50z7spar5e31179.cpl
c:\windows\518zspambo9e25.ocx
c:\windows\5229downloadzr9530.bin
c:\windows\5285spyware9z60.exe
c:\windows\52e7thzeat504469.dll
c:\windows\530z9r91.bin
c:\windows\53457v9rzs3de.cpl
c:\windows\536bsp9ware12z9.cpl
c:\windows\536sz9mb5t40f.cpl
c:\windows\5499viru92z3.dll
c:\windows\54aes9ars514z6.dll
c:\windows\5508hackzo5l6f9.bin
c:\windows\5536threa92z527.ocx
c:\windows\5559spa9sez.dll
c:\windows\55e0spzw9re2507.exe
c:\windows\565zspambo9359.dll
c:\windows\5695s9yze25.exe
c:\windows\5765wor9z29.dll
c:\windows\57espy9aze2492.cpl
c:\windows\585espyware301z9.bin
c:\windows\59029troz5a2.dll
c:\windows\59145aczdoor1366.bin
c:\windows\5955troj9fez.exe
c:\windows\59995hacktooz7e8.cpl
c:\windows\59e5azdw5re602.bin
c:\windows\5a58steal92z.cpl
c:\windows\5ad1steal1z39.dll
c:\windows\5bf9thizf2616.cpl
c:\windows\5cecvir2z499.exe
c:\windows\5cedbackdo9r235z5.dll
c:\windows\5cfdzhief379.bin
c:\windows\5d595hreat815z.bin
c:\windows\5e64v59553z.ocx
c:\windows\5fc9backzoor2303.exe
c:\windows\5z18ad9ware2704.cpl
c:\windows\5z1asteal1903.dll
c:\windows\5z49ir1088.dll
c:\windows\5z82t9ief2912.cpl
c:\windows\5z84addware9933.exe
c:\windows\5z93addware2555.ocx
c:\windows\5z9cvir985.cpl
c:\windows\61059aczdoor1146.ocx
c:\windows\6245tzrea926588.ocx
c:\windows\64e0d5wzloader9032.bin
c:\windows\6521ste9l2z63.exe
c:\windows\652f9iz1175.ocx
c:\windows\655eaddwarz9204.ocx
c:\windows\655zspyware3949.cpl
c:\windows\6595spz75.bin
c:\windows\659a5ddwarez989.ocx
c:\windows\65a0sp9rze595.bin
c:\windows\65z7spyw9re1255.dll
c:\windows\66699acktz5l766.cpl
c:\windows\66b2baczd5or1496.exe
c:\windows\6748spyw5z91025.ocx
c:\windows\6788zh5ef1669.dll
c:\windows\680dba95door2z79.cpl
c:\windows\6901thre5t29691z.cpl
c:\windows\6901vi575z.bin
c:\windows\6958wozm1e95.ocx
c:\windows\6abdth9efz255.cpl
c:\windows\6ad4thie5z996.dll
c:\windows\6b49t5zef2030.bin
c:\windows\6c1z59r2654.cpl
c:\windows\6cvirz529.dll
c:\windows\6e00downzoad5r1019.ocx
c:\windows\6e2edow5l9ader1z59.dll
c:\windows\6e2fdoznloade92256.dll
c:\windows\6f195te9l394z.ocx
c:\windows\6zcfad5ware9379.cpl
c:\windows\70459zoj7b5.exe
c:\windows\720th5zf9001.ocx
c:\windows\72azaddware30509.exe
c:\windows\7357s5ywaze1911.bin
c:\windows\7437w5rz75b9.ocx
c:\windows\74b8backdoo9322z5.ocx
c:\windows\7563stz9l349.dll
c:\windows\75bb9teaz1505.cpl
c:\windows\762dsp9w5ze969.dll
c:\windows\7856wor9279z.ocx
c:\windows\7865baczdoor1998.ocx
c:\windows\78c3s9yware1056z.cpl
c:\windows\7932s5y4z9.exe
c:\windows\795bsparsez2715.bin
c:\windows\79easpywaz93085.exe
c:\windows\79ffthief5877z.exe
c:\windows\7b79zownloader20495.bin
c:\windows\7b9fthief1z95.cpl
c:\windows\7e5eadzwa5e7519.ocx
c:\windows\7f91s5ezl2267.exe
c:\windows\7z15s9eal1357.cpl
c:\windows\7za59ir35.exe
c:\windows\81es9ywar5z474.bin
c:\windows\824v5rz299.exe
c:\windows\8319zpy5005.bin
c:\windows\8999spy65z.ocx
c:\windows\9009vir5z312.cpl
c:\windows\9035zirus6f9.cpl
c:\windows\90786hack5ooz4aa.dll
c:\windows\9115vi59z61b.cpl
c:\windows\922dbazkd5or1166.dll
c:\windows\925dspyware1z54.dll
c:\windows\9273vi5us28z.ocx
c:\windows\9283thi5f6z8.cpl
c:\windows\93193worz7645.cpl
c:\windows\940695roj1d7z.dll
c:\windows\9445downloader25z3.bin
c:\windows\9495zpyware3012.dll
c:\windows\94z89s5ambot6ab.cpl
c:\windows\9513viru974z.ocx
c:\windows\953aa5dwzre2.dll
c:\windows\9552zteal3201.cpl
c:\windows\9554zorm9d6.cpl
c:\windows\9580sparse4z1.bin
c:\windows\95avi9248z.dll
c:\windows\962vizus295.bin
c:\windows\9651thre5z9659.exe
c:\windows\968t5rea9z0150.exe
c:\windows\9715vir1z33.exe
c:\windows\987zwor53d9.ocx
c:\windows\9885zspam5ot653.cpl
c:\windows\99246spz658.dll
c:\windows\99703no5-a-virzs689.dll
c:\windows\9c25bazkd5or91.dll
c:\windows\9dacv5r92z.dll
c:\windows\9faspyware9z58.exe
c:\windows\9z02worm1059.bin
c:\windows\9z0n9t-a-virus2895.cpl
c:\windows\9z523worm30e.exe
c:\windows\9z54v9ru5768.cpl
c:\windows\9z590troj587.bin
c:\windows\9z908viru54a2.exe
c:\windows\a5fsparse279z.ocx
c:\windows\a79a9zw5re1043.dll
c:\windows\b53viz990.dll
c:\windows\bad59z1797.cpl
c:\windows\bkqxdons.dll
c:\windows\c92thie95193z.bin
c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by OPTIMA SYSTEMS
c:\windows\DUNGEON SIEGE 2 (VOIX+TEXTES) FR by OPTIMA SYSTEMS \uninstall.exe
c:\windows\DUNGEON SIEGE 2 AUTOCRACK by OPTIMA SYSTEMS
c:\windows\DUNGEON SIEGE 2 AUTOCRACK by OPTIMA SYSTEMS \uninstall.exe
c:\windows\e5evi959z.exe
c:\windows\exgq.exe
c:\windows\ez5sp9rse2505.dll
c:\windows\Installer\102255b.msp
c:\windows\Installer\10def5c.msi
c:\windows\Installer\11dbcc.msi
c:\windows\Installer\11dbd2.msi
c:\windows\Installer\11ddbf.msi
c:\windows\Installer\1275a34.msp
c:\windows\Installer\157b1bf.msi
c:\windows\Installer\157b1c8.msi
c:\windows\Installer\173ce3a.msi
c:\windows\Installer\173cee7.msi
c:\windows\Installer\173cee8.msp
c:\windows\Installer\173cee9.msp
c:\windows\Installer\173ceea.msp
c:\windows\Installer\173ceeb.msp
c:\windows\Installer\173ceec.msp
c:\windows\Installer\173ceed.msp
c:\windows\Installer\173ceee.msp
c:\windows\Installer\173ceef.msp
c:\windows\Installer\173cef0.msp
c:\windows\Installer\178dad9.msi
c:\windows\Installer\178dada.msp
c:\windows\Installer\178dadb.msp
c:\windows\Installer\178dadc.msp
c:\windows\Installer\178dadd.msp
c:\windows\Installer\178dade.msp
c:\windows\Installer\178dadf.msp
c:\windows\Installer\178dae0.msp
c:\windows\Installer\178dae1.msp
c:\windows\Installer\178dae2.msp
c:\windows\Installer\178dae3.msp
c:\windows\Installer\179181a.msp
c:\windows\Installer\1791824.msp
c:\windows\Installer\17a5385.msi
c:\windows\Installer\17b52cb.msi
c:\windows\Installer\17b52cc.msp
c:\windows\Installer\17b52cd.msp
c:\windows\Installer\17b52ce.msp
c:\windows\Installer\17b52cf.msp
c:\windows\Installer\17b52d0.msp
c:\windows\Installer\17b52e0.msi
c:\windows\Installer\17b52e1.msp
c:\windows\Installer\17b52e2.msp
c:\windows\Installer\17b52e3.msp
c:\windows\Installer\17b52e4.msp
c:\windows\Installer\17b52e5.msp
c:\windows\Installer\17b52e6.msp
c:\windows\Installer\17b52e7.msp
c:\windows\Installer\17b52ee.msi
c:\windows\Installer\17c2826.msi
c:\windows\Installer\17c2831.msi
c:\windows\Installer\17c283c.msi
c:\windows\Installer\17c289a.msi
c:\windows\Installer\17c28a7.msi
c:\windows\Installer\17c28ad.msi
c:\windows\Installer\17c28b3.msi
c:\windows\Installer\17c28b9.msi
c:\windows\Installer\17c28c0.msi
c:\windows\Installer\17c28ca.msi
c:\windows\Installer\17c28d0.msi
c:\windows\Installer\19161ed.msi
c:\windows\Installer\19363aa.msi
c:\windows\Installer\193d577.msi
c:\windows\Installer\1a5143.msi
c:\windows\Installer\1a5149.msi
c:\windows\Installer\1a9e386.msi
c:\windows\Installer\1ad1578.msi
c:\windows\Installer\1cc0346.msp
c:\windows\Installer\25227af.msi
c:\windows\Installer\258eb.msp
c:\windows\Installer\26d964b.msi
c:\windows\Installer\2702121.msp
c:\windows\Installer\2d0f500.msi
c:\windows\Installer\2d0f501.msp
c:\windows\Installer\2d0f502.msp
c:\windows\Installer\2d0f503.msp
c:\windows\Installer\2d0f504.msp
c:\windows\Installer\2d0f505.msp
c:\windows\Installer\2d0f506.msp
c:\windows\Installer\2d0f507.msp
c:\windows\Installer\2d0f508.msp
c:\windows\Installer\2d0f509.msp
c:\windows\Installer\2d17f46.msi
c:\windows\Installer\2d17f5f.msp
c:\windows\Installer\2daea7.msi
c:\windows\Installer\2ecea51.msi
c:\windows\Installer\324fd9.msi
c:\windows\Installer\356f0.msi
c:\windows\Installer\356f6.msi
c:\windows\Installer\356fc.msi
c:\windows\Installer\3d5d0b.msi
c:\windows\Installer\3ed080.msi
c:\windows\Installer\43a5f4.msi
c:\windows\Installer\43a5f8.msi
c:\windows\Installer\45c6a.msi
c:\windows\Installer\45c82.msp
c:\windows\Installer\4bb1bc.msi
c:\windows\Installer\4bb1c8.msi
c:\windows\Installer\54ef3c.msi
c:\windows\Installer\553d8.msi
c:\windows\Installer\6ab77a.msi
c:\windows\Installer\6c614.msi
c:\windows\Installer\711a50.msp
c:\windows\Installer\711a5a.msp
c:\windows\Installer\711a64.msp
c:\windows\Installer\75865.msi
c:\windows\Installer\7587e.msp
c:\windows\Installer\7589ac.msi
c:\windows\Installer\770f2.msi
c:\windows\Installer\7acb4.msi
c:\windows\Installer\7acb5.msp
c:\windows\Installer\7acb6.msp
c:\windows\Installer\7acb7.msp
c:\windows\Installer\7acb8.msp
c:\windows\Installer\7acb9.msp
c:\windows\Installer\7acba.msp
c:\windows\Installer\7acbb.msp
c:\windows\Installer\7acbc.msp
c:\windows\Installer\7acbd.msp
c:\windows\Installer\82607.msp
c:\windows\Installer\8f09a0.msi
c:\windows\Installer\8f09de.msi
c:\windows\Installer\97b77f.msi
c:\windows\Installer\98ebd.msi
c:\windows\Installer\98ec9.msi
c:\windows\Installer\9a4bb3.msi
c:\windows\Installer\9aa59d.msi
c:\windows\Installer\a18821.msi
c:\windows\Installer\a18ac9.msi
c:\windows\Installer\a18b03.msi
c:\windows\Installer\a18b12.msi
c:\windows\Installer\a491a.msp
c:\windows\Installer\a87409.msi
c:\windows\Installer\b8d2b.msp
c:\windows\Installer\b8d2c.msp
c:\windows\Installer\c3d22.msi
c:\windows\Installer\e3751d.msi
c:\windows\Installer\e37524.msi
c:\windows\Installer\e37541.msp
c:\windows\Installer\f1ff2.msi
c:\windows\Installer\f71ce.msi
c:\windows\k.txt
c:\windows\pack.epk
c:\windows\system32\1017noz-a-vi5u9f0.dll
c:\windows\system32\103975ir9sz72.exe
c:\windows\system32\105z1hack9oo5172.exe
c:\windows\system32\10636w59m73z.dll
c:\windows\system32\10d7s9arsz3625.dll
c:\windows\system32\10f19ac5zoor595.ocx
c:\windows\system32\11195pywarez99.cpl
c:\windows\system32\11397spa9boz1555.cpl
c:\windows\system32\119dspar5z1532.ocx
c:\windows\system32\1230szars92548.ocx
c:\windows\system32\124z9py54d.exe
c:\windows\system32\1295ad5zare2979.dll
c:\windows\system32\13199z59us3bd.dll
c:\windows\system32\13556nz5-a-virus492.bin
c:\windows\system32\13727s5ambo947z.exe
c:\windows\system32\13732not-a-5zr9s3b1.exe
c:\windows\system32\1392sparze1553.exe
c:\windows\system32\146e5zeal292.dll
c:\windows\system32\15008zorm493.ocx
c:\windows\system32\150fzhi9f1558.bin
c:\windows\system32\1519vzrus69b5.dll
c:\windows\system32\1531s9y179z.cpl
c:\windows\system32\153zb5ckdoor9666.ocx
c:\windows\system32\15499zot-a-vir5s373.exe
c:\windows\system32\15592z9555e.cpl
c:\windows\system32\15599worm57z.cpl
c:\windows\system32\15730woz959.dll
c:\windows\system32\1589virus9z.ocx
c:\windows\system32\15945hazkt9ol738.bin
c:\windows\system32\15945trojzaf.ocx
c:\windows\system32\15992trozfe.dll
c:\windows\system32\15999spz205.dll
c:\windows\system32\15a8th9ez2675.exe
c:\windows\system32\15z22hacktool91d.ocx
c:\windows\system32\16014trzj3995.ocx
c:\windows\system32\16557zorm956.exe
c:\windows\system32\16615py49z.dll
c:\windows\system32\16z47not-a5viru9298.exe
c:\windows\system32\174z0spambot7459.ocx
c:\windows\system32\17593wo5z2cd.exe
c:\windows\system32\1819hackt95lz1b.exe
c:\windows\system32\18758hackt9oz593.exe
c:\windows\system32\193bsteaz5834.ocx
c:\windows\system32\1943backzoor5621.dll
c:\windows\system32\19515spy3z8.ocx
c:\windows\system32\19516trz919c.exe
c:\windows\system32\195939zy40f.ocx
c:\windows\system32\19599hzcktoo5145.ocx
c:\windows\system32\19719trzj7195.dll
c:\windows\system32\197459pamboz3925.bin
c:\windows\system32\1978thr5at21z0.exe
c:\windows\system32\19944vizus554.bin
c:\windows\system32\19955no9-a-virzs30b.cpl
c:\windows\system32\19d0zhief5023.cpl
c:\windows\system32\1azath59at41.cpl
c:\windows\system32\1deczhief3569.ocx
c:\windows\system32\1e97backdzor591.exe
c:\windows\system32\1z439tr9j1f5.dll
c:\windows\system32\1z5989orm5de.ocx
c:\windows\system32\1z808w9rm6f45.cpl
c:\windows\system32\1z999virus15.cpl
c:\windows\system32\1zebth9eat13657.bin
c:\windows\system32\20418hackto9l55z.ocx
c:\windows\system32\2065troj789z.bin
c:\windows\system32\20z559roj5e4.dll
c:\windows\system32\21140vz9us5a.cpl
c:\windows\system32\21509wormzf1.ocx
c:\windows\system32\21635zacktoo994.ocx
c:\windows\system32\2183not-a95irzs7b0.exe
c:\windows\system32\21zet5ief1059.ocx
c:\windows\system32\220305izus2b9.bin
c:\windows\system32\22145tea9756z.ocx
c:\windows\system32\2269backdo5rz9669.exe
c:\windows\system32\232z1s9y4a5.dll
c:\windows\system32\23522spzm9ot5af5.bin
c:\windows\system32\235zvir19339.bin
c:\windows\system32\236aste9l18z5.ocx
c:\windows\system32\23fc9hreaz15430.cpl
c:\windows\system32\23z57spamb9t2e9.bin
c:\windows\system32\24752not-a-zi95s31d.dll
c:\windows\system32\24z16ha9ktoolf5.exe
c:\windows\system32\254z1s9y1a.ocx
c:\windows\system32\254z4not9a-virus39e.cpl
c:\windows\system32\25564z95-a-virusce.cpl
c:\windows\system32\2579zworm45.cpl
c:\windows\system32\2589s5zware9105.bin
c:\windows\system32\25971viruz4c0.bin
c:\windows\system32\25989troj37z.dll
c:\windows\system32\259fa9dzare1572.cpl
c:\windows\system32\25czdo9nloade5330.bin
c:\windows\system32\25tro95z.cpl
c:\windows\system32\26059szambot9d3.ocx
c:\windows\system32\26376spamz9t56b.cpl
c:\windows\system32\26422virzs955.bin
c:\windows\system32\2651zha9ktool4b8.exe
c:\windows\system32\26751s95zbot423.bin
c:\windows\system32\26z69v9rus485.exe
c:\windows\system32\270659irzs718.exe
c:\windows\system32\2725addware1z69.exe
c:\windows\system32\27451not9azvirus2f7.ocx
c:\windows\system32\27508szambotf9.cpl
c:\windows\system32\2755w9rm4z.ocx
c:\windows\system32\27889ot5a-viruz367.dll
c:\windows\system32\28139hacktool58bz.bin
c:\windows\system32\28770h9cztool735.exe
c:\windows\system32\287aadd95rz2859.dll
c:\windows\system32\2928zh5cktool1b5.bin
c:\windows\system32\2931t5iefz702.exe
c:\windows\system32\293345roz5e8.ocx
c:\windows\system32\295sparsz1928.dll
c:\windows\system32\29926no9-a-zirus95.exe
c:\windows\system32\29z19not-a-v9rus345.bin
c:\windows\system32\2d93zi53264.bin
c:\windows\system32\2e96a9dware253z.bin
c:\windows\system32\2f5aszeal1099.ocx
c:\windows\system32\2z40t5ie92359.bin
c:\windows\system32\2z93a9dware7435.bin
c:\windows\system32\2z995hacktool69c.ocx
c:\windows\system32\2z9bthief9165.exe
c:\windows\system32\3019vzr5557.dll
c:\windows\system32\30335tro95zb.dll
c:\windows\system32\30557ha9kt5oz4de.exe
c:\windows\system32\3085bazk5o9r2689.dll
c:\windows\system32\30972z5cktool594.exe
c:\windows\system32\30z23w5r9e2.exe
c:\windows\system32\31245h9cktoolz.ocx
c:\windows\system32\3124s9y5are16z7.ocx
c:\windows\system32\312c5par9z3202.bin
c:\windows\system32\3152ztr9j41.bin
c:\windows\system32\31570worm73z9.dll
c:\windows\system32\31945noz-a-virus445.exe
c:\windows\system32\31afthi953028z.dll
c:\windows\system32\31d9doznloader9035.dll
c:\windows\system32\3209thze5462.bin
c:\windows\system32\320caz9ware1562.dll
c:\windows\system32\32125spazb9t5d4.dll
c:\windows\system32\3277add5zr93014.dll
c:\windows\system32\3349spyz59.dll
c:\windows\system32\3395vzrus559.ocx
c:\windows\system32\3540zhackto9l264.cpl
c:\windows\system32\35ca9ir2z65.cpl
c:\windows\system32\3639threat159z8.ocx
c:\windows\system32\365sz59l2961.exe
c:\windows\system32\37429pambot25cz.dll
c:\windows\system32\375bazkd5or679.cpl
c:\windows\system32\39382tr5z83.exe
c:\windows\system32\396159y436z.dll
c:\windows\system32\3980not-9-vi5us1az.bin
c:\windows\system32\3c9espar5e3z70.bin
c:\windows\system32\3de4dowzloa5er7589.dll
c:\windows\system32\3f6zt9r5at4881.ocx
c:\windows\system32\3fa9downlo9der2z55.exe
c:\windows\system32\3z0esp9ware2059.ocx
c:\windows\system32\3z3aspar5e29529.exe
c:\windows\system32\3z46wo5931c.bin
c:\windows\system32\3z85backdoo520199.ocx
c:\windows\system32\40635pars92167z.bin
c:\windows\system32\4169notza-virus9ab5.dll
c:\windows\system32\4271woz5295.dll
c:\windows\system32\42d59dd5are8z5.ocx
c:\windows\system32\44za5teal12509.dll
c:\windows\system32\4579downlo5dzr785.exe
c:\windows\system32\457a5zckdoor914.exe
c:\windows\system32\45c65ackdoorz4169.cpl
c:\windows\system32\469eadd5are41z.dll
c:\windows\system32\47265rz9a3.exe
c:\windows\system32\4987b5ckdozr2935.dll
c:\windows\system32\4992bac5door33z.exe
c:\windows\system32\4995d9wnloa5ez734.dll
c:\windows\system32\49ddbackd9oz29705.bin
c:\windows\system32\4a765te9lz826.cpl
c:\windows\system32\4c0dow5zo9der3025.dll
c:\windows\system32\4d24vi9z4095.cpl
c:\windows\system32\4d68s5zware29299.exe
c:\windows\system32\4d7azhr5at29524.dll
c:\windows\system32\4f539hizf2596.ocx
c:\windows\system32\4f99t9ief5396z.exe
c:\windows\system32\4zcfa95ware3176.ocx
c:\windows\system32\502879zy5e.dll
c:\windows\system32\502szam5ot4d49.ocx
c:\windows\system32\50515not-a-virus1c9z.exe
c:\windows\system32\5056bac9dozr713.cpl
c:\windows\system32\5078add9arz33.cpl
c:\windows\system32\50czdo9nloader922.dll
c:\windows\system32\50e1thief1769z.ocx
c:\windows\system32\50z5steal9994.dll
c:\windows\system32\5149spyzare1941.cpl
c:\windows\system32\5158s9arsz743.bin
c:\windows\system32\51941wormz19.exe
c:\windows\system32\51zethief28659.dll
c:\windows\system32\52z9virus157.dll
c:\windows\system32\53a1z5r969.exe
c:\windows\system32\5468threz927998.ocx
c:\windows\system32\5506do5nlozder695.cpl
c:\windows\system32\5507tzreat121479.ocx
c:\windows\system32\5550thie9504z.ocx
c:\windows\system32\5595szarse2926.ocx
c:\windows\system32\55ado9nloader1z9.cpl
c:\windows\system32\55bd9zreat5559.cpl
c:\windows\system32\562downloazer3097.exe
c:\windows\system32\5674ha9ztool337.ocx
c:\windows\system32\5762zte5l1965.bin
c:\windows\system32\5767zackt9ol689.bin
c:\windows\system32\57fcazdw5re13929.cpl
c:\windows\system32\582589pzmbot7c7.bin
c:\windows\system32\582ztro91df.dll
c:\windows\system32\58875zdware9115.bin
c:\windows\system32\5896zot-a-viru9335.bin
c:\windows\system32\5992vir25z9.bin
c:\windows\system32\5aa6threaz25809.ocx
c:\windows\system32\5b88zhie51898.ocx
c:\windows\system32\5c2spars925z5.bin
c:\windows\system32\5c66downloadez5879.cpl
c:\windows\system32\5c67ad5w9rz1447.exe
c:\windows\system32\5d59vzr9922.cpl
c:\windows\system32\5d99zteal14525.cpl
c:\windows\system32\5dzcsparse14059.bin
c:\windows\system32\5e215zdwa9e1977.dll
c:\windows\system32\5f19z9yware2765.exe
c:\windows\system32\5f19zpars92556.ocx
c:\windows\system32\5f55ba5kdz9r2566.ocx
c:\windows\system32\5fddzhr5at299949.bin
c:\windows\system32\5ffvir20z9.exe
c:\windows\system32\5z92downloade92808.dll
c:\windows\system32\6215not-a-vizus954.dll
c:\windows\system32\633459zm7e4.dll
c:\windows\system32\6455wor59f5z.cpl
c:\windows\system32\65539pyware1z55.exe
c:\windows\system32\6635tz9e5t25523.bin
c:\windows\system32\66925zrus308.dll
c:\windows\system32\66b79ddzare65.exe
c:\windows\system32\675bspazse69.exe
c:\windows\system32\6815spamb9t41cz.ocx
c:\windows\system32\6902spywar51957z.bin
c:\windows\system32\69035irus952z.exe
c:\windows\system32\692b5dzw9re2600.bin
c:\windows\system32\6951szy6a25.exe
c:\windows\system32\696bzhief2059.cpl
c:\windows\system32\6991doz9loader5964.ocx
c:\windows\system32\6999thiz51420.bin
c:\windows\system32\69dcthzeat25505.exe
c:\windows\system32\69z5not-a5vir9s169.exe
c:\windows\system32\6a4cthzeat19859.exe
c:\windows\system32\6f5zvir2495.ocx
c:\windows\system32\6f8aviz1596.cpl
c:\windows\system32\6z65ad9wa5e2112.cpl
c:\windows\system32\6z98wor5c09.exe
c:\windows\system32\70a5doznloa5er1999.exe
c:\windows\system32\7212nzt-a-5i9us3d1.exe
c:\windows\system32\73a59zyware2375.ocx
c:\windows\system32\7468zp5mbo97b7.bin
c:\windows\system32\7579thzef17219.ocx
c:\windows\system32\75e759iez312.bin
c:\windows\system32\76cfba9kdooz4015.ocx
c:\windows\system32\76d7th9ea547z3.exe
c:\windows\system32\76e9thie565z.bin
c:\windows\system32\77465ir9358z.ocx
c:\windows\system32\7869b5ckdozr2226.exe
c:\windows\system32\789aspar592583z.exe
c:\windows\system32\7906not-a-5irus54z.bin
c:\windows\system32\7907backzoor1556.cpl
c:\windows\system32\7969threat15287z.ocx
c:\windows\system32\798a5iz890.bin
c:\windows\system32\7a095hizf1724.dll
c:\windows\system32\7c1dthief9z65.bin
c:\windows\system32\7d65z9reat9351.cpl
c:\windows\system32\7e69st5z93255.ocx
c:\windows\system32\7f2zv5r197.ocx
c:\windows\system32\7z50spyware94385.exe
c:\windows\system32\7zc5backd9or2553.cpl
c:\windows\system32\7zf5st95l1579.exe
c:\windows\system32\8195wor59az.cpl
c:\windows\system32\85409roz707.bin
c:\windows\system32\85559zy729.bin
c:\windows\system32\85675oz-a-virus739.bin
c:\windows\system32\8965zroj59.cpl
c:\windows\system32\89zthi5f20369.bin
c:\windows\system32\8z099roj5f9.exe
c:\windows\system32\8z91troj945.ocx
c:\windows\system32\9009ot-z-vi5us7e6.dll
c:\windows\system32\9023zpa5se2900.dll
c:\windows\system32\91a35teal1z91.exe
c:\windows\system32\91adste5lz206.bin
c:\windows\system32\924z5ot-9-virus5c1.bin
c:\windows\system32\9257troj76z.cpl
c:\windows\system32\926z3n5t-a-virus68c.bin
c:\windows\system32\93760spa5bot7zc.ocx
c:\windows\system32\939v5zus1ad.exe
c:\windows\system32\93a9th5efz875.cpl
c:\windows\system32\9412zro548.exe
c:\windows\system32\946cs5ealz539.ocx
c:\windows\system32\94z4steal5354.dll
c:\windows\system32\9504zvirus1e5.cpl
c:\windows\system32\9572viz1035.bin
c:\windows\system32\95821s5azbot148.ocx
c:\windows\system32\9589viz161.ocx
c:\windows\system32\95cdad5ware212z.cpl
c:\windows\system32\95cdaddwaz51761.ocx
c:\windows\system32\95zvi9us494.bin
c:\windows\system32\96060w5rz127.bin
c:\windows\system32\9634n5tza-v9rus1f7.ocx
c:\windows\system32\96814sp5mbotz8d.cpl
c:\windows\system32\96a5viz744.ocx
c:\windows\system32\96asteal5z76.dll
c:\windows\system32\97557szy6e5.dll
c:\windows\system32\975z7spy636.ocx
c:\windows\system32\9906w5zm10a.dll
c:\windows\system32\9919worm25z.ocx
c:\windows\system32\991tzie5999.cpl
c:\windows\system32\9940s5a9bot3zd.dll
c:\windows\system32\9954vzr2422.ocx
c:\windows\system32\9969s5yz31.bin
c:\windows\system32\99d4addware1536z.bin
c:\windows\system32\99z7spy5a5.dll
c:\windows\system32\9bezaddware1075.exe
c:\windows\system32\9d4fthre5t332z.bin
c:\windows\system32\9z14wo5mf49.cpl
c:\windows\system32\9z67tr9j105.exe
c:\windows\system32\a539teal28z9.bin
c:\windows\system32\ac5s9zware459.bin
c:\windows\system32\b55stealz990.ocx
c:\windows\system32\b5fspzr9e395.bin
c:\windows\system32\b95bzckdoor1260.exe
c:\windows\system32\cfasp59se268z.ocx
c:\windows\system32\ddstea922z5.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\ff3th5ef1195z.cpl
c:\windows\system32\kdfinj.dll
c:\windows\system32\Packet.dll
c:\windows\system32\ps2.bat
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\system32\z081add9ar52192.cpl
c:\windows\system32\z1648wo95ca.dll
c:\windows\system32\z225troj199.bin
c:\windows\system32\z2867wo5m459.exe
c:\windows\system32\z4855s5ambot1c09.dll
c:\windows\system32\z49f5teal2906.cpl
c:\windows\system32\z4b79hreat31425.exe
c:\windows\system32\z5529worm97f.cpl
c:\windows\system32\z5855w9rm143.dll
c:\windows\system32\z6665hac9tool5b7.exe
c:\windows\system32\z692thr5at1132.exe
c:\windows\system32\z7020not5a-virus449.dll
c:\windows\system32\z702vi59.exe
c:\windows\system32\z769thr5at18805.exe
c:\windows\system32\z8540tro9298.ocx
c:\windows\system32\z8735pambo938f.exe
c:\windows\system32\z8a5do9nl5ader2735.bin
c:\windows\system32\zcbasp9ware2035.cpl
c:\windows\system32\zd67t9reat14258.ocx
c:\windows\system32\zdd2ba5kd9or1370.exe
c:\windows\system32\ze59steal1914.ocx
c:\windows\tmlpcert2007
c:\windows\woprdagt.exe
c:\windows\z0473not-a-virus5b59.exe
c:\windows\z0517troj689.bin
c:\windows\z105wor56f19.cpl
c:\windows\z19backdoo5303.ocx
c:\windows\z236s95rse1525.ocx
c:\windows\z41c5hreat98617.bin
c:\windows\z49225ot-a-virus3fd9.exe
c:\windows\z5544not-a-v95us3a6.cpl
c:\windows\z5556tr59785.bin
c:\windows\z56599py6cb.cpl
c:\windows\z56c5hreat39619.ocx
c:\windows\z585spywa9e1673.exe
c:\windows\z755thi9f2890.ocx
c:\windows\z79addw5re1999.cpl
c:\windows\z8143sp5796.ocx
c:\windows\z8953virus11d.exe
c:\windows\z8993hackt5ol9d.exe
c:\windows\z9559tr9j1555.bin
c:\windows\z993bac5door999.cpl
c:\windows\z9955not-a-vir5s3f9.bin
c:\windows\z995thief205.dll
c:\windows\za45threat22596.dll
c:\windows\zac5ad9war53227.cpl
c:\windows\zc85steal28759.ocx
c:\windows\zd1abackdoor21589.dll
c:\windows\zf119hief28285.bin
c:\windows\zf59s9yware2849.cpl
D:\resycled
c:\recycler\S-1-5-21-1242983221-992244275-1784959909-1008 . . . . failed to delete

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GAOPDXSERV.SYS
-------\Legacy_npf
-------\Service_gaopdxserv.sys
-------\Service_npf


((((((((((((((((((((((((( Files Created from 2009-07-27 to 2009-08-27 )))))))))))))))))))))))))))))))
.

2009-08-27 16:51 . 2009-08-27 22:59 -------- d-----w- c:\program files\trend micro
2009-08-27 16:51 . 2009-08-27 16:52 -------- d-----w- C:\rsit
2009-08-27 08:40 . 2009-08-27 08:40 33792 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
2009-08-26 23:54 . 2009-08-26 23:55 -------- d-----w- c:\program files\iTunes
2009-08-26 23:54 . 2009-08-26 23:55 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-26 23:52 . 2009-08-26 23:52 -------- d-----w- c:\program files\Bonjour
2009-08-26 23:50 . 2009-08-26 23:51 -------- d-----w- c:\program files\QuickTime
2009-08-26 23:45 . 2009-07-09 10:16 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-11 13:49 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-08-11 13:49 . 2006-10-16 14:10 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2009-08-11 13:42 . 2009-08-11 13:42 -------- d-----w- c:\program files\Cyanide
2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\HP_Prop\Bullfrog
2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\HP_Prop
2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\windows\system\KEEPER
2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\program files\Bullfrog
2009-08-09 18:13 . 2009-08-09 18:13 -------- d-----w- C:\KEEPER
2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\AskSearch
2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\AskBarDis
2009-07-31 18:44 . 2009-07-31 18:44 -------- d-----w- c:\program files\uTorrent
2009-07-29 19:49 . 2009-07-29 19:49 -------- d-----w- c:\program files\trust global

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 10:41 . 2009-01-25 16:07 189744 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-27 10:31 . 2009-01-25 16:07 139904 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-25 09:27 . 2009-07-01 23:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Loud spam else tool
2009-08-23 13:19 . 2009-07-17 17:17 -------- d-----w- c:\program files\MpcStar
2009-08-17 16:10 . 2009-02-17 00:43 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-02-17 00:43 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2009-02-17 00:43 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2009-02-17 00:43 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-02-17 00:43 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2009-02-17 00:43 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-02-17 00:43 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2009-02-17 00:43 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2009-02-17 00:43 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-13 17:41 . 2009-07-16 15:45 -------- d-----w- c:\program files\CometBird
2009-08-11 17:45 . 2009-02-03 19:30 -------- d-----w- c:\program files\Microsoft Games
2009-08-06 20:51 . 2009-07-16 15:39 -------- d-----w- c:\program files\BitComet
2009-08-02 11:47 . 2009-07-01 23:49 -------- d-----w- c:\program files\Adverts
2009-07-28 12:57 . 2009-07-28 12:49 -------- d-----w- c:\program files\MediaInfo
2009-07-28 12:56 . 2009-07-28 12:56 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-07-28 12:56 . 2009-07-28 12:56 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-07-28 12:56 . 2009-07-28 12:51 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-07-28 12:51 . 2009-07-28 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-07-28 12:51 . 2009-07-28 12:51 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-07-26 13:05 . 2009-07-26 13:05 -------- d-----w- c:\program files\Aimersoft
2009-07-22 16:54 . 2008-06-16 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-22 10:53 . 2008-10-30 14:17 -------- d-----w- c:\program files\Wakfu
2009-07-21 15:53 . 2009-07-02 20:52 -------- d-----w- c:\program files\Everest Poker
2009-07-19 09:18 . 2009-02-22 16:00 -------- d-----w- c:\program files\BitSpirit
2009-07-19 09:15 . 2008-10-25 20:24 -------- d-----w- c:\program files\Gpotato.eu
2009-07-15 09:48 . 2009-07-28 12:56 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-07-13 12:22 . 2009-07-13 12:22 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-09 10:16 . 2009-02-25 10:32 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-07-02 18:05 . 2009-03-28 15:33 -------- d-----w- c:\program files\NDSROM Player
2009-07-01 23:49 . 2009-07-01 23:49 -------- d-----w- c:\program files\MessengerPlus! 3
2009-07-01 01:13 . 2009-01-25 16:06 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-06-30 23:56 . 2007-07-05 20:55 -------- d-----w- c:\program files\Wolfenstein - Enemy Territory
2009-06-06 10:03 . 2009-02-17 20:27 96 ---ha-w- c:\windows\system32\HsInfo.dat
2009-01-24 21:50 . 2005-09-17 13:59 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-29 68856]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-02-06 3572984]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-03-24 3587120]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-07-31 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-01-02 36972]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-06 339968]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SSC_UserPrompt"="c:\program files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-08-16 218240]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2004-09-07 58488]
"IS CfgWiz"="c:\program files\Norton Internet Security\cfgwiz.exe" [2004-08-24 132248]
"URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 33936]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-07-01 190024]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\documents and settings\Administrateur.NOM-EB85C523610\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

c:\documents and settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
ikowin32.exe [2004-8-5 23040]
Notification de cadeaux MSN.lnk - c:\documents and settings\HP_Propri‚taire\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-6-15 135680]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-5 258048]
icwsetup.exe [2009-8-27 33792]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-12-25 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-25 688128]

c:\windows\system32\config\systemprofile\Menu D‚marrer\Programmes\D‚marrage\
AutoTBar.exe [2003-9-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Cyanide\\Dungeon Party\\DungeonParty.exe"=
"c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7720:TCP"= 7720:TCP:BitComet 7720 TCP
"7720:UDP"= 7720:UDP:BitComet 7720 UDP
"1:TCP"= 1:TCP:jjj

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17/02/2009 02:43 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17/02/2009 02:43 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [28/07/2009 14:56 604488]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [31/05/2009 02:15 79104]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [31/07/2009 20:45 234888]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [31/05/2009 02:15 131072]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva221;XDva221;\??\c:\windows\system32\XDva221.sys --> c:\windows\system32\XDva221.sys [?]
S3 XDva224;XDva224;\??\c:\windows\system32\XDva224.sys --> c:\windows\system32\XDva224.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-27 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-07-16 09:00]

2009-08-21 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2008-01-09 02:08]

2005-01-02 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-01-02 17:22]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
Toolbar-{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file)
WebBrowser-{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - (no file)
HKLM-Run-15820934 - c:\documents and settings\All Users\Application Data\15820934\15820934.exe
HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?o=13928&l=dis
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
uSearch Bar =
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://www.apple.com/fr/itunes/download/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Télécharger avec &BitSpirit - c:\program files\BitSpirit\bsurl.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-28 01:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\docume~1\HP_PRO~1\LOCALS~1\Temp\RGI4.tmp 7136 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3972)
c:\program files\MessengerPlus! 3\MsgPlusLoader.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\program files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\

Voila dsl pour l'attente mais mon ordi n'est pas du dernier crie ...

Tu n'as pas venu pour rien.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2707
Windows 5.1.2600 Service Pack 2

28/08/2009 02:24:21
mbam-log-2009-08-28 (02-24-21).txt

Type de recherche: Examen rapide
Eléments examinés: 123992
Temps écoulé: 8 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 26
Fichier(s) infecté(s): 334

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\WiniBlueSoft (Rogue.WiniBlue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Invité\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\IESkins (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOI\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\HostOL\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1041655.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1043399.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057185.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1057776.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1384577.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\1416861.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2258213.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2563373.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\2656897.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3750949.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3752096.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\3893498.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\442905.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\575811.sdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023894 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024148 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026054 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026149 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027037 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000028063 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000029298 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032930 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000033079 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000044868 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000047858 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052008 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052451 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052615 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000057533 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059264 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000059554 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000061533 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000062177 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063490 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063625 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000063820 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000064073 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065105 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065154 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000065227 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000068631 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000074984 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000081898 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082129 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000082797 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000083033 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\116977 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\12457 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13632 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1491 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\17040 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19650 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20516 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20970 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\23928 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\247895 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25063 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\25424 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\266291 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27505 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\29547 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\296128 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\303579 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\306 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32242 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32418 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32887 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\3338 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33695 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34374 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34911 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\374830 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\37616 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39228 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39232 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\411116 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4142 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\41499 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\42849 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44228 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44279 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44293 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4442 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44878 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\451453 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\459338 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\472390 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\477407 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\479957 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49442 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\49444 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\51174 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\520094 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\52968 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\53842 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\54488 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\546899 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\553177 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\571472 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\572023 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\578104 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\57973 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59598 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\624121 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\628262 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\658110 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\67469 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68055 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\68098 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\690746 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69235 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\69263 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\703600 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\704965 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705060 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705131 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705150 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705248 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705252 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705265 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705290 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705461 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\711791 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\716428 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\733622 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\738320 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\742100 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\744920 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\745356 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\749298 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750789 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\75089 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\750891 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\7521 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\78600 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79432 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\79986 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81293 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\81392 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\82011 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\83226 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\85365 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\86587 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\87304 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90008 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90271 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\90358 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95678 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95704 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97494 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97741 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\98250 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\dynamic\ustat\3754.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\top7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\icons2.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\progress.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire.THOMAS\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\videosoft\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage\ikowin32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Voila j'espère ne pas avoir fais de mauvaises manipulations

● Relance MBAM, va dans Quarantaine et supprime tout.

● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Q | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 26/08/2009 à 6:37 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 2:35:17, 28/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ v5.1.2600
Nom du PC: NOM-EB85C523610 | Utilisateur actuel: HP_Propri‚taire
.
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: "ASKUpgrade"
.
HKCR\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKCU\Software\Grand Virtual
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
.
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\022D75E6
C:\Program Files\AskBarDis\bar\Cache\022DCB0B.bin
C:\Program Files\AskBarDis\bar\Cache\022DEA4B.bin
C:\Program Files\AskBarDis\bar\Cache\022DEC3F.bin
C:\Program Files\AskBarDis\bar\Cache\0232D786.bin
C:\Program Files\AskBarDis\bar\Cache\0232DFB4.bin
C:\Program Files\AskBarDis\bar\Cache\0232E1F6.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\Program Files\AskBarDis
C:\Program Files\AskSearch\bin
C:\Program Files\AskSearch
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\CStart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\history
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\history\4.txt
C:\Program Files\Everest Poker\history\6.txt
C:\Program Files\Everest Poker
C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla\Firefox\Profiles\fzh42cwq.default\searchplugins\ask.xml
C:\Documents and Settings\HP_Propri‚taire\Bureau\Everest Poker.exe
C:\Documents and Settings\HP_Propri‚taire\Bureau\autre\Everest Poker.exe
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@pacificpoker[2].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@partypoker[2].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 *
.
Nom du profil: fzh42cwq.default (HP_Propri‚taire)
.
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13");
.
.
.
* Internet Explorer Version 6.0.2900.2180 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs : res://ieframe.dll/tabswelcome.htm
.
===================================
.
10333 Octet(s) - C:\Ad-Report-CLEAN.log
.
3 Fichier(s) - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
19 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
31 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 2:50:13 | 28/08/2009
.
============== E.O.F ==============
.

Voila ... quelle longue procédure pour un aussi vicieux anti-virus ....

--> Désinstalle Ad-Remover.

--> Menu Démarrer > Exécuter > Tape combofix /u et valide.

--> Refais un scan RSIT et poste le rapport log.