Sujet Précédent Sujet Suivant

"svchostw.exe"

Résolu/Fermé
maellou85 - 17 mars 2009 à 10:49
 maellou85 - 24 mars 2009 à 13:06
Bonjour,
Depuis quelques jours à chaque démarrage d'une session de mon ordinateur un message s'affiche disant que Windows ne peut pas trouver le fichier svchostw.exe ... quelq'un pourrait-il me dire comment régler ce problème ?
De plus, depuis le même moment, lors de recherche sur google je suis sans cesse rediriger vers des pages de pubs! Peut-etre y a t'il un rapport...
Merci d'avance.

39 réponses

  • 1
  • 2
Réponse 1 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 10:52
Salut,

Ton PC est infecté mais je ne peux pas t'en dire plus sans plus d'infos.

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.
0
maellou85
17 mars 2009 à 10:56
voilà, j'espère que j'ai bien tout fait...


Logfile of random's system information tool 1.05 (written by random/random)
Run by Maellou at 2009-03-17 10:54:54
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (20%) free of 72 GB
Total RAM: 767 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:55, on 17/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\documents and settings\maellou\local settings\application data\kmcsquc.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\Maellou\LOCALS~1\Temp\19.tmp.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Maellou\Local Settings\Temporary Internet Files\Content.IE5\GOHU76TQ\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Maellou.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe svchostw.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: DVA First - {8377285E-F9CE-4DEB-936C-04CAF05F0512} - C:\WINDOWS\qvlbodmnlks.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (file missing)
O3 - Toolbar: mkrndofl - {503AA2B1-C257-44D3-82D9-43FD349561A6} - C:\WINDOWS\mkrndofl.dll (file missing)
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [kmcsquc] "c:\documents and settings\maellou\local settings\application data\kmcsquc.exe" kmcsquc
O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\Maellou\LOCALS~1\Temp\19.tmp.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Cognac] C:\WINDOWS\TEMP\197.tmp.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Cognac] C:\WINDOWS\TEMP\197.tmp.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Moniteur Fax_Voix V3.02.lnk = C:\OLIFAXVX\MONITEUR.EXE (User 'Default user')
O4 - .DEFAULT User Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Maellou/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://orange.securitoo.com/pchc/fscax.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file:///C:/Documents%20and%20Settings/Maellou/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/ddfotg.1.0.0.37.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://orange.securitoo.com/ols/fscax.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.fr/online2/gold_fever/goldfever.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeuxenligne.orange.fr/GameShell/online/fr/Diner_Dash/DinerDash.1.0.0.4.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://jeuxentelechargement.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--aba38feb-288c-4503-a389-e5d57111c05c/online/wedding_dash/fr/WeddingDash.1.0.0.47.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O21 - SSODL: wetkadmr - {4B92A0F8-31A4-44D3-AB5B-462AE98F9BE0} - C:\WINDOWS\wetkadmr.dll (file missing)
O21 - SSODL: tdomgafw - {53BCDF59-7BB5-497F-8C18-0C875DAE122F} - C:\WINDOWS\tdomgafw.dll (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
0
maellou85
17 mars 2009 à 12:15
Clean Navipromo version 3.7.6 commencé le 17/03/2009 à 12:06:03,73

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot

Antivirus : AntiVirus Firewall 7.03 7.03 (Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:14 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\Maellou\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\Thierry\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\titou\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Maellou\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.SIL\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.000\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.001\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~2\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\Thierry\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\THIERR~1.NOM\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\TITOU~1.NOM\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Maellou\locals~1\applic~1" ***

...\Live-Player ...suppression...
...\Live-Player supprimé !


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\Thierry\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\titou\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Maellou\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.001\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\Thierry\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\THIERR~1.NOM\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\titou\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\TITOU~1.NOM\menudm~1\progra~1" ***



*** Suppression fichiers ***

C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\tmlpcert2005 supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Maellou\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


ahekxtavdq.dat trouvé !
Copie ahekxtavdq.dat réalisée avec succès !
ahekxtavdq.dat supprimé !

ahekxtavdq_nav.dat trouvé !
Copie ahekxtavdq_nav.dat réalisée avec succès !
ahekxtavdq_nav.dat supprimé !

ahekxtavdq_navps.dat trouvé !
Copie ahekxtavdq_navps.dat réalisée avec succès !
ahekxtavdq_navps.dat supprimé !

bwhmpb.dat trouvé !
Copie bwhmpb.dat réalisée avec succès !
bwhmpb.dat supprimé !

bwhmpb_nav.dat trouvé !
Copie bwhmpb_nav.dat réalisée avec succès !
bwhmpb_nav.dat supprimé !

bwhmpb_navps.dat trouvé !
Copie bwhmpb_navps.dat réalisée avec succès !
bwhmpb_navps.dat supprimé !

idqvhcx.dat trouvé !
Copie idqvhcx.dat réalisée avec succès !
idqvhcx.dat supprimé !

idqvhcx_nav.dat trouvé !
Copie idqvhcx_nav.dat réalisée avec succès !
idqvhcx_nav.dat supprimé !

idqvhcx_navps.dat trouvé !
Copie idqvhcx_navps.dat réalisée avec succès !
idqvhcx_navps.dat supprimé !

C:\WINDOWS\prefetch\kmcsquc*.pf trouvé !
Copie C:\WINDOWS\prefetch\kmcsquc*.pf réalisée avec succès !
C:\WINDOWS\prefetch\kmcsquc*.pf supprimé !

ooegs.exe trouvé !
Copie ooegs.exe réalisée avec succès !
ooegs.exe supprimé !

ooegs.dat trouvé !
Copie ooegs.dat réalisée avec succès !
ooegs.dat supprimé !

ooegs_nav.dat trouvé !
Copie ooegs_nav.dat réalisée avec succès !
ooegs_nav.dat supprimé !

ooegs_navps.dat trouvé !
Copie ooegs_navps.dat réalisée avec succès !
ooegs_navps.dat supprimé !

qwopnvykj.dat trouvé !
Copie qwopnvykj.dat réalisée avec succès !
qwopnvykj.dat supprimé !

qwopnvykj_nav.dat trouvé !
Copie qwopnvykj_nav.dat réalisée avec succès !
qwopnvykj_nav.dat supprimé !

qwopnvykj_navps.dat trouvé !
Copie qwopnvykj_navps.dat réalisée avec succès !
qwopnvykj_navps.dat supprimé !


* Dans "C:\Documents and Settings\Maellou\locals~1\applic~1" *


kmcsquc.exe trouvé !
Copie kmcsquc.exe réalisée avec succès !
kmcsquc.exe supprimé !

kmcsquc.dat trouvé !
Copie kmcsquc.dat réalisée avec succès !
kmcsquc.dat supprimé !

kmcsquc_nav.dat trouvé !
Copie kmcsquc_nav.dat réalisée avec succès !
kmcsquc_nav.dat supprimé !

kmcsquc_navps.dat trouvé !
Copie kmcsquc_navps.dat réalisée avec succès !
kmcsquc_navps.dat supprimé !


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



* Dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" *



* Dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" *



* Dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" *



* Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *



* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *



* Dans "C:\DOCUME~1\Thierry\locals~1\applic~1" *



* Dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" *



* Dans "C:\DOCUME~1\titou\locals~1\applic~1" *



* Dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" *



*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***

C:\WINDOWS\Tasks\A58B1C0490709B64.job trouvé ! Infection Lop possible non traitée par cet outil !


*** Nettoyage terminé le 17/03/2009 à 12:12:52,06 ***
0
Réponse 2 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 10:58
Le rapport log n'est pas complet mais on peut déjà voir que tu es bien infecté.
0
maellou85
17 mars 2009 à 11:01
Oui, il n'y a qu'un seul fichier texte qui s'ouvre...

Que dois-je faire pour le nettoyer svp ?
0
Réponse 3 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 11:07
"O4 - HKCU\..\Run: [kmcsquc] "c:\documents and settings\maellou\local settings\application data\kmcsquc.exe" kmcsquc"
---> Infection Navipromo. Cette infection affiche des pubs intempestives.

- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le Bureau.

- Double-clique sur Navilog1.exe afin de lancer l'installation.

- Si le fix ne se lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.

- Appuie sur F ou f puis valide par Entrée.

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.

- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse terminée le ..... ***

- Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.

- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
0
Réponse 4 / 39
maellou85
17 mars 2009 à 11:35
C'est normal que le scan dure si longtemps (on en est a 25 minutes) ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 39
maellou85
17 mars 2009 à 11:35
C'est normal que le scan dure si longtemps (on en est a 25 minutes) ?
0
Réponse 6 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 11:37
C'est assez aléatoire.
0
maellou85
17 mars 2009 à 12:02
Search Navipromo version 3.7.6 commencé le 17/03/2009 à 11:09:25,42

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot

Antivirus : AntiVirus Firewall 7.03 7.03 (Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:14 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)


Recherche executé en mode normal


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Maellou\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.SIL\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.000\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.001\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~2\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Thierry\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\THIERR~1.NOM\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\TITOU~1.NOM\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Maellou\locals~1\applic~1" ***

...\Live-Player trouvé !

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Thierry\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\titou\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Maellou\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.001\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\Thierry\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\THIERR~1.NOM\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\titou\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\TITOU~1.NOM\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Maellou\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Thierry\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\titou\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" *



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\tmlpcert2005 trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

HKEY_CURRENT_USER\Software\Lanconfig

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kmcsquc"="\"c:\\documents and settings\\maellou\\local settings\\application data\\kmcsquc.exe\" kmcsquc"


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

ahekxtavdq.dat trouvé !
ahekxtavdq_nav.dat trouvé !
ahekxtavdq_navps.dat trouvé !
bwhmpb.dat trouvé !
bwhmpb_nav.dat trouvé !
bwhmpb_navps.dat trouvé !
idqvhcx.dat trouvé !
idqvhcx_nav.dat trouvé !
idqvhcx_navps.dat trouvé !
ooegs.exe trouvé !
ooegs.dat trouvé !
ooegs_nav.dat trouvé !
ooegs_navps.dat trouvé !
qwopnvykj.dat trouvé !
qwopnvykj_nav.dat trouvé !
qwopnvykj_navps.dat trouvé !

* Dans "C:\Documents and Settings\Maellou\locals~1\applic~1" :

kmcsquc.exe trouvé !
kmcsquc.dat trouvé !
kmcsquc_nav.dat trouvé !
kmcsquc_navps.dat trouvé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1.SIL\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1.000\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1.001\locals~1\applic~1" :


* Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :


* Dans "C:\DOCUME~1\Thierry\locals~1\applic~1" :


* Dans "C:\DOCUME~1\THIERR~1.NOM\locals~1\applic~1" :


* Dans "C:\DOCUME~1\titou\locals~1\applic~1" :


* Dans "C:\DOCUME~1\TITOU~1.NOM\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :

C:\WINDOWS\Tasks\A58B1C0490709B64.job trouvé ! Infection Lop possible non traitée par cet outil !


*** Analyse terminée le 17/03/2009 à 11:45:57,00 ***
0
Réponse 7 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 12:03
Bien.

---> Relance Navilog1, fais l'option 2 et poste le rapport (C:\cleannavi.txt).
0
Réponse 8 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 12:17
Ne réinstalle pas Live-Player, c'est un programme piégé.

---> Désinstalle Navilog1.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
maellou85
17 mars 2009 à 15:04
Après 1h30 d'analyse...


Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1857
Windows 5.1.2600 Service Pack 3

17/03/2009 14:53:59
mbam-log-2009-03-17 (14-53-59).txt

Type de recherche: Examen rapide
Eléments examinés: 161663
Temps écoulé: 1 hour(s), 23 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 23
Fichier(s) infecté(s): 65

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\msxml71.dll (Malware.Trace) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mkrndofl.bknp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mkrndofl.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\msvps.msvpsapp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{488250ee-19cb-433a-8f37-ceba84093a7d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{53b70190-18ac-4a9b-9999-ab5a2ee144b1} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8a3a5e9e-e192-4c90-9d41-b8de0916e03e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{503aa2b1-c257-44d3-82d9-43fd349561a6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8377285e-f9ce-4deb-936c-04caf05f0512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{638a8e0c-f206-471c-b346-9596addbb026} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{96f7bae9-bc94-4206-8466-1fa321178963} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{503aa2b1-c257-44d3-82d9-43fd349561a6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8377285e-f9ce-4deb-936c-04caf05f0512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8377285e-f9ce-4deb-936c-04caf05f0512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AdvancedCleaner Free (Rogue.Advanced.Cleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Foxicle (Adware.Foxicle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{503aa2b1-c257-44d3-82d9-43fd349561a6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe svchostw.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\Thierry.NOM-Y6G795SKGF6\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thierry.NOM-Y6G795SKGF6\Application Data\DriveCleaner 2006 Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\PopupBlocker (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Recipes (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Reference (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\SearchMatch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\whInstall (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Thierry.NOM-Y6G795SKGF6\Application Data\DriveCleaner 2006 Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Recipes\RecipesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Recipes\RecipesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\license.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\readme.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20090313161733488.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20090313172216875.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\x.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\y.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\xxxvideo.hta (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\a.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nK75e2JT.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alxres.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\accesss.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\astctl32.ocx (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\avpcc.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\clrssn.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\cpan.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\mtwirl32.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\notepad32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\olehelp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\systeem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\systemcritical.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\time.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\users32.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\waol.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\win32e.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\win64.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winajbm.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\window.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winmgnt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\xplugin.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ace16win.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kernels64.exe (Worm.Zhelatin) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\WINDOWS\system32\winlogon.ini (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
0
Réponse 9 / 39
maellou85
17 mars 2009 à 15:05
Et le message concernant svchostw.exe ne s'affiche plus au démarrage =)
0
Réponse 10 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 15:30
--> Relance MBAM, va dans Quarantaine et supprime tout.

--> Télécharge Lop S&D (par Eric_71 & Angeldark) sur ton Bureau.

--> Double-clique dessus pour lancer l'installation.

--> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

--> Patiente jusqu'à la fin du scan.

--> Poste le rapport généré (C:\lopR.txt).
0
maellou85
17 mars 2009 à 16:00
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.03 7.03 (Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:14 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 17/03/2009|15:43 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[08/03/2004|18:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Adobe
[08/03/2004|18:35] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Adobe
[16/03/2004|23:11] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Adobe
[02/01/2003|11:23] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\InterTrust
[02/01/2003|11:48] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Microsoft
[02/01/2003|12:35] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Sonic
[01/01/2003|20:32] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Symantec

[29/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/02/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[27/02/2007|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[27/02/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[15/02/2009|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[15/02/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/01/2009|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[08/01/2009|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache(2)
[05/03/2009|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg
[31/08/2006|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[17/04/2005|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[13/08/2006|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chasing Dogs Studios
[29/12/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Christmasville
[02/08/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[27/12/2008|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[31/03/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform
[10/01/2009|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
[18/08/2007|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[31/03/2006|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\foursectmemotrans
[10/07/2008|14:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
[17/10/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[17/10/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[30/11/2007|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[16/01/2007|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar(2)
[19/02/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
[11/11/2008|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/06/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[02/01/2003|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[08/10/2006|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
[10/01/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[18/08/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
[01/05/2005|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[17/03/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/06/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/01/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[09/02/2004|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[02/08/2006|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[02/07/2007|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[17/10/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[13/03/2009|23:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
[11/01/2009|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[09/05/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[03/01/2009|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[10/01/2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playrix Entertainment
[08/07/2005|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/09/2006|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
[15/07/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[02/01/2003|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/03/2009|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/03/2009|00:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[02/08/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[16/02/2008|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
[27/02/2007|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[26/10/2005|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/12/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/11/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/01/2007|02:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[16/01/2007|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion(2)
[30/06/2006|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[02/01/2003|12:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[25/05/2005|18:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Atari
[26/02/2004|18:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[02/01/2003|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterVideo
[26/10/2005|13:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Lycos
[17/09/2005|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[02/01/2003|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/03/2004|20:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\MSN6
[02/01/2003|12:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2003|20:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Template

[02/01/2003|12:30] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
[02/01/2003|11:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\INVIT~1\APPLIC~1\InterTrust
[02/01/2003|11:48] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[02/01/2003|12:35] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[01/01/2003|20:32] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[23/01/2007|23:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/07/2006|07:37] C:\DOCUME~1\Maellou\APPLIC~1\.gaim
[10/02/2008|13:19] C:\DOCUME~1\Maellou\APPLIC~1\Adobe
[25/02/2007|17:52] C:\DOCUME~1\Maellou\APPLIC~1\AdobeUM
[23/02/2009|23:05] C:\DOCUME~1\Maellou\APPLIC~1\Apple Computer
[02/08/2006|12:25] C:\DOCUME~1\Maellou\APPLIC~1\ArcSoft
[31/01/2005|21:11] C:\DOCUME~1\Maellou\APPLIC~1\Atari
[08/01/2009|22:45] C:\DOCUME~1\Maellou\APPLIC~1\Azureus
[08/10/2006|13:44] C:\DOCUME~1\Maellou\APPLIC~1\Balloon Express
[27/12/2008|16:07] C:\DOCUME~1\Maellou\APPLIC~1\BeachPartyCraze
[05/03/2009|14:08] C:\DOCUME~1\Maellou\APPLIC~1\blg
[12/01/2009|19:22] C:\DOCUME~1\Maellou\APPLIC~1\cerasus.media
[13/08/2006|16:28] C:\DOCUME~1\Maellou\APPLIC~1\Chasing Dogs Studios
[23/03/2008|11:55] C:\DOCUME~1\Maellou\APPLIC~1\DivX
[17/03/2009|14:42] C:\DOCUME~1\Maellou\APPLIC~1\EoRezo
[10/01/2009|20:16] C:\DOCUME~1\Maellou\APPLIC~1\Flood Light Games
[18/08/2007|10:37] C:\DOCUME~1\Maellou\APPLIC~1\FloodLightGames
[12/06/2008|12:29] C:\DOCUME~1\Maellou\APPLIC~1\F-Secure
[05/03/2009|14:28] C:\DOCUME~1\Maellou\APPLIC~1\GameInvest
[10/01/2009|12:38] C:\DOCUME~1\Maellou\APPLIC~1\Go Go Gourmet
[16/01/2007|02:03] C:\DOCUME~1\Maellou\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\Maellou\APPLIC~1\Help
[23/12/2007|16:57] C:\DOCUME~1\Maellou\APPLIC~1\Home Sweet Home
[08/01/2009|22:44] C:\DOCUME~1\Maellou\APPLIC~1\Home Sweet Home 2
[10/07/2008|09:36] C:\DOCUME~1\Maellou\APPLIC~1\Icone
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\Maellou\APPLIC~1\InterVideo
[07/06/2006|15:24] C:\DOCUME~1\Maellou\APPLIC~1\ispnews
[30/09/2008|06:07] C:\DOCUME~1\Maellou\APPLIC~1\ItsLabel
[08/10/2006|12:33] C:\DOCUME~1\Maellou\APPLIC~1\iWin
[26/10/2005|13:15] C:\DOCUME~1\Maellou\APPLIC~1\Lavasoft
[02/10/2008|13:19] C:\DOCUME~1\Maellou\APPLIC~1\Leadertech
[26/02/2009|11:49] C:\DOCUME~1\Maellou\APPLIC~1\LimeWire
[03/03/2004|17:26] C:\DOCUME~1\Maellou\APPLIC~1\Lycos
[22/07/2007|17:13] C:\DOCUME~1\Maellou\APPLIC~1\Macromedia
[20/05/2006|19:33] C:\DOCUME~1\Maellou\APPLIC~1\Magic Match
[17/03/2009|13:03] C:\DOCUME~1\Maellou\APPLIC~1\Malwarebytes
[23/03/2008|11:55] C:\DOCUME~1\Maellou\APPLIC~1\Media Player Classic
[30/04/2008|16:24] C:\DOCUME~1\Maellou\APPLIC~1\Microsoft
[26/02/2009|11:46] C:\DOCUME~1\Maellou\APPLIC~1\Mozilla
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\MSN6
[02/08/2006|13:11] C:\DOCUME~1\Maellou\APPLIC~1\muvee Technologies
[22/04/2007|14:55] C:\DOCUME~1\Maellou\APPLIC~1\Nikon
[13/03/2009|23:40] C:\DOCUME~1\Maellou\APPLIC~1\Oberon Games
[17/03/2009|14:57] C:\DOCUME~1\Maellou\APPLIC~1\OpenOffice.org2
[03/01/2009|17:04] C:\DOCUME~1\Maellou\APPLIC~1\PlayFirst
[27/12/2008|13:25] C:\DOCUME~1\Maellou\APPLIC~1\Pogo Games
[22/04/2006|15:16] C:\DOCUME~1\Maellou\APPLIC~1\Raptisoft
[06/08/2008|19:13] C:\DOCUME~1\Maellou\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\SampleView
[15/07/2007|13:00] C:\DOCUME~1\Maellou\APPLIC~1\Sandlot Games
[17/03/2007|11:55] C:\DOCUME~1\Maellou\APPLIC~1\Screenshot Sender
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\Maellou\APPLIC~1\Sun
[18/02/2008|18:24] C:\DOCUME~1\Maellou\APPLIC~1\Super-Cow
[17/10/2008|12:10] C:\DOCUME~1\Maellou\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\Maellou\APPLIC~1\Template
[04/05/2008|11:23] C:\DOCUME~1\Maellou\APPLIC~1\TmpRecentIcons
[31/03/2006|11:25] C:\DOCUME~1\Maellou\APPLIC~1\UPLOADPILE
[16/02/2008|00:10] C:\DOCUME~1\Maellou\APPLIC~1\Valusoft
[06/09/2008|11:27] C:\DOCUME~1\Maellou\APPLIC~1\Viewpoint
[12/04/2008|22:45] C:\DOCUME~1\Maellou\APPLIC~1\vlc
[02/10/2008|17:38] C:\DOCUME~1\Maellou\APPLIC~1\VMNTOOLBAR
[27/09/2008|19:22] C:\DOCUME~1\Maellou\APPLIC~1\WinRAR
[01/07/2006|12:24] C:\DOCUME~1\Maellou\APPLIC~1\Wormux


[13/03/2009|18:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe
[02/01/2003|11:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[10/04/2005|19:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[05/02/2006|19:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\.gaim
[09/03/2008|13:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[29/04/2007|14:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Atari
[04/11/2007|18:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\FloodLightGames
[26/07/2007|01:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[07/03/2007|10:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[09/02/2004|12:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[14/06/2006|18:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\ispnews
[26/10/2005|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lycos
[20/08/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ma-config.com
[17/09/2005|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[23/03/2008|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[26/07/2007|01:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[20/01/2007|13:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[20/11/2005|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[25/11/2007|17:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\PlayFirst
[09/03/2007|22:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[02/01/2003|12:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[01/01/2003|20:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[28/02/2007|15:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[16/04/2008|09:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[24/05/2007|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZimTV

[21/12/2005|21:28] C:\DOCUME~1\PROPRI~2\APPLIC~1\Macromedia

[28/04/2005|18:35] C:\DOCUME~1\Thierry\APPLIC~1\Adobe
[12/05/2005|15:40] C:\DOCUME~1\Thierry\APPLIC~1\AdobeUM
[10/09/2005|17:28] C:\DOCUME~1\Thierry\APPLIC~1\Apple Computer
[12/03/2004|18:52] C:\DOCUME~1\Thierry\APPLIC~1\Help
[04/10/2005|20:59] C:\DOCUME~1\Thierry\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\Thierry\APPLIC~1\InterTrust
[23/02/2004|22:49] C:\DOCUME~1\Thierry\APPLIC~1\InterVideo
[28/10/2005|08:10] C:\DOCUME~1\Thierry\APPLIC~1\Lavasoft
[13/03/2005|03:26] C:\DOCUME~1\Thierry\APPLIC~1\Leadertech
[08/03/2004|18:36] C:\DOCUME~1\Thierry\APPLIC~1\Lycos
[16/12/2004|23:09] C:\DOCUME~1\Thierry\APPLIC~1\Macromedia
[04/10/2005|22:04] C:\DOCUME~1\Thierry\APPLIC~1\Microsoft
[12/04/2005|15:23] C:\DOCUME~1\Thierry\APPLIC~1\MSN6
[02/01/2003|12:35] C:\DOCUME~1\Thierry\APPLIC~1\SampleView
[26/08/2005|13:37] C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports
[25/02/2004|14:26] C:\DOCUME~1\Thierry\APPLIC~1\Sonic
[12/05/2005|14:45] C:\DOCUME~1\Thierry\APPLIC~1\Sun
[16/05/2005|20:53] C:\DOCUME~1\Thierry\APPLIC~1\Symantec
[17/02/2004|15:51] C:\DOCUME~1\Thierry\APPLIC~1\Template

[07/03/2007|10:28] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\.gaim
[29/09/2008|17:13] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Adobe
[30/01/2007|13:16] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\AdobeUM
[25/02/2009|14:19] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Apple Computer
[31/01/2005|21:11] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Atari
[11/04/2007|15:01] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\bang
[26/03/2008|15:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\DivX
[13/03/2009|18:23] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\EoRezo
[17/06/2008|11:16] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\F-Secure
[16/10/2007|15:37] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Help
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\InterVideo
[08/06/2006|10:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ispnews
[30/09/2008|10:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ItsLabel
[16/12/2007|17:38] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\iWin
[26/10/2005|13:15] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Lycos
[05/08/2006|12:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Macromedia
[26/03/2008|15:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Media Player Classic
[10/06/2008|13:39] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Microsoft
[27/02/2007|14:48] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Mozilla
[27/02/2007|16:29] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\MSN6
[16/12/2007|14:06] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\MysteryStudio
[13/07/2007|12:43] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Nikon
[13/03/2009|17:50] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\OpenOffice.org2
[05/08/2006|12:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\PlayFirst
[24/11/2005|20:27] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Raptisoft
[28/03/2007|12:00] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\SampleView
[16/12/2007|13:34] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Shareaza
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Sun
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Template
[04/05/2008|20:44] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\TmpRecentIcons
[21/09/2006|09:41] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\U3
[31/03/2006|11:36] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\UPLOADPILE
[02/05/2008|02:23] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\vlc
[26/01/2008|18:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNTOOLBAR
[25/09/2008|11:54] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\WinRAR
[24/05/2007|10:39] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ZimTV



[30/09/2007|12:01] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Adobe
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Atari
[30/09/2007|09:33] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Help
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\InterVideo
[04/08/2006|14:51] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\ispnews
[26/10/2005|13:15] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Lycos
[17/09/2005|11:02] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Macromedia
[30/09/2007|08:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Microsoft
[04/05/2007|09:22] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Mozilla
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\MSN6
[04/05/2007|09:22] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\SampleView
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Sun
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Template

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/03/2009 23:00][--a------] C:\WINDOWS\tasks\At24.job
[16/03/2009 22:00][--a------] C:\WINDOWS\tasks\At23.job
[16/03/2009 21:00][--a------] C:\WINDOWS\tasks\At22.job
[16/03/2009 20:00][--a------] C:\WINDOWS\tasks\At21.job
[16/03/2009 19:00][--a------] C:\WINDOWS\tasks\At20.job
[16/03/2009 18:00][--a------] C:\WINDOWS\tasks\At19.job
[16/03/2009 17:00][--a------] C:\WINDOWS\tasks\At18.job
[16/03/2009 16:00][--a------] C:\WINDOWS\tasks\At17.job
[17/03/2009 15:00][--a------] C:\WINDOWS\tasks\At16.job
[17/03/2009 14:00][--a------] C:\WINDOWS\tasks\At15.job
[17/03/2009 13:00][--a------] C:\WINDOWS\tasks\At14.job
[17/03/2009 12:00][--a------] C:\WINDOWS\tasks\At13.job
[17/03/2009 11:00][--a------] C:\WINDOWS\tasks\At12.job
[16/03/2009 10:00][--a------] C:\WINDOWS\tasks\At11.job
[15/03/2009 09:00][--a------] C:\WINDOWS\tasks\At10.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At9.job
[17/03/2009 07:00][--a------] C:\WINDOWS\tasks\At8.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At7.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At6.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At4.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At5.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At3.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At2.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At1.job
[17/03/2009 06:57][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[17/03/2009 15:28][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[16/03/2009 15:00][--a------] C:\WINDOWS\tasks\Calendrier Microsoft Works.job
[17/03/2009 15:00][--ah-----] C:\WINDOWS\tasks\A58B1C0490709B64.job
[03/08/2003 11:17][-rah-c---] C:\WINDOWS\tasks\desktop.ini
[17/03/2009 14:56][--ah-----] C:\WINDOWS\tasks\SA.DAT

( A58B1C0490709B64.job )=( c:\docume~1\thierr~1.nom\applic~1\upload~1\64oncenoun.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[01/02/2004|11:20] C:\Program Files\A_Tablet
[26/10/2005|12:18] C:\Program Files\a2
[22/03/2008|20:51] C:\Program Files\ACE Mega CoDecS Pack
[26/10/2005|11:44] C:\Program Files\ActiveX Control Pad
[07/06/2007|10:22] C:\Program Files\Admiresoft
[02/10/2008|13:20] C:\Program Files\Adobe
[14/06/2005|14:59] C:\Program Files\Alcohol Soft
[03/10/2008|13:11] C:\Program Files\ArcSoft
[08/01/2009|22:45] C:\Program Files\AskBarDis
[01/02/2004|00:57] C:\Program Files\ATI Technologies
[08/11/2008|14:27] C:\Program Files\Audacity
[09/03/2008|14:17] C:\Program Files\AviSynth 2.5
[29/06/2007|18:46] C:\Program Files\AXEL
[04/09/2006|17:57] C:\Program Files\Boonty
[31/05/2007|22:08] C:\Program Files\CCleaner
[05/02/2009|11:53] C:\Program Files\Common files
[02/01/2003|11:19] C:\Program Files\ComPlus Applications
[01/02/2004|11:21] C:\Program Files\Corel
[02/10/2008|18:10] C:\Program Files\Cube Pics
[02/10/2008|17:22] C:\Program Files\DelThumbs
[24/05/2008|10:30] C:\Program Files\DEXXON
[29/06/2007|18:47] C:\Program Files\Dial-Messenger
[29/06/2007|18:46] C:\Program Files\Dictionnaire
[23/08/2007|10:21] C:\Program Files\DivX
[29/06/2007|18:46] C:\Program Files\Duo
[03/10/2008|13:07] C:\Program Files\DV BibliothŠque2
[02/10/2008|18:10] C:\Program Files\Easy Internet signup
[29/09/2008|16:52] C:\Program Files\EoRezo
[09/03/2008|14:16] C:\Program Files\eRightSoft
[31/03/2006|11:25] C:\Program Files\Fake Webcam
[15/02/2009|15:02] C:\Program Files\Fichiers communs
[01/02/2004|11:21] C:\Program Files\Free Notes & Office Ink
[02/10/2008|18:10] C:\Program Files\Free Offers from ScreenSaver.com
[22/07/2007|13:55] C:\Program Files\Gamenext
[05/03/2009|13:58] C:\Program Files\GamesBar
[08/01/2009|21:24] C:\Program Files\GetData
[28/07/2006|16:14] C:\Program Files\GIMP-2.0
[11/11/2008|10:09] C:\Program Files\Google
[01/02/2004|01:27] C:\Program Files\Hewlett-Packard
[05/03/2009|14:42] C:\Program Files\Hospital Hustle
[10/07/2008|14:00] C:\Program Files\Icone
[04/01/2009|19:38] C:\Program Files\InstallShield Installation Information
[02/01/2005|18:35] C:\Program Files\InterActual
[12/02/2009|00:41] C:\Program Files\Internet Explorer
[27/10/2005|17:03] C:\Program Files\InterVideo
[25/08/2008|11:44] C:\Program Files\Inventel
[23/09/2008|10:50] C:\Program Files\Java
[02/10/2008|18:10] C:\Program Files\Java Web Start
[06/06/2005|20:20] C:\Program Files\Kazaa
[22/03/2008|20:51] C:\Program Files\K-Lite Codec Pack
[28/10/2005|08:10] C:\Program Files\Lavasoft
[10/07/2008|14:00] C:\Program Files\LETMIN
[10/07/2008|08:49] C:\Program Files\listac
[02/10/2008|18:10] C:\Program Files\LiveUpdate
[11/08/2004|00:55] C:\Program Files\Ludiclub
[08/03/2004|18:35] C:\Program Files\Lycos
[20/08/2007|13:16] C:\Program Files\ma-config.com
[17/03/2009|13:03] C:\Program Files\Malwarebytes' Anti-Malware
[16/02/2006|19:38] C:\Program Files\MastaLine Software
[31/08/2006|12:13] C:\Program Files\Mes Jeux T‚l‚charg‚s
[02/10/2008|18:10] C:\Program Files\Messager Wanadoo
[02/10/2008|18:10] C:\Program Files\Messenger
[27/02/2009|21:38] C:\Program Files\Messenger Plus! Live
[31/03/2006|11:36] C:\Program Files\MessengerPlus! 3(2)
[23/09/2008|10:07] C:\Program Files\MessenPass
[11/03/2006|15:33] C:\Program Files\Micro Application
[02/01/2003|11:23] C:\Program Files\microsoft frontpage
[15/10/2006|17:55] C:\Program Files\Microsoft Games
[10/03/2009|20:21] C:\Program Files\Microsoft Office
[02/10/2008|18:10] C:\Program Files\Microsoft Picture It! PhotoPub
[16/11/2007|19:15] C:\Program Files\Microsoft SQL Server Compact Edition
[01/01/2003|11:33] C:\Program Files\Microsoft Visual Studio
[15/01/2009|15:17] C:\Program Files\Microsoft Works
[02/10/2008|18:10] C:\Program Files\Movie Maker
[09/05/2007|12:14] C:\Program Files\Mozilla Firefox
[10/03/2009|20:20] C:\Program Files\MSECache
[31/03/2006|11:35] C:\Program Files\MSN
[15/02/2005|19:45] C:\Program Files\MSN Apps
[02/01/2003|11:18] C:\Program Files\MSN Gaming Zone
[18/10/2008|14:45] C:\Program Files\MSN Messenger
[14/10/2006|19:37] C:\Program Files\MSXML 4.0
[17/03/2009|13:02] C:\Program Files\Navilog1
[26/08/2008|12:01] C:\Program Files\NetMeeting
[14/06/2005|14:24] C:\Program Files\NFO viewer
[07/08/2006|14:38] C:\Program Files\Nikon
[16/05/2005|18:28] C:\Program Files\Norton Password Manager
[02/10/2008|18:10] C:\Program Files\Norton Personal Firewall
[13/03/2009|23:37] C:\Program Files\Oberon Media
[19/12/2007|16:35] C:\Program Files\OpenOffice.org 2.3
[23/09/2008|10:40] C:\Program Files\OpenOffice.org 2.4
[13/07/2004|16:56] C:\Program Files\OPTENET
[13/06/2006|11:49] C:\Program Files\orange
[26/08/2008|12:01] C:\Program Files\Outlook Express
[08/01/2009|22:45] C:\Program Files\PC Camer@
[28/07/2006|16:19] C:\Program Files\Photobie
[02/10/2008|17:11] C:\Program Files\PhotoFiltre Studio
[02/10/2008|18:10] C:\Program Files\Phototool
[31/03/2006|11:25] C:\Program Files\PMsn Paraiso(2)
[15/02/2009|15:09] C:\Program Files\QuickTime
[29/04/2007|20:36] C:\Program Files\Radio Fr Solo
[29/07/2007|17:47] C:\Program Files\RADVideo
[05/10/2008|13:21] C:\Program Files\ReadIRIS
[28/01/2007|01:58] C:\Program Files\Real
[20/08/2007|13:21] C:\Program Files\Realtek AC97
[02/01/2003|12:24] C:\Program Files\RecordNow!
[27/12/2008|23:49] C:\Program Files\ReflexiveArcade
[31/03/2006|11:25] C:\Program Files\Reverse & Upper
[01/09/2006|10:49] C:\Program Files\Samsung
[05/03/2004|22:17] C:\Program Files\Securitoo
[02/01/2003|12:45] C:\Program Files\Services en ligne
[25/12/2005|00:29] C:\Program Files\SigmaTel
[28/07/2006|07:36] C:\Program Files\SM
[03/07/2006|15:53] C:\Program Files\sollab
[04/01/2009|19:43] C:\Program Files\Sony Ericsson
[31/03/2006|11:25] C:\Program Files\Spleak
[28/02/2007|15:26] C:\Program Files\Spybot - Search & Destroy
[21/09/2006|10:33] C:\Program Files\strCodec
[02/10/2008|13:30] C:\Program Files\Tap'Touche 5
[18/02/2006|18:16] C:\Program Files\TGTSoft
[15/11/2005|13:55] C:\Program Files\Thomson
[17/03/2009|10:25] C:\Program Files\Trend Micro
[01/02/2004|15:21] C:\Program Files\Ulead Systems
[02/01/2003|11:27] C:\Program Files\Uninstall Information
[07/05/2005|13:50] C:\Program Files\video
[05/05/2008|13:23] C:\Program Files\VideoLAN
[13/07/2004|16:56] C:\Program Files\videos_live
[27/02/2007|15:07] C:\Program Files\Viewpoint
[09/03/2008|15:04] C:\Program Files\VirtualDub
[29/06/2007|17:18] C:\Program Files\Visicom Media
[23/11/2008|14:48] C:\Program Files\Wanadoo
[02/10/2008|18:10] C:\Program Files\Wanadoo Messager
[04/01/2009|21:24] C:\Program Files\Windows Live
[25/11/2007|13:07] C:\Program Files\Windows Live Safety Center
[23/01/2007|22:24] C:\Program Files\Windows Media Connect 2
[02/10/2008|18:10] C:\Program Files\Windows Media Player
[26/08/2008|12:01] C:\Program Files\Windows NT
[02/01/2003|11:18] C:\Program Files\WindowsUpdate
[23/09/2008|10:11] C:\Program Files\WinRAR
[02/01/2003|11:23] C:\Program Files\xerox
[01/11/2007|15:16] C:\Program Files\ZimTV

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/10/2008|13:19] C:\Program Files\Fichiers communs\Adobe
[15/02/2009|16:22] C:\Program Files\Fichiers communs\Apple
[31/08/2006|11:58] C:\Program Files\Fichiers communs\BOONTY Shared
[01/01/2003|11:33] C:\Program Files\Fichiers communs\Designer
[02/01/2003|12:35] C:\Program Files\Fichiers communs\InstallShield
[20/05/2005|21:52] C:\Program Files\Fichiers communs\Java
[10/06/2005|22:14] C:\Program Files\Fichiers communs\ltncdrch
[10/03/2009|20:21] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2003|11:20] C:\Program Files\Fichiers communs\MSSoap
[02/08/2006|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[22/04/2007|14:55] C:\Program Files\Fichiers communs\Nikon
[23/07/2005|19:33] C:\Program Files\Fichiers communs\NSV
[11/06/2008|19:19] C:\Program Files\Fichiers communs\Oberon Media
[02/01/2003|11:14] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|22:45] C:\Program Files\Fichiers communs\PCCamera
[28/01/2007|01:59] C:\Program Files\Fichiers communs\Real
[16/01/2007|02:04] C:\Program Files\Fichiers communs\Sandlot Shared
[02/10/2008|18:10] C:\Program Files\Fichiers communs\Services
[02/01/2003|12:25] C:\Program Files\Fichiers communs\Sonic
[02/01/2003|11:14] C:\Program Files\Fichiers communs\SpeechEngines
[17/10/2008|12:10] C:\Program Files\Fichiers communs\Symantec Shared
[26/08/2008|12:01] C:\Program Files\Fichiers communs\System
[16/11/2007|19:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/01/2007|01:59] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 40 Processes )

IEXPLORE.EXE ~ [PID:2004]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Maellou\APPLIC~1\upload~1
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\upload~1
C:\WINDOWS\Tasks\A58B1C0490709B64.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 15:48:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5843

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job



[F:5][D:3]-> C:\DOCUME~1\Maellou\LOCALS~1\Temp
[F:56][D:0]-> C:\DOCUME~1\Maellou\Cookies
[F:2380][D:4]-> C:\DOCUME~1\Maellou\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 17/03/2009|15:56 - Option : [1]

--------------------\\ Fin du rapport a 15:56:41
0
Réponse 11 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 16:05
--> Double-clique sur le raccourci de Lop S&D pour le lancer.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Choisis cette fois-ci l'option 2 (Suppression).

--> Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
maellou85
17 mars 2009 à 16:15
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.03 7.03 (Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:14 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 17/03/2009|16:07 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\A58B1C0490709B64.job
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\upload~1
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\upload~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[08/03/2004|18:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Adobe
[08/03/2004|18:35] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.SIL\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Adobe
[16/03/2004|23:11] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Sonic

[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Adobe
[02/01/2003|11:23] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\InterTrust
[02/01/2003|11:48] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Microsoft
[02/01/2003|12:35] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Sonic
[01/01/2003|20:32] C:\DOCUME~1\ADMINI~1.001\APPLIC~1\Symantec

[29/09/2008|17:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/02/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[27/02/2007|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[27/02/2007|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[15/02/2009|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[15/02/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/01/2009|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[08/01/2009|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache(2)
[05/03/2009|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg
[31/08/2006|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[17/04/2005|13:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[13/08/2006|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chasing Dogs Studios
[29/12/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Christmasville
[02/08/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[27/12/2008|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[31/03/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform
[10/01/2009|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
[18/08/2007|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[31/03/2006|11:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\foursectmemotrans
[10/07/2008|14:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
[17/10/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[17/10/2008|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[30/11/2007|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[16/01/2007|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar(2)
[19/02/2008|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
[11/11/2008|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/06/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[02/01/2003|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[08/10/2006|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
[10/01/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[18/08/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
[01/05/2005|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[17/03/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/06/2008|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/01/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[09/02/2004|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[02/08/2006|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[02/07/2007|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[17/10/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[13/03/2009|23:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
[11/01/2009|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media
[09/05/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[03/01/2009|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[10/01/2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playrix Entertainment
[08/07/2005|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/09/2006|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung
[15/07/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[02/01/2003|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/03/2009|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/03/2009|00:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[02/08/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[16/02/2008|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
[26/10/2005|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/12/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[16/11/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/01/2007|02:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[16/01/2007|02:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion(2)
[30/06/2006|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[02/01/2003|12:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[25/05/2005|18:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Atari
[26/02/2004|18:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[02/01/2003|11:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterVideo
[26/10/2005|13:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Lycos
[17/09/2005|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[02/01/2003|11:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/03/2004|20:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\MSN6
[02/01/2003|12:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2003|20:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Template

[02/01/2003|12:30] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
[02/01/2003|11:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\INVIT~1\APPLIC~1\InterTrust
[02/01/2003|11:48] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[02/01/2003|12:35] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[01/01/2003|20:32] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[23/01/2007|23:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/07/2006|07:37] C:\DOCUME~1\Maellou\APPLIC~1\.gaim
[10/02/2008|13:19] C:\DOCUME~1\Maellou\APPLIC~1\Adobe
[25/02/2007|17:52] C:\DOCUME~1\Maellou\APPLIC~1\AdobeUM
[23/02/2009|23:05] C:\DOCUME~1\Maellou\APPLIC~1\Apple Computer
[02/08/2006|12:25] C:\DOCUME~1\Maellou\APPLIC~1\ArcSoft
[31/01/2005|21:11] C:\DOCUME~1\Maellou\APPLIC~1\Atari
[08/01/2009|22:45] C:\DOCUME~1\Maellou\APPLIC~1\Azureus
[08/10/2006|13:44] C:\DOCUME~1\Maellou\APPLIC~1\Balloon Express
[27/12/2008|16:07] C:\DOCUME~1\Maellou\APPLIC~1\BeachPartyCraze
[05/03/2009|14:08] C:\DOCUME~1\Maellou\APPLIC~1\blg
[12/01/2009|19:22] C:\DOCUME~1\Maellou\APPLIC~1\cerasus.media
[13/08/2006|16:28] C:\DOCUME~1\Maellou\APPLIC~1\Chasing Dogs Studios
[23/03/2008|11:55] C:\DOCUME~1\Maellou\APPLIC~1\DivX
[17/03/2009|14:42] C:\DOCUME~1\Maellou\APPLIC~1\EoRezo
[10/01/2009|20:16] C:\DOCUME~1\Maellou\APPLIC~1\Flood Light Games
[18/08/2007|10:37] C:\DOCUME~1\Maellou\APPLIC~1\FloodLightGames
[12/06/2008|12:29] C:\DOCUME~1\Maellou\APPLIC~1\F-Secure
[05/03/2009|14:28] C:\DOCUME~1\Maellou\APPLIC~1\GameInvest
[10/01/2009|12:38] C:\DOCUME~1\Maellou\APPLIC~1\Go Go Gourmet
[16/01/2007|02:03] C:\DOCUME~1\Maellou\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\Maellou\APPLIC~1\Help
[23/12/2007|16:57] C:\DOCUME~1\Maellou\APPLIC~1\Home Sweet Home
[08/01/2009|22:44] C:\DOCUME~1\Maellou\APPLIC~1\Home Sweet Home 2
[10/07/2008|09:36] C:\DOCUME~1\Maellou\APPLIC~1\Icone
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\Maellou\APPLIC~1\InterVideo
[07/06/2006|15:24] C:\DOCUME~1\Maellou\APPLIC~1\ispnews
[30/09/2008|06:07] C:\DOCUME~1\Maellou\APPLIC~1\ItsLabel
[08/10/2006|12:33] C:\DOCUME~1\Maellou\APPLIC~1\iWin
[26/10/2005|13:15] C:\DOCUME~1\Maellou\APPLIC~1\Lavasoft
[02/10/2008|13:19] C:\DOCUME~1\Maellou\APPLIC~1\Leadertech
[26/02/2009|11:49] C:\DOCUME~1\Maellou\APPLIC~1\LimeWire
[03/03/2004|17:26] C:\DOCUME~1\Maellou\APPLIC~1\Lycos
[22/07/2007|17:13] C:\DOCUME~1\Maellou\APPLIC~1\Macromedia
[20/05/2006|19:33] C:\DOCUME~1\Maellou\APPLIC~1\Magic Match
[17/03/2009|13:03] C:\DOCUME~1\Maellou\APPLIC~1\Malwarebytes
[23/03/2008|11:55] C:\DOCUME~1\Maellou\APPLIC~1\Media Player Classic
[30/04/2008|16:24] C:\DOCUME~1\Maellou\APPLIC~1\Microsoft
[26/02/2009|11:46] C:\DOCUME~1\Maellou\APPLIC~1\Mozilla
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\MSN6
[02/08/2006|13:11] C:\DOCUME~1\Maellou\APPLIC~1\muvee Technologies
[22/04/2007|14:55] C:\DOCUME~1\Maellou\APPLIC~1\Nikon
[13/03/2009|23:40] C:\DOCUME~1\Maellou\APPLIC~1\Oberon Games
[17/03/2009|14:57] C:\DOCUME~1\Maellou\APPLIC~1\OpenOffice.org2
[03/01/2009|17:04] C:\DOCUME~1\Maellou\APPLIC~1\PlayFirst
[27/12/2008|13:25] C:\DOCUME~1\Maellou\APPLIC~1\Pogo Games
[22/04/2006|15:16] C:\DOCUME~1\Maellou\APPLIC~1\Raptisoft
[06/08/2008|19:13] C:\DOCUME~1\Maellou\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\SampleView
[15/07/2007|13:00] C:\DOCUME~1\Maellou\APPLIC~1\Sandlot Games
[17/03/2007|11:55] C:\DOCUME~1\Maellou\APPLIC~1\Screenshot Sender
[15/11/2005|13:55] C:\DOCUME~1\Maellou\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\Maellou\APPLIC~1\Sun
[18/02/2008|18:24] C:\DOCUME~1\Maellou\APPLIC~1\Super-Cow
[17/10/2008|12:10] C:\DOCUME~1\Maellou\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\Maellou\APPLIC~1\Template
[04/05/2008|11:23] C:\DOCUME~1\Maellou\APPLIC~1\TmpRecentIcons
[16/02/2008|00:10] C:\DOCUME~1\Maellou\APPLIC~1\Valusoft
[12/04/2008|22:45] C:\DOCUME~1\Maellou\APPLIC~1\vlc
[02/10/2008|17:38] C:\DOCUME~1\Maellou\APPLIC~1\VMNTOOLBAR
[27/09/2008|19:22] C:\DOCUME~1\Maellou\APPLIC~1\WinRAR
[01/07/2006|12:24] C:\DOCUME~1\Maellou\APPLIC~1\Wormux


[13/03/2009|18:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Adobe
[02/01/2003|11:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[10/04/2005|19:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[05/02/2006|19:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\.gaim
[09/03/2008|13:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[29/04/2007|14:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Atari
[04/11/2007|18:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\FloodLightGames
[26/07/2007|01:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[07/03/2007|10:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[09/02/2004|12:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[14/06/2006|18:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\ispnews
[26/10/2005|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lycos
[20/08/2007|13:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ma-config.com
[17/09/2005|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[23/03/2008|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic
[26/07/2007|01:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[20/01/2007|13:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[20/11/2005|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[25/11/2007|17:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\PlayFirst
[09/03/2007|22:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[02/01/2003|12:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[02/01/2003|12:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[01/01/2003|20:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[28/02/2007|15:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\U3
[16/04/2008|09:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[24/05/2007|20:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ZimTV

[21/12/2005|21:28] C:\DOCUME~1\PROPRI~2\APPLIC~1\Macromedia

[28/04/2005|18:35] C:\DOCUME~1\Thierry\APPLIC~1\Adobe
[12/05/2005|15:40] C:\DOCUME~1\Thierry\APPLIC~1\AdobeUM
[10/09/2005|17:28] C:\DOCUME~1\Thierry\APPLIC~1\Apple Computer
[12/03/2004|18:52] C:\DOCUME~1\Thierry\APPLIC~1\Help
[04/10/2005|20:59] C:\DOCUME~1\Thierry\APPLIC~1\Identities
[02/01/2003|12:30] C:\DOCUME~1\Thierry\APPLIC~1\InterTrust
[23/02/2004|22:49] C:\DOCUME~1\Thierry\APPLIC~1\InterVideo
[28/10/2005|08:10] C:\DOCUME~1\Thierry\APPLIC~1\Lavasoft
[13/03/2005|03:26] C:\DOCUME~1\Thierry\APPLIC~1\Leadertech
[08/03/2004|18:36] C:\DOCUME~1\Thierry\APPLIC~1\Lycos
[16/12/2004|23:09] C:\DOCUME~1\Thierry\APPLIC~1\Macromedia
[04/10/2005|22:04] C:\DOCUME~1\Thierry\APPLIC~1\Microsoft
[12/04/2005|15:23] C:\DOCUME~1\Thierry\APPLIC~1\MSN6
[02/01/2003|12:35] C:\DOCUME~1\Thierry\APPLIC~1\SampleView
[26/08/2005|13:37] C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports
[25/02/2004|14:26] C:\DOCUME~1\Thierry\APPLIC~1\Sonic
[12/05/2005|14:45] C:\DOCUME~1\Thierry\APPLIC~1\Sun
[16/05/2005|20:53] C:\DOCUME~1\Thierry\APPLIC~1\Symantec
[17/02/2004|15:51] C:\DOCUME~1\Thierry\APPLIC~1\Template

[07/03/2007|10:28] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\.gaim
[29/09/2008|17:13] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Adobe
[30/01/2007|13:16] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\AdobeUM
[25/02/2009|14:19] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Apple Computer
[31/01/2005|21:11] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Atari
[11/04/2007|15:01] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\bang
[26/03/2008|15:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\DivX
[13/03/2009|18:23] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\EoRezo
[17/06/2008|11:16] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\F-Secure
[16/10/2007|15:37] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Help
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\InterVideo
[08/06/2006|10:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ispnews
[30/09/2008|10:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ItsLabel
[16/12/2007|17:38] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\iWin
[26/10/2005|13:15] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Lycos
[05/08/2006|12:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Macromedia
[26/03/2008|15:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Media Player Classic
[10/06/2008|13:39] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Microsoft
[27/02/2007|14:48] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Mozilla
[27/02/2007|16:29] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\MSN6
[16/12/2007|14:06] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\MysteryStudio
[13/07/2007|12:43] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Nikon
[13/03/2009|17:50] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\OpenOffice.org2
[05/08/2006|12:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\PlayFirst
[24/11/2005|20:27] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Raptisoft
[28/03/2007|12:00] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\SampleView
[16/12/2007|13:34] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Shareaza
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Sun
[15/11/2005|13:55] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\Template
[04/05/2008|20:44] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\TmpRecentIcons
[21/09/2006|09:41] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\U3
[02/05/2008|02:23] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\vlc
[26/01/2008|18:49] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNTOOLBAR
[25/09/2008|11:54] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\WinRAR
[24/05/2007|10:39] C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\ZimTV



[30/09/2007|12:01] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Adobe
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\AdobeUM
[31/01/2005|21:11] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Atari
[30/09/2007|09:33] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Google
[26/02/2004|18:42] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Help
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Identities
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\InterTrust
[09/02/2004|12:26] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\InterVideo
[04/08/2006|14:51] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\ispnews
[26/10/2005|13:15] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Lavasoft
[03/03/2004|17:26] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Lycos
[17/09/2005|11:02] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Macromedia
[30/09/2007|08:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Microsoft
[04/05/2007|09:22] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Mozilla
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\MSN6
[04/05/2007|09:22] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Real
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\SampleView
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Sonic
[31/07/2005|19:18] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Sun
[15/11/2005|13:55] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Symantec
[01/02/2004|01:35] C:\DOCUME~1\TITOU~1.NOM\APPLIC~1\Template

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/03/2009 23:00][--a------] C:\WINDOWS\tasks\At24.job
[16/03/2009 22:00][--a------] C:\WINDOWS\tasks\At23.job
[16/03/2009 21:00][--a------] C:\WINDOWS\tasks\At22.job
[16/03/2009 20:00][--a------] C:\WINDOWS\tasks\At21.job
[16/03/2009 19:00][--a------] C:\WINDOWS\tasks\At20.job
[16/03/2009 18:00][--a------] C:\WINDOWS\tasks\At19.job
[16/03/2009 17:00][--a------] C:\WINDOWS\tasks\At18.job
[17/03/2009 16:00][--a------] C:\WINDOWS\tasks\At17.job
[17/03/2009 15:00][--a------] C:\WINDOWS\tasks\At16.job
[17/03/2009 14:00][--a------] C:\WINDOWS\tasks\At15.job
[17/03/2009 13:00][--a------] C:\WINDOWS\tasks\At14.job
[17/03/2009 12:00][--a------] C:\WINDOWS\tasks\At13.job
[17/03/2009 11:00][--a------] C:\WINDOWS\tasks\At12.job
[16/03/2009 10:00][--a------] C:\WINDOWS\tasks\At11.job
[15/03/2009 09:00][--a------] C:\WINDOWS\tasks\At10.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At9.job
[17/03/2009 07:00][--a------] C:\WINDOWS\tasks\At8.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At7.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At6.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At4.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At5.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At3.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At2.job
[13/03/2009 16:16][--a------] C:\WINDOWS\tasks\At1.job
[17/03/2009 06:57][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[17/03/2009 15:28][--a------] C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[16/03/2009 15:00][--a------] C:\WINDOWS\tasks\Calendrier Microsoft Works.job
[03/08/2003 11:17][-rah-c---] C:\WINDOWS\tasks\desktop.ini
[17/03/2009 14:56][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[01/02/2004|11:20] C:\Program Files\A_Tablet
[26/10/2005|12:18] C:\Program Files\a2
[22/03/2008|20:51] C:\Program Files\ACE Mega CoDecS Pack
[26/10/2005|11:44] C:\Program Files\ActiveX Control Pad
[07/06/2007|10:22] C:\Program Files\Admiresoft
[02/10/2008|13:20] C:\Program Files\Adobe
[14/06/2005|14:59] C:\Program Files\Alcohol Soft
[03/10/2008|13:11] C:\Program Files\ArcSoft
[08/01/2009|22:45] C:\Program Files\AskBarDis
[01/02/2004|00:57] C:\Program Files\ATI Technologies
[08/11/2008|14:27] C:\Program Files\Audacity
[09/03/2008|14:17] C:\Program Files\AviSynth 2.5
[29/06/2007|18:46] C:\Program Files\AXEL
[04/09/2006|17:57] C:\Program Files\Boonty
[31/05/2007|22:08] C:\Program Files\CCleaner
[05/02/2009|11:53] C:\Program Files\Common files
[02/01/2003|11:19] C:\Program Files\ComPlus Applications
[01/02/2004|11:21] C:\Program Files\Corel
[02/10/2008|18:10] C:\Program Files\Cube Pics
[02/10/2008|17:22] C:\Program Files\DelThumbs
[24/05/2008|10:30] C:\Program Files\DEXXON
[29/06/2007|18:47] C:\Program Files\Dial-Messenger
[29/06/2007|18:46] C:\Program Files\Dictionnaire
[23/08/2007|10:21] C:\Program Files\DivX
[29/06/2007|18:46] C:\Program Files\Duo
[03/10/2008|13:07] C:\Program Files\DV BibliothŠque2
[02/10/2008|18:10] C:\Program Files\Easy Internet signup
[29/09/2008|16:52] C:\Program Files\EoRezo
[09/03/2008|14:16] C:\Program Files\eRightSoft
[31/03/2006|11:25] C:\Program Files\Fake Webcam
[15/02/2009|15:02] C:\Program Files\Fichiers communs
[01/02/2004|11:21] C:\Program Files\Free Notes & Office Ink
[02/10/2008|18:10] C:\Program Files\Free Offers from ScreenSaver.com
[22/07/2007|13:55] C:\Program Files\Gamenext
[05/03/2009|13:58] C:\Program Files\GamesBar
[08/01/2009|21:24] C:\Program Files\GetData
[28/07/2006|16:14] C:\Program Files\GIMP-2.0
[11/11/2008|10:09] C:\Program Files\Google
[01/02/2004|01:27] C:\Program Files\Hewlett-Packard
[05/03/2009|14:42] C:\Program Files\Hospital Hustle
[10/07/2008|14:00] C:\Program Files\Icone
[04/01/2009|19:38] C:\Program Files\InstallShield Installation Information
[02/01/2005|18:35] C:\Program Files\InterActual
[12/02/2009|00:41] C:\Program Files\Internet Explorer
[27/10/2005|17:03] C:\Program Files\InterVideo
[25/08/2008|11:44] C:\Program Files\Inventel
[23/09/2008|10:50] C:\Program Files\Java
[02/10/2008|18:10] C:\Program Files\Java Web Start
[06/06/2005|20:20] C:\Program Files\Kazaa
[22/03/2008|20:51] C:\Program Files\K-Lite Codec Pack
[28/10/2005|08:10] C:\Program Files\Lavasoft
[10/07/2008|14:00] C:\Program Files\LETMIN
[10/07/2008|08:49] C:\Program Files\listac
[02/10/2008|18:10] C:\Program Files\LiveUpdate
[11/08/2004|00:55] C:\Program Files\Ludiclub
[08/03/2004|18:35] C:\Program Files\Lycos
[20/08/2007|13:16] C:\Program Files\ma-config.com
[17/03/2009|13:03] C:\Program Files\Malwarebytes' Anti-Malware
[16/02/2006|19:38] C:\Program Files\MastaLine Software
[31/08/2006|12:13] C:\Program Files\Mes Jeux T‚l‚charg‚s
[02/10/2008|18:10] C:\Program Files\Messager Wanadoo
[02/10/2008|18:10] C:\Program Files\Messenger
[27/02/2009|21:38] C:\Program Files\Messenger Plus! Live
[31/03/2006|11:36] C:\Program Files\MessengerPlus! 3(2)
[23/09/2008|10:07] C:\Program Files\MessenPass
[11/03/2006|15:33] C:\Program Files\Micro Application
[02/01/2003|11:23] C:\Program Files\microsoft frontpage
[15/10/2006|17:55] C:\Program Files\Microsoft Games
[10/03/2009|20:21] C:\Program Files\Microsoft Office
[02/10/2008|18:10] C:\Program Files\Microsoft Picture It! PhotoPub
[16/11/2007|19:15] C:\Program Files\Microsoft SQL Server Compact Edition
[01/01/2003|11:33] C:\Program Files\Microsoft Visual Studio
[15/01/2009|15:17] C:\Program Files\Microsoft Works
[02/10/2008|18:10] C:\Program Files\Movie Maker
[09/05/2007|12:14] C:\Program Files\Mozilla Firefox
[10/03/2009|20:20] C:\Program Files\MSECache
[31/03/2006|11:35] C:\Program Files\MSN
[15/02/2005|19:45] C:\Program Files\MSN Apps
[02/01/2003|11:18] C:\Program Files\MSN Gaming Zone
[18/10/2008|14:45] C:\Program Files\MSN Messenger
[14/10/2006|19:37] C:\Program Files\MSXML 4.0
[17/03/2009|13:02] C:\Program Files\Navilog1
[26/08/2008|12:01] C:\Program Files\NetMeeting
[14/06/2005|14:24] C:\Program Files\NFO viewer
[07/08/2006|14:38] C:\Program Files\Nikon
[16/05/2005|18:28] C:\Program Files\Norton Password Manager
[02/10/2008|18:10] C:\Program Files\Norton Personal Firewall
[13/03/2009|23:37] C:\Program Files\Oberon Media
[19/12/2007|16:35] C:\Program Files\OpenOffice.org 2.3
[23/09/2008|10:40] C:\Program Files\OpenOffice.org 2.4
[13/07/2004|16:56] C:\Program Files\OPTENET
[13/06/2006|11:49] C:\Program Files\orange
[26/08/2008|12:01] C:\Program Files\Outlook Express
[08/01/2009|22:45] C:\Program Files\PC Camer@
[28/07/2006|16:19] C:\Program Files\Photobie
[02/10/2008|17:11] C:\Program Files\PhotoFiltre Studio
[02/10/2008|18:10] C:\Program Files\Phototool
[31/03/2006|11:25] C:\Program Files\PMsn Paraiso(2)
[15/02/2009|15:09] C:\Program Files\QuickTime
[29/04/2007|20:36] C:\Program Files\Radio Fr Solo
[29/07/2007|17:47] C:\Program Files\RADVideo
[05/10/2008|13:21] C:\Program Files\ReadIRIS
[28/01/2007|01:58] C:\Program Files\Real
[20/08/2007|13:21] C:\Program Files\Realtek AC97
[02/01/2003|12:24] C:\Program Files\RecordNow!
[27/12/2008|23:49] C:\Program Files\ReflexiveArcade
[31/03/2006|11:25] C:\Program Files\Reverse & Upper
[01/09/2006|10:49] C:\Program Files\Samsung
[05/03/2004|22:17] C:\Program Files\Securitoo
[02/01/2003|12:45] C:\Program Files\Services en ligne
[25/12/2005|00:29] C:\Program Files\SigmaTel
[28/07/2006|07:36] C:\Program Files\SM
[03/07/2006|15:53] C:\Program Files\sollab
[04/01/2009|19:43] C:\Program Files\Sony Ericsson
[31/03/2006|11:25] C:\Program Files\Spleak
[28/02/2007|15:26] C:\Program Files\Spybot - Search & Destroy
[21/09/2006|10:33] C:\Program Files\strCodec
[02/10/2008|13:30] C:\Program Files\Tap'Touche 5
[18/02/2006|18:16] C:\Program Files\TGTSoft
[15/11/2005|13:55] C:\Program Files\Thomson
[17/03/2009|10:25] C:\Program Files\Trend Micro
[01/02/2004|15:21] C:\Program Files\Ulead Systems
[02/01/2003|11:27] C:\Program Files\Uninstall Information
[07/05/2005|13:50] C:\Program Files\video
[05/05/2008|13:23] C:\Program Files\VideoLAN
[13/07/2004|16:56] C:\Program Files\videos_live
[09/03/2008|15:04] C:\Program Files\VirtualDub
[29/06/2007|17:18] C:\Program Files\Visicom Media
[23/11/2008|14:48] C:\Program Files\Wanadoo
[02/10/2008|18:10] C:\Program Files\Wanadoo Messager
[04/01/2009|21:24] C:\Program Files\Windows Live
[25/11/2007|13:07] C:\Program Files\Windows Live Safety Center
[23/01/2007|22:24] C:\Program Files\Windows Media Connect 2
[02/10/2008|18:10] C:\Program Files\Windows Media Player
[26/08/2008|12:01] C:\Program Files\Windows NT
[02/01/2003|11:18] C:\Program Files\WindowsUpdate
[23/09/2008|10:11] C:\Program Files\WinRAR
[02/01/2003|11:23] C:\Program Files\xerox
[01/11/2007|15:16] C:\Program Files\ZimTV

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/10/2008|13:19] C:\Program Files\Fichiers communs\Adobe
[15/02/2009|16:22] C:\Program Files\Fichiers communs\Apple
[31/08/2006|11:58] C:\Program Files\Fichiers communs\BOONTY Shared
[01/01/2003|11:33] C:\Program Files\Fichiers communs\Designer
[02/01/2003|12:35] C:\Program Files\Fichiers communs\InstallShield
[20/05/2005|21:52] C:\Program Files\Fichiers communs\Java
[10/06/2005|22:14] C:\Program Files\Fichiers communs\ltncdrch
[10/03/2009|20:21] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2003|11:20] C:\Program Files\Fichiers communs\MSSoap
[02/08/2006|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[22/04/2007|14:55] C:\Program Files\Fichiers communs\Nikon
[23/07/2005|19:33] C:\Program Files\Fichiers communs\NSV
[11/06/2008|19:19] C:\Program Files\Fichiers communs\Oberon Media
[02/01/2003|11:14] C:\Program Files\Fichiers communs\ODBC
[08/01/2009|22:45] C:\Program Files\Fichiers communs\PCCamera
[28/01/2007|01:59] C:\Program Files\Fichiers communs\Real
[16/01/2007|02:04] C:\Program Files\Fichiers communs\Sandlot Shared
[02/10/2008|18:10] C:\Program Files\Fichiers communs\Services
[02/01/2003|12:25] C:\Program Files\Fichiers communs\Sonic
[02/01/2003|11:14] C:\Program Files\Fichiers communs\SpeechEngines
[17/10/2008|12:10] C:\Program Files\Fichiers communs\Symantec Shared
[26/08/2008|12:01] C:\Program Files\Fichiers communs\System
[16/11/2007|19:09] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/01/2007|01:59] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 39 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-17 16:09:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5843

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job



[F:5][D:3]-> C:\DOCUME~1\Maellou\LOCALS~1\Temp
[F:51][D:0]-> C:\DOCUME~1\Maellou\Cookies
[F:2438][D:4]-> C:\DOCUME~1\Maellou\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 17/03/2009|15:56 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 17/03/2009|16:13 - Option : [2]

--------------------\\ Fin du rapport a 16:13:18
0
Réponse 12 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 16:42
Tu as plein de dossiers que je ne connais pas.

--> Télécharge DirLook sur ton Bureau.

--> Double-clique sur DirLook.exe pour lance l'outil.

--> Copie le texte ci-dessous :




C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg
C:\DOCUME~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform
C:\DOCUME~1\ALLUSE~1\APPLIC~1\foursectmemotrans
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\TmpRecentIcons
C:\Program Files\Fichiers communs\ltncdrch




--> Dans la petite fenêtre de DirLook, faire un clic droit dans la zone blanche et choisir Coller.
Note : les lignes sélectionnées précédemment doivent avoir été recopiées dans la zone blanche de DirLook.

--> Clique sur le bouton DirLook pour lancer la recherche.

Lorsque l'outil a terminé cette recherche, le Bloc-notes s'ouvre.
Note : Dans le Bloc-notes, vérifie dans le menu Format (en haut) que l'option "Retour automatique à la ligne" n'est pas cochée.

--> Enregistre le rapport sous le nom DirLook1.txt et ferme le Bloc-notes.

--> Ferme DirLook en cliquant sur le bouton Exit puis poste le rapport.
0
maellou85
17 mars 2009 à 16:56
DirLook.exe v2.0 by jpshortstuff
Log created at 16:53 on 17/03/2009
==================================[b]
Contents of "C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

[b]continentalcafe[/b] (Created on 05/03/2009 at 13:08) d-----

[b][color=blue]---FILES---[/b][/color]

(none found)

==================================[b]
Contents of "C:\DOCUME~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

(none found)

[b][color=blue]---FILES---[/b][/color]

[b]meet warn title[/b] (133256 bytes - created on 15/02/2006 at 08:21, modified on 17/02/2006 at 07:44) --ahsc
[b]stupid the site[/b] (99528 bytes - created on 15/02/2006 at 14:43, modified on 17/02/2006 at 07:50) --ahsc

==================================[b]
Contents of "C:\DOCUME~1\ALLUSE~1\APPLIC~1\foursectmemotrans"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

(none found)

[b][color=blue]---FILES---[/b][/color]

[b]1 obj axis[/b] (477704 bytes - created on 06/01/2006 at 23:01, modified on 31/03/2006 at 08:22) --ahsc
[b]extraproxyhelp[/b] (3552 bytes - created on 07/01/2006 at 08:36, modified on 29/03/2006 at 13:00) --ahsc
[b]kind mpeg license[/b] (2128 bytes - created on 19/03/2006 at 11:28, modified on 19/03/2006 at 11:28) --ahsc
[b]litemfcdcool[/b] (128624 bytes - created on 07/01/2006 at 02:01, modified on 30/03/2006 at 08:58) --ahsc

==================================[b]
Contents of "C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\TmpRecentIcons"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

(none found)

[b][color=blue]---FILES---[/b][/color]

[b]Acrobat Reader 5.0.lnk[/b] (888 bytes - created on 28/10/2005 at 10:30, modified on 10/02/2004 at 09:02) --a--c
[b]ArtDabbler.lnk[/b] (825 bytes - created on 28/10/2005 at 10:30, modified on 01/02/2004 at 15:37) --a--c
[b]CADIX Screen Saver Control.lnk[/b] (703 bytes - created on 28/10/2005 at 10:30, modified on 01/02/2004 at 10:51) --a--c
[b]Calculatrice.lnk[/b] (1518 bytes - created on 28/10/2005 at 10:30, modified on 29/12/2005 at 21:28) --a--c
[b]Click Me.lnk[/b] (1492 bytes - created on 28/10/2005 at 10:30, modified on 04/10/2005 at 20:22) --a--c
[b]Gif Movie Gear 4.lnk[/b] (871 bytes - created on 31/08/2006 at 10:40, modified on 31/08/2006 at 10:40) --a--c
[b]Launch Google Earth.lnk[/b] (2545 bytes - created on 16/10/2007 at 14:35, modified on 11/03/2008 at 13:42) --a--c
[b]Microsoft Word.lnk[/b] (2559 bytes - created on 28/10/2005 at 10:30, modified on 28/04/2008 at 15:09) --a--c
[b]Norton AntiVirus 2003.lnk[/b] (1899 bytes - created on 28/10/2005 at 10:30, modified on 04/03/2004 at 15:43) --a--c
[b]Norton Personal Firewall.lnk[/b] (1825 bytes - created on 28/10/2005 at 10:30, modified on 04/03/2004 at 15:43) --a--c
[b]Olicom.lnk[/b] (521 bytes - created on 28/10/2005 at 10:30, modified on 10/02/2004 at 09:00) --a--c
[b]Outlook Express.lnk[/b] (748 bytes - created on 27/02/2007 at 09:43, modified on 27/02/2007 at 09:43) --a--c
[b]Raccourci vers Outlook Express.lnk[/b] (2042 bytes - created on 24/11/2005 at 16:49, modified on 24/11/2005 at 16:49) --a--c
[b]Radio Fr Solo.lnk[/b] (752 bytes - created on 24/01/2007 at 17:43, modified on 26/01/2007 at 10:55) --a--c
[b]S'enregistrer auprès de Compaq.lnk[/b] (765 bytes - created on 28/10/2005 at 10:30, modified on 31/01/2004 at 23:55) --a--c
[b]Scanneur Hewlett-Packard OfficeJet G55 #6.lnk[/b] (506 bytes - created on 28/10/2005 at 10:30, modified on 26/02/2004 at 19:47) --a--c
[b]Spybot - Search & Destroy.lnk[/b] (953 bytes - created on 13/05/2007 at 09:12, modified on 13/05/2007 at 09:12) --a--c
[b]Tableur Microsoft Works.lnk[/b] (1589 bytes - created on 28/10/2005 at 10:30, modified on 01/02/2004 at 00:35) --a--c
[b]Ulead Photo Express 3.0 SE.lnk[/b] (1869 bytes - created on 28/10/2005 at 10:30, modified on 01/02/2004 at 14:22) --a--c

==================================[b]
Contents of "C:\Program Files\Fichiers communs\ltncdrch"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]

[b]lnclltlnrp[/b] (Created on 10/06/2005 at 21:14) d-----
[b]nnplallj[/b] (Created on 10/06/2005 at 21:12) d-----

[b][color=blue]---FILES---[/b][/color]

(none found)

==================================
[b][color=blue]=EOF=[/b][/color]
0
Réponse 13 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
17 mars 2009 à 16:59
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
0
maellou85
17 mars 2009 à 17:15
J'ai installé ComboFix mais quand je le lance il ouvre un invite de commande vide et rien ne se passe depuis... c'est normal ?
0
Réponse 14 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
18 mars 2009 à 22:28
Essaie en mode sans échec.
0
maellou85
19 mars 2009 à 10:21
ComboFix 09-03-15.01 - Maellou 2009-03-19 9:49:36.1 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.767.617 [GMT 1:00]
Lancé depuis: c:\documents and settings\Maellou\Bureau\ComboFix.exe
AV: AntiVirus Firewall 7.03 *On-access scanning disabled* (Updated)
FW: AntiVirus Firewall 7.03 *disabled*
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Maellou\Menu Démarrer\Programmes\PlayMP3z
c:\documents and settings\Thierry.NOM-Y6G795SKGF6\err.log
c:\program files\strcodec
c:\windows\alexaie.dll
c:\windows\alxie328.dll
c:\windows\alxtb1.dll
c:\windows\btgrab.dll
c:\windows\dlmax.dll
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe
c:\windows\pynix.dll
c:\windows\secure32.html
c:\windows\susp.exe
c:\windows\system\oeminfo.ini
c:\windows\system32\bridge.dll
c:\windows\system32\dailytoolbar.dll
c:\windows\system32\iAlmcoin.dll
c:\windows\system32\init32.exe
c:\windows\system32\jao.dll
c:\windows\system32\questmod.dll
c:\windows\system32\runsrv32.dll
c:\windows\system32\sirenacm(2).dll
c:\windows\system32\tcpservice2.exe
c:\windows\system32\thlwin32.dll
c:\windows\system32\txfdb32.dll
c:\windows\system32\udpmod.dll
c:\windows\system32\wstart.dll
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_NNSERV
-------\Service_Boonty Games
-------\Service_NNServ


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-19 au 2009-03-19 ))))))))))))))))))))))))))))))))))))
.

2009-03-17 15:42 . 2009-03-17 16:13 <REP> d----c--- C:\Lop SD
2009-03-17 13:03 . 2009-03-17 13:03 <REP> d-------- c:\documents and settings\Maellou\Application Data\Malwarebytes
2009-03-17 13:02 . 2009-03-17 13:03 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-17 13:02 . 2009-03-17 13:02 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-17 13:02 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-17 13:02 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-17 12:12 . 2008-06-05 18:18 5,737 --a------ c:\windows\system32\gnc.exe
2009-03-17 11:08 . 2009-03-17 13:02 <REP> d-------- c:\program files\Navilog1
2009-03-17 10:53 . 2009-03-17 10:53 <REP> d----c--- C:\rsit
2009-03-17 10:25 . 2009-03-17 10:25 <REP> d-------- c:\program files\Trend Micro
2009-03-17 10:20 . 2009-03-17 10:20 72,192 --a------ c:\windows\system32\tasklist.exe
2009-03-16 17:00 . 2009-03-16 17:00 0 --a--c--- C:\infect.htm
2009-03-16 17:00 . 2009-03-16 17:00 0 --a--c--- C:\error.htm
2009-03-13 16:16 . 2009-03-13 16:16 26,624 --------- c:\windows\system32\svchostw.0xe
2009-03-10 20:20 . 2009-03-10 20:20 <REP> d-------- c:\program files\MSECache
2009-03-05 14:28 . 2009-03-05 14:28 <REP> d-------- c:\documents and settings\Maellou\Application Data\GameInvest
2009-03-05 14:23 . 2009-03-05 14:42 <REP> d-------- c:\program files\Hospital Hustle
2009-03-05 14:08 . 2009-03-05 14:08 <REP> d-------- c:\documents and settings\Maellou\Application Data\blg
2009-03-05 14:08 . 2009-03-05 14:08 <REP> d-------- c:\documents and settings\All Users\Application Data\blg
2009-02-26 12:34 . 2009-02-26 12:34 552 --a------ c:\windows\system32\d3d8caps.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-19 09:13 --------- d-----w c:\documents and settings\Maellou\Application Data\OpenOffice.org2
2009-03-17 13:42 --------- d-----w c:\documents and settings\Maellou\Application Data\EoRezo
2009-03-15 13:20 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-13 23:14 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-13 22:40 --------- d-----w c:\documents and settings\Maellou\Application Data\Oberon Games
2009-03-13 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Oberon Games
2009-03-13 22:37 --------- d-----w c:\program files\Oberon Media
2009-03-13 17:23 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\EoRezo
2009-03-13 16:50 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\OpenOffice.org2
2009-03-13 15:41 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-27 20:38 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-26 10:49 --------- d-----w c:\documents and settings\Maellou\Application Data\LimeWire
2009-02-25 13:19 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\Apple Computer
2009-02-23 22:05 --------- d-----w c:\documents and settings\Maellou\Application Data\Apple Computer
2009-02-18 22:41 121,896 -c--a-w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\GDIPFONTCACHEV1.DAT
2009-02-15 15:22 --------- d-----w c:\program files\Fichiers communs\Apple
2009-02-15 14:09 --------- d-----w c:\program files\QuickTime
2009-02-15 14:06 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-02-15 14:02 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-02-13 21:52 121,896 -c--a-w c:\documents and settings\Maellou\Application Data\GDIPFONTCACHEV1.DAT
2009-02-05 10:53 --------- d-----w c:\program files\Common files
2007-11-05 16:52 20 -c-h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2007-01-03 10:07 34,360 -c--a-w c:\documents and settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2006-04-17 08:51 4,752,968 -c--a-w c:\program files\MsgPlus-363.exe
2005-04-22 19:24 52,616 -c--a-w c:\documents and settings\Thierry\Application Data\GDIPFONTCACHEV1.DAT
2004-02-21 14:22 51,840 -c--a-w c:\documents and settings\titou.NOM-Y6G795SKGF6\Application Data\GDIPFONTCACHEV1.DAT
2004-02-01 09:05 32 -csha-w c:\windows\{59B69B06-D9AD-40C6-B7DB-A453401F13F3}.dat
2008-08-26 11:39 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082620080827\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-28 185896]

c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]
WkCalRem.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2002-06-26 24651]

c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Menu D‚marrer\Programmes\D‚marrage\Radio Fr Solo 2.1
Aide Enregistrement Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Aide_Enregistrement_Radio_Fr_Solo.html [2003-09-29 203]
Aide Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Aide_Radio_Fr_Solo.html [2004-10-02 185]
Aide Realisation de_Skins.lnk - c:\program files\Radio Fr Solo\Aide_Realisation_de_Skins.html [2005-11-29 205]
Lisezmoi.lnk - c:\program files\Radio Fr Solo\Lisezmoi.txt [2006-05-08 8955]
Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Radio_Fr_Solo.exe [2006-05-08 262144]

c:\documents and settings\Administrateur.SILICIUM.001\Menu D‚marrer\Programmes\D‚marrage\
mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-07 27136]

c:\documents and settings\Maellou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Album Fast Start.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Album Fast Start.lnk
backup=c:\windows\pss\Album Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkbMonitor.exe.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Maellou^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\Maellou\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2009-02-06 16:27 177472 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 03:34 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orange Desktop Search]
--a------ 2006-06-09 22:29 4937512 c:\documents and settings\Propriétaire\Bureau\Orange Desktop Search\OrangeDesktopSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-30 19:32 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-01-28 01:58 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
--a------ 2003-05-03 06:19 835654 c:\windows\system32\nview.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"STI Simulator"=2 (0x2)
"SNDSrvc"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"NNServ"=2 (0x2)
"MDM"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14504:TCP"= 14504:TCP:NortonAV

R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-17 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\av_fw\HIPS\fshs.sys [2008-10-17 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\av_fw\Anti-Virus\minifilter\fsgk.sys [2008-10-17 62048]
S2 QJXRZLBB;QJXRZLBB;\??\c:\windows\System32\qjxrzlbb.vry --> c:\windows\System32\qjxrzlbb.vry [?]
S3 krdpdre;krdpdre;\??\c:\docume~1\Maellou\LOCALS~1\Temp\krdpdre.sys --> c:\docume~1\Maellou\LOCALS~1\Temp\krdpdre.sys [?]
S3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [2005-02-24 162176]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\av_fw\Anti-Virus\win2k\fsfilter.sys [2008-10-17 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\av_fw\Anti-Virus\win2k\fsrec.sys [2008-10-17 25184]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eed11b7e-e48c-11dd-9997-000ea6177085}]
\Shell\AutoRun\command - w98.com
\Shell\open\Command - w98.com
.
Contenu du dossier 'Tâches planifiées'

2009-03-13 c:\windows\Tasks\At1.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-15 c:\windows\Tasks\At10.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At11.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At12.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At13.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At14.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At15.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At16.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At17.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At18.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At19.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At2.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At20.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At21.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At22.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At23.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At24.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At3.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At4.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At5.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At6.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At7.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-17 c:\windows\Tasks\At8.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At9.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-16 c:\windows\Tasks\Calendrier Microsoft Works.job
- c:\progra~1\FICHIE~1\MICROS~1\WORKSS~1\wkscal.exe [2002-07-11 16:32]

2009-03-18 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []

2009-03-19 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKU-Default-Run-Cognac - c:\windows\TEMP\197.tmp.exe
SSODL-wetkadmr-{4B92A0F8-31A4-44D3-AB5B-462AE98F9BE0} - c:\windows\wetkadmr.dll
SSODL-tdomgafw-{53BCDF59-7BB5-497F-8C18-0C875DAE122F} - c:\windows\tdomgafw.dll
MSConfigStartUp-MessengerPlus3 - c:\program files\MessengerPlus! 3\MsgPlus.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe


.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.orange.fr/
uInternet Connection Wizard,ShellNext = iexplore
LSP: c:\program files\Securitoo\Av_Fw\FSPS\program\FSLSP.DLL
DPF: RaptisoftGameLoader - hxxp://miniclip.com/hamsterball/raptisoftgameloader.cab
DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} - file:///C:/Documents%20and%20Settings/Maellou/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://orange.securitoo.com/pchc/fscax.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game06.zylom.com/activex/zylomgamesplayer.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://jeuxenligne.orange.fr/GameShell/online/fr/Diner_Dash/DinerDash.1.0.0.4.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-19 10:13:12
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QJXRZLBB]
"ImagePath"="\??\c:\windows\System32\qjxrzlbb.vry"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll

- - - - - - - > 'lsass.exe'(736)
c:\program files\Securitoo\Av_Fw\FSPS\program\FSLSP.DLL
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll

- - - - - - - > 'csrss.exe'(652)
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
c:\program files\Securitoo\av_fw\Common\FSMA32.EXE
c:\program files\Securitoo\av_fw\Anti-Virus\fsgk32.exe
c:\program files\Securitoo\av_fw\Common\FSMB32.EXE
c:\program files\Securitoo\av_fw\Common\FCH32.EXE
c:\program files\Securitoo\av_fw\Anti-Virus\fssm32.exe
c:\program files\Securitoo\av_fw\Common\FAMEH32.EXE
c:\program files\Securitoo\av_fw\Anti-Virus\fsqh.exe
c:\program files\Securitoo\av_fw\FSAUA\program\fsaua.exe
c:\program files\Securitoo\av_fw\FWES\program\fsdfwd.exe
c:\program files\Securitoo\av_fw\FSAUA\program\fsus.exe
c:\progra~1\SECURI~1\av_fw\ANTI-V~1\fsav32.exe
c:\windows\system32\wscntfy.exe
c:\program files\OpenOffice.org 2.4\program\soffice.exe
c:\progra~1\SECURI~1\av_fw\FSGUI\fsguidll.exe
c:\program files\OpenOffice.org 2.4\program\soffice.bin
.
**************************************************************************
.
Heure de fin: 2009-03-19 10:17:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-19 09:17:30

Avant-CF: 15 793 881 088 octets libres
Après-CF: 16,178,561,024 octets libres

595 --- E O F --- 2009-03-17 06:21:31
0
Réponse 15 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
19 mars 2009 à 13:24
/!\ Seul maellou85 peut suivre cette procédure. /!\


1/

---> Ouvre le Bloc-notes.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :






KillAll::

Driver::
QJXRZLBB
krdpdre

File::
c:\windows\Tasks\At??.job
c:\windows\system32\gnc.exe
c:\windows\system32\svchostw.0xe
C:\infect.htm
C:\error.htm
c:\windows\system32\svchostw.0xe
c:\windows\System32\qjxrzlbb.vry
c:\docume~1\Maellou\LOCALS~1\Temp\krdpdre.sys

Folder::
C:\DOCUME~1\ALLUSE~1\APPLIC~1\foursectmemotrans
C:\DOCUME~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eed11b7e-e48c-11dd-9997-000ea6177085)]






--> Colle la sélection dans le Bloc-notes.

--> Enregistre ce fichier sur le Bureau (Impératif).

--> Nom du fichier : CFScript
--> Type du fichier : tous les fichiers
--> Clique sur Enregistrer.
--> Quitte le Bloc-notes.


2/

--> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif

--> Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

--> Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

--> Une fois le scan achevé, un rapport va s'afficher : poste-le.

--> Si le fichier ne s'ouvre pas, il se trouve ici C:\Combofix.txt
0
maellou85
19 mars 2009 à 15:04
ComboFix 09-03-15.01 - Maellou 2009-03-19 14:43:51.2 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.767.610 [GMT 1:00]
Lancé depuis: c:\documents and settings\Maellou\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Maellou\Bureau\CFScript.txt
AV: AntiVirus Firewall 7.03 *On-access scanning disabled* (Updated)
FW: AntiVirus Firewall 7.03 *disabled*

FILE ::
c:\docume~1\Maellou\LOCALS~1\Temp\krdpdre.sys
C:\error.htm
C:\infect.htm
c:\windows\system32\gnc.exe
c:\windows\System32\qjxrzlbb.vry
c:\windows\system32\svchostw.0xe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform
c:\docume~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform\meet warn title
c:\docume~1\ALLUSE~1\APPLIC~1\FindMediaAcePlatform\stupid the site
c:\docume~1\ALLUSE~1\APPLIC~1\foursectmemotrans
c:\docume~1\ALLUSE~1\APPLIC~1\foursectmemotrans\1 obj axis
c:\docume~1\ALLUSE~1\APPLIC~1\foursectmemotrans\extraproxyhelp
c:\docume~1\ALLUSE~1\APPLIC~1\foursectmemotrans\kind mpeg license
c:\docume~1\ALLUSE~1\APPLIC~1\foursectmemotrans\litemfcdcool
C:\error.htm
C:\infect.htm
c:\windows\system32\gnc.exe
c:\windows\system32\svchostw.0xe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_KRDPDRE
-------\Legacy_QJXRZLBB
-------\Service_krdpdre
-------\Service_QJXRZLBB


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-19 au 2009-03-19 ))))))))))))))))))))))))))))))))))))
.

2009-03-17 15:42 . 2009-03-17 16:13 <REP> d----c--- C:\Lop SD
2009-03-17 13:03 . 2009-03-17 13:03 <REP> d-------- c:\documents and settings\Maellou\Application Data\Malwarebytes
2009-03-17 13:02 . 2009-03-17 13:03 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-17 13:02 . 2009-03-17 13:02 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-17 13:02 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-17 13:02 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-17 11:08 . 2009-03-17 13:02 <REP> d-------- c:\program files\Navilog1
2009-03-17 10:53 . 2009-03-17 10:53 <REP> d----c--- C:\rsit
2009-03-17 10:25 . 2009-03-17 10:25 <REP> d-------- c:\program files\Trend Micro
2009-03-17 10:20 . 2009-03-17 10:20 72,192 --a------ c:\windows\system32\tasklist.exe
2009-03-10 20:20 . 2009-03-10 20:20 <REP> d-------- c:\program files\MSECache
2009-03-05 14:28 . 2009-03-05 14:28 <REP> d-------- c:\documents and settings\Maellou\Application Data\GameInvest
2009-03-05 14:23 . 2009-03-05 14:42 <REP> d-------- c:\program files\Hospital Hustle
2009-03-05 14:08 . 2009-03-05 14:08 <REP> d-------- c:\documents and settings\Maellou\Application Data\blg
2009-03-05 14:08 . 2009-03-05 14:08 <REP> d-------- c:\documents and settings\All Users\Application Data\blg
2009-02-26 12:34 . 2009-02-26 12:34 552 --a------ c:\windows\system32\d3d8caps.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-19 13:52 --------- d-----w c:\documents and settings\Maellou\Application Data\OpenOffice.org2
2009-03-17 13:42 --------- d-----w c:\documents and settings\Maellou\Application Data\EoRezo
2009-03-15 13:20 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-13 23:14 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-13 22:40 --------- d-----w c:\documents and settings\Maellou\Application Data\Oberon Games
2009-03-13 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Oberon Games
2009-03-13 22:37 --------- d-----w c:\program files\Oberon Media
2009-03-13 17:23 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\EoRezo
2009-03-13 16:50 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\OpenOffice.org2
2009-03-13 15:41 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-27 20:38 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-26 10:49 --------- d-----w c:\documents and settings\Maellou\Application Data\LimeWire
2009-02-25 13:19 --------- d-----w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\Apple Computer
2009-02-23 22:05 --------- d-----w c:\documents and settings\Maellou\Application Data\Apple Computer
2009-02-18 22:41 121,896 -c--a-w c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Application Data\GDIPFONTCACHEV1.DAT
2009-02-15 15:22 --------- d-----w c:\program files\Fichiers communs\Apple
2009-02-15 14:09 --------- d-----w c:\program files\QuickTime
2009-02-15 14:06 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-02-15 14:02 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-02-13 21:52 121,896 -c--a-w c:\documents and settings\Maellou\Application Data\GDIPFONTCACHEV1.DAT
2009-02-05 10:53 --------- d-----w c:\program files\Common files
2007-11-05 16:52 20 -c-h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2007-01-03 10:07 34,360 -c--a-w c:\documents and settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2006-04-17 08:51 4,752,968 -c--a-w c:\program files\MsgPlus-363.exe
2005-04-22 19:24 52,616 -c--a-w c:\documents and settings\Thierry\Application Data\GDIPFONTCACHEV1.DAT
2004-02-21 14:22 51,840 -c--a-w c:\documents and settings\titou.NOM-Y6G795SKGF6\Application Data\GDIPFONTCACHEV1.DAT
2004-02-01 09:05 32 -csha-w c:\windows\{59B69B06-D9AD-40C6-B7DB-A453401F13F3}.dat
2008-08-26 11:39 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008082620080827\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-28 185896]

c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]
WkCalRem.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2002-06-26 24651]

c:\documents and settings\Thierry.NOM-Y6G795SKGF6\Menu D‚marrer\Programmes\D‚marrage\Radio Fr Solo 2.1
Aide Enregistrement Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Aide_Enregistrement_Radio_Fr_Solo.html [2003-09-29 203]
Aide Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Aide_Radio_Fr_Solo.html [2004-10-02 185]
Aide Realisation de_Skins.lnk - c:\program files\Radio Fr Solo\Aide_Realisation_de_Skins.html [2005-11-29 205]
Lisezmoi.lnk - c:\program files\Radio Fr Solo\Lisezmoi.txt [2006-05-08 8955]
Radio Fr Solo.lnk - c:\program files\Radio Fr Solo\Radio_Fr_Solo.exe [2006-05-08 262144]

c:\documents and settings\Administrateur.SILICIUM.001\Menu D‚marrer\Programmes\D‚marrage\
mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-07 27136]

c:\documents and settings\Maellou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Album Fast Start.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Album Fast Start.lnk
backup=c:\windows\pss\Album Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkbMonitor.exe.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Maellou^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\Maellou\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2009-02-06 16:27 177472 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 03:34 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orange Desktop Search]
--a------ 2006-06-09 22:29 4937512 c:\documents and settings\Propriétaire\Bureau\Orange Desktop Search\OrangeDesktopSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-30 19:32 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-01-28 01:58 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
--a------ 2003-05-03 06:19 835654 c:\windows\system32\nview.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"STI Simulator"=2 (0x2)
"SNDSrvc"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NVSvc"=2 (0x2)
"NNServ"=2 (0x2)
"MDM"=2 (0x2)
"gusvc"=2 (0x2)
"Boonty Games"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14504:TCP"= 14504:TCP:NortonAV

R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-17 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\av_fw\HIPS\fshs.sys [2008-10-17 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\av_fw\Anti-Virus\minifilter\fsgk.sys [2008-10-17 62048]
S3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [2005-02-24 162176]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\av_fw\Anti-Virus\win2k\fsfilter.sys [2008-10-17 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\av_fw\Anti-Virus\win2k\fsrec.sys [2008-10-17 25184]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eed11b7e-e48c-11dd-9997-000ea6177085}]
\Shell\AutoRun\command - w98.com
\Shell\open\Command - w98.com
.
Contenu du dossier 'Tâches planifiées'

2009-03-13 c:\windows\Tasks\At1.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-15 c:\windows\Tasks\At10.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At11.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-19 c:\windows\Tasks\At12.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-19 c:\windows\Tasks\At13.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-19 c:\windows\Tasks\At14.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-19 c:\windows\Tasks\At15.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At16.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At17.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At18.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At19.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At2.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At20.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At21.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At22.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-18 c:\windows\Tasks\At23.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At24.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At3.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At4.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At5.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At6.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At7.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-17 c:\windows\Tasks\At8.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-13 c:\windows\Tasks\At9.job
- c:\windows\system32\nK75e2JT.exe []

2009-03-16 c:\windows\Tasks\Calendrier Microsoft Works.job
- c:\progra~1\FICHIE~1\MICROS~1\WORKSS~1\wkscal.exe [2002-07-11 16:32]

2009-03-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE []

2009-03-19 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.orange.fr/
uInternet Connection Wizard,ShellNext = iexplore
LSP: c:\program files\Securitoo\Av_Fw\FSPS\program\FSLSP.DLL
DPF: RaptisoftGameLoader - hxxp://miniclip.com/hamsterball/raptisoftgameloader.cab
DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} - file:///C:/Documents%20and%20Settings/Maellou/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://orange.securitoo.com/pchc/fscax.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game06.zylom.com/activex/zylomgamesplayer.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://jeuxenligne.orange.fr/GameShell/online/fr/Diner_Dash/DinerDash.1.0.0.4.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-19 14:52:02
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll

- - - - - - - > 'lsass.exe'(732)
c:\program files\Securitoo\Av_Fw\FSPS\program\FSLSP.DLL
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll

- - - - - - - > 'csrss.exe'(652)
c:\program files\Securitoo\Av_Fw\FWES\Program\fsdc.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
c:\program files\Securitoo\av_fw\Common\FSMA32.EXE
c:\program files\Securitoo\av_fw\Anti-Virus\fsgk32.exe
c:\program files\Securitoo\av_fw\Common\FSMB32.EXE
c:\program files\Securitoo\av_fw\Common\FCH32.EXE
c:\program files\Securitoo\av_fw\Common\FAMEH32.EXE
c:\program files\Securitoo\av_fw\Anti-Virus\fsqh.exe
c:\program files\Securitoo\av_fw\FSAUA\program\fsaua.exe
c:\program files\Securitoo\av_fw\Anti-Virus\fssm32.exe
c:\program files\Securitoo\av_fw\FWES\program\fsdfwd.exe
c:\program files\Securitoo\av_fw\FSAUA\program\fsus.exe
c:\progra~1\SECURI~1\av_fw\ANTI-V~1\fsav32.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\SECURI~1\av_fw\Common\FSM32.EXE
c:\progra~1\SECURI~1\av_fw\FSGUI\fsguidll.exe
c:\program files\OpenOffice.org 2.4\program\soffice.exe
c:\program files\OpenOffice.org 2.4\program\soffice.bin
c:\program files\Microsoft Office\Office10\WINWORD.EXE
c:\program files\Adobe\Reader 9.0\Reader\AcroRd32.exe
c:\program files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
.
**************************************************************************
.
Heure de fin: 2009-03-19 14:59:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-19 13:59:23
ComboFix2.txt 2009-03-19 09:17:42

Avant-CF: 17 360 777 216 octets libres
Après-CF: 16,590,000,128 octets libres

293 --- E O F --- 2009-03-17 06:21:31
0
Réponse 16 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
19 mars 2009 à 16:04
---> Menu Démarrer > Exécuter > Tape combofix /u et valide.

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\WINDOWS\Tasks\At??.job

:commands
[purity]
[emptytemp]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
maellou85
19 mars 2009 à 16:20
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At10.job moved successfully.
C:\WINDOWS\Tasks\At11.job moved successfully.
C:\WINDOWS\Tasks\At12.job moved successfully.
C:\WINDOWS\Tasks\At13.job moved successfully.
C:\WINDOWS\Tasks\At14.job moved successfully.
C:\WINDOWS\Tasks\At15.job moved successfully.
C:\WINDOWS\Tasks\At16.job moved successfully.
C:\WINDOWS\Tasks\At17.job moved successfully.
C:\WINDOWS\Tasks\At18.job moved successfully.
C:\WINDOWS\Tasks\At19.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At20.job moved successfully.
C:\WINDOWS\Tasks\At21.job moved successfully.
C:\WINDOWS\Tasks\At22.job moved successfully.
C:\WINDOWS\Tasks\At23.job moved successfully.
C:\WINDOWS\Tasks\At24.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
C:\WINDOWS\Tasks\At5.job moved successfully.
C:\WINDOWS\Tasks\At6.job moved successfully.
C:\WINDOWS\Tasks\At7.job moved successfully.
C:\WINDOWS\Tasks\At8.job moved successfully.
C:\WINDOWS\Tasks\At9.job moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Maellou\LOCALS~1\Temp\CF26551.exe scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\nvcbin.def.76167175.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03192009_161413

Files moved on Reboot...
C:\DOCUME~1\Maellou\LOCALS~1\Temp\CF26551.exe moved successfully.
File move failed. C:\WINDOWS\temp\nvcbin.def.761671
0
Réponse 17 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
19 mars 2009 à 16:24
---> Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt).
0
Réponse 18 / 39
maellou85
19 mars 2009 à 16:33
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.03 7.03 (Not Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:17 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 19/03/2009|16:29 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\Cache\022D2AA4
C:\Program Files\AskBarDis\bar\Cache\022D3090
C:\Program Files\AskBarDis\bar\Cache\022D35FF.bin
C:\Program Files\AskBarDis\bar\Cache\022D3C96.bin
C:\Program Files\AskBarDis\bar\Cache\022D3EA9.bin
C:\Program Files\AskBarDis\bar\Cache\022D4495.bin
C:\Program Files\AskBarDis\bar\Cache\022D4793.bin
C:\Program Files\AskBarDis\bar\Cache\022D4A61.bin
C:\Program Files\AskBarDis\bar\Cache\022D4D5F.bin
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\KaZaA
C:\Program Files\KaZaA\BGP2P
C:\Program Files\KaZaA\Db
C:\Program Files\KaZaA\My Shared Folder
C:\Program Files\KaZaA\BGP2P\plugins.htm
C:\Program Files\KaZaA\BGP2P\versions.dat
C:\Program Files\KaZaA\Db\ctx4-050603.cab
C:\Program Files\KaZaA\Db\data1024.dbb
C:\Program Files\KaZaA\Db\data256.dbb
C:\Program Files\KaZaA\Db\k7tqkgkk_tssv125.dat
C:\Program Files\KaZaA\Db\np.tmp
C:\Program Files\KaZaA\Db\ova4-050603.cab
C:\Program Files\KaZaA\Db\tsi4-050523a.cab
C:\Program Files\KaZaA\Db\tss4.cab
C:\Program Files\KaZaA\My Shared Folder\Kéry James - Les freres ne savent pas.mp3
C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports
C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports\cs
C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports\shprrprt.log
C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports\cs\persist.dbs
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hororank.xml
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt206015
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt29969453
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\Yahoo.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_taurus.bmp20944343
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt14625828
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt15065531
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt15934984
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt1773390
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt2913734
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt293843
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt3184296
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt39607781
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt41277046
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt41688000
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt42985406
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt5014531
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6075500
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6129890
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6186046
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6487140
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\Yahoo.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\zoom.bmp

-----------\\ Extensions

(Maellou) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 19/03/2009|16:32 - Option : [1]

-----------\\ Fin du rapport a 16:32:46,96
0
Réponse 19 / 39
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 292
19 mars 2009 à 16:34
---> Relance ToolBar S&D, fais l'option 2 et poste le rapport.
0
Réponse 20 / 39
maellou85
19 mars 2009 à 16:43
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2500+ )
BIOS : BIOS Date: 10/15/03 17:00:28 Ver: 08.00.08
USER : Maellou ( Administrator )
BOOT : Normal boot
Antivirus : AntiVirus Firewall 7.03 7.03 (Not Activated)
Firewall : AntiVirus Firewall 7.03 7.03 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:17 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 19/03/2009|16:39 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\KaZaA\BGP2P
Supprime! - C:\Program Files\KaZaA\Db
Supprime! - C:\Program Files\KaZaA\My Shared Folder
Supprime! - C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports\cs
Supprime! - C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports\shprrprt.log
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\hororank.xml
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt206015
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sinfo.txt29969453
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\Yahoo.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_taurus.bmp20944343
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt14625828
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt15065531
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt15934984
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt1773390
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt2913734
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt293843
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt3184296
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt39607781
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt41277046
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt41688000
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt42985406
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt5014531
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6075500
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6129890
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6186046
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sinfo.txt6487140
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\Yahoo.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\KaZaA
Supprime! - C:\DOCUME~1\Thierry\APPLIC~1\ShopperReports
Supprime! - C:\DOCUME~1\Maellou\APPLIC~1\VMNToolbar
Supprime! - C:\DOCUME~1\THIERR~1.NOM\APPLIC~1\VMNToolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Maellou) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="https://www.orange.fr/portail"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 19/03/2009|16:32 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 19/03/2009|16:41 - Option : [2]

-----------\\ Fin du rapport a 16:41:05,82
0