Accumulation de virus ? :s

Bonjour tout l monde

Voilà depuis peu...j'ai beaucoup de problème avec mon ordinateur et je suis presque sûr d'être infecté par un/des virus..

Déjà, oui, désol, j'ai désinstallé mon antivirus car mob PC n'est pas très puissant et il occupait toute la mémoire, pendant 2 jours..
Lorsque je veux le lancer, il ne répond pas, il ne se lance pas.
Je le désinstalle, je télécharge antivir ( pas le même ) et j'essaye de l'installer..
Lors de l'installation, la fenêtre se ferme toute seule, idem pour AVG/avast et tous les logiiels de sécurité.
De plus je n'ai plus accès a la modification du registre et au gestonnaire des tâches ( alors qu'ils ont été desactivés par admin, je suis admin, lorsque je les active, ils se désactivent ).

Donc, pour être Bref j'ai deux principaux problèmes :
- Gestionnaire des tâches et Modification du registre désactivés.
- Aucune possibilité d'insaller d'antivirus, pour scanner et détruire

J'ai un autre petit problème certainement insignifiant :
J'ai plusieurs problèmes sur certains logiciels disant : Error : Floating support not loaded..
et le programme se ferme.

Merci d'avance pour vos réponses ^^

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Salut,

On va regarder ça :

Télécharge HijackThis v2.0.2 sur ton Bureau.
Double-clique sur HJTInstall afin de lancer l'installation.
Clique sur Install ensuite sur I Accept.
Clique sur Do a system scan and save a logfile.
Le Bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.

Répondre à Destrio5

Bonsoir,

Poste pour suivre.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Merci tout d'abord de vous intéresser a mon cas.

Voilà le logfile :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45:14, on 03/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\alaplaya\launcher\AlaplayaLauncher.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\nour\LOCALS~1\Temp\winvnmue.exe
C:\DOCUME~1\nour\LOCALS~1\Temp\winqgbvaq.exe
C:\DOCUME~1\nour\LOCALS~1\Temp\windnnhgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/i [...] .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trinity-ro.com/forums/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe "C:\DOCUME~1\nour\LOCALS~1\Temp\wineuje.exe"
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: mysidesearch search enhancer - {B5DE974D-DC8D-F8B3-052B-C4EC15A5776E} - C:\WINDOWS\system32\kfzgqmbmonflcl.dll
O2 - BHO: dcads - {db8ba7b4-4b66-41f8-5722-e5d875944fd8} - C:\WINDOWS\system32\nsc1C5.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Startup: Alaplaya Launcher.lnk = C:\Program Files\alaplaya\launcher\AlaplayaLauncher.exe
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Shogi\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .wma: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab3.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Contrôleur de DownloadManager) - http://dlmanager.akamaitools.com.e [...] .0.6.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/member/ [...] /setup.exe
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - http://gamedownload.ijjimax.com/ga [...] n11USA.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.3suissesphotos.fr/Compo [...] oader3.cab
O16 - DPF: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5} (MCLPhoto_Upload.PhotoUpload) - http://auchan.fujifilmnet.com/MCLPhoto.CAB
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/ [...] DP-1.1.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www [...] module.exe
O18 - Protocol: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\system32\alading.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 13738 bytes

Répondre à Shogi

Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.
Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en Mode sans échec.

Pour redémarrer en mode sans échec :

Redémarre ton PC.
Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
Dans le menu d'options avancées, choisis Mode sans échec.
Choisis ta session.

Déroule la liste des instructions ci-dessous :

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

Répondre à Destrio5

Bonjour,

Lorsque je démarre windows en mode sans ehec, un écran bleu apparaît avec le message suivant :

Un problème a été détecté et Windows a été arrêté pour prévenir tout dommage sur votre ordinateur

Merci d'avance.

Répondre à Shogi

Ok, essaie de réparer le mode sans échec avec ceci :
http://download.bleepingcomputer.c [...] Repair.exe

Répondre à Destrio5

C'est normal que ça prenne autant de temps ? ;x

Edit : c'est terminé, je réessaye

Message édité par Shogi le 03-12-2008 à 14:44:52

Répondre à Shogi

Ca n'a pas marché...
J'étais en mode sans echec j'ai lancé SDfix j'ai mis Y, puis entrée

Et j'ai pu apercevoir plusieurs lignes disant :
.... ( je n'ai pas pu voir la fenetre s'est fermée très vite ) est introuvable

Message édité par Shogi le 03-12-2008 à 14:59:10

Répondre à Shogi

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen complet.
Clique sur Rechercher.
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Répondre à Destrio5

Déjà 47 malwares !

Répondre à Shogi

3h et toujours pas fini
Je vous transmettrai surement le résultat vers 21h

J'en suis à 70 malwares et 400 000 fichiers, c'est bientôt fini apparemment

Répondre à Shogi

Ok bien

Répondre à Destrio5

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1454
Windows 5.1.2600 Service Pack 2

03/12/2008 21:46:27
mbam-log-2008-12-03 (21-46-27).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 592118
Temps écoulé: 4 hour(s), 15 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 30
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 37

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{43fc67b6-4c25-4afd-ae7a-9ef3e4587026} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4ad44d3e-7316-4251-b754-9b10ec96af92} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fc3c36d-7635-4d43-ba62-0d9d2f2cd06e} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79f562e5-768c-4494-8e6c-824ada4a9c2c} (Adware.SuperiorAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (regedit.exe %1) Good: (regedit.exe "%1" ) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mbxtxmbp_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mbxtxmbp_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mbxtxmbp.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mbxtxmbp.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\dgghxoa_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\dgghxoa_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\dgghxoa.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\dgghxoa.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\mmagmiq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\mmagmiq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\mmagmiq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Application Data\mmagmiq.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\CenterLock\CenterLock.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nsh13F.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdsslog.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssmain.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssserf.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssserf1.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcmgcd32.dll (Virus.Sality) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winresponse32.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\YGWUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS4a19.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS5758.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS63db.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS680b.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS88f7.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS92ab.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSa170.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSbbbf.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\s324 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\nour\Local Settings\Temp\s7g (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shogi\Local Settings\Temp\ugtvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Répondre à Shogi

Tu avais le rootkit TDSSServ, c'est lui qui bloquait SDFix.

Tente la manip' SDFix maintenant

Répondre à Destrio5

Je ferai ça demain soir
( 18h~ )
je dois y aller
A bientôt

En tout cas quand je lance en mode sans échec, j'ai encore l'écran bleu, donc je réparerais le mode sans echec demain

Répondre à Shogi

J'ai réparé le mode sans échef et j'ai lancé RunThis.bat
J'ai attendu quelques minutes après les messages sont :
"Starting repairs
Check running processes...

Le service n'a pas démarré"

Répondre à Shogi

! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

Télécharge ComboFix (sUBs) sur ton Bureau.
Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Il va te demander d'installer la console de récupération : accepte.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Répondre à Destrio5

ComboFix 08-12-03.04 - nour 2008-12-04 17:00:03.1 - NTFSx86
Lancé depuis: c:\documents and settings\nour\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrateur\Application Data\urlredir.cfg
c:\documents and settings\Administrateur\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
c:\documents and settings\All Users\Application Data\Adsl Software Limited
c:\documents and settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\LOG\20080512140603531.log
c:\documents and settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe
c:\documents and settings\nour\Application Data\ShoppingReport
c:\documents and settings\nour\Application Data\ShoppingReport\cs\Config.xml
c:\documents and settings\nour\Application Data\ShoppingReport\cs\report\aggr_storage.xml
c:\documents and settings\nour\Application Data\ShoppingReport\cs\report\send_storage.xml
c:\documents and settings\nour\Application Data\urlredir.cfg
c:\documents and settings\SAYAH NOUR\Application Data\urlredir.cfg
c:\documents and settings\Shogi\Application Data\.#
c:\documents and settings\Shogi\Application Data\ShoppingReport
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\Config.xml
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\db\Aliases.dbs
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\db\Sites.dbs
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\report\aggr_storage.xml
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\report\send_storage.xml
c:\documents and settings\Shogi\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
c:\documents and settings\Shogi\Application Data\urlredir.cfg
c:\documents and settings\Shogi\Application Data\YMBOLS~1
c:\documents and settings\Shogi\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
C:\install.exe
c:\program files\FunWebProducts
c:\program files\montorgueil
c:\program files\montorgueil\16.02343
c:\program files\Mozilla Firefox\components\nsBrowserOpt.dll
c:\program files\newdotnet
c:\program files\newdotnet\readme.html
c:\program files\ShoppingReport
c:\program files\ShoppingReport\Uninst.exe
c:\program files\SoftwareOnline
c:\program files\SoftwareOnline\soproc.exe
c:\program files\SoftwareOnline\SZVersionChecker.exe
C:\test.txt
c:\windows\smdat32a.sys
c:\windows\smdat32m.sys
c:\windows\system32\cfx32.ocx
c:\windows\system32\dcads-remove.exe
c:\windows\system32\drivers\svchost.exe
c:\windows\system32\kfzgqmbmonflcl.dll
c:\windows\system32\nvs2.inf
c:\windows\system32\spads.dll
c:\windows\system32\superiorads-uninst.exe
c:\windows\system32\TDSSerrors.log
c:\windows\system32\TDSSinit.dll
c:\windows\system32\tdssl.dll
c:\windows\system32\tdssservers.dat
c:\windows\system32\vcmgcd32.dl_
D:\Autorun.inf

[color=blue]Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\qoobox\Quarantine\C\\WINDOWS\explorer.exe.vir[/COLOR]

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-04 au 2008-12-04 ))))))))))))))))))))))))))))))))))))
.

2008-12-04 11:49 . 2008-12-04 11:49 <REP> d-------- c:\windows\ERUNT
2008-12-04 11:37 . 2008-12-04 11:45 <REP> d-------- c:\documents and settings\nour\Application Data\Tibia
2008-12-04 11:36 . 2008-12-04 11:36 <REP> d-------- c:\program files\Tibia
2008-12-03 21:11 . 2008-12-03 21:12 <REP> d-------- c:\documents and settings\nour\amsn
2008-12-03 21:10 . 2008-12-03 21:10 <REP> d-------- c:\program files\aMSN
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\documents and settings\nour\Application Data\Malwarebytes
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-03 15:11 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 15:11 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups_old1
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups_old
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups
2008-12-03 14:53 . 2008-12-03 14:53 <REP> d-------- c:\documents and settings\nour\backups_old2
2008-12-03 14:52 . 2008-12-03 14:52 <REP> d-------- c:\documents and settings\nour\backups_old3
2008-12-03 14:51 . 2008-12-03 14:51 <REP> d-------- c:\documents and settings\nour\backups_old4
2008-12-03 14:51 . 2008-12-03 14:51 <REP> d-------- c:\documents and settings\nour\backupreg
2008-12-03 14:51 . 2004-08-20 00:10 304,640 --a------ c:\documents and settings\nour\editreg.exe
2008-12-03 14:51 . 2004-08-20 00:09 111,104 --a------ c:\documents and settings\nour\rtsdnif.exe
2008-12-03 14:51 . 2004-02-12 18:54 93,184 --a------ c:\documents and settings\nour\attrib.exe
2008-12-03 14:51 . 2004-02-11 23:07 78,848 --a------ c:\documents and settings\nour\dnif.exe
2008-12-03 14:00 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2008-12-03 12:44 . 2008-12-03 12:44 <REP> d-------- c:\program files\Trend Micro
2008-12-02 19:41 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2008-12-02 19:40 . 2008-12-02 19:40 <REP> d-------- c:\program files\Panda Security
2008-12-02 17:03 . 2008-12-02 17:03 1,181,696 --a------ c:\windows\system32\Paris Hilton 1.scr
2008-12-02 17:03 . 2008-12-02 17:03 18,432 --a------ c:\windows\ss3unstl.exe
2008-11-29 19:22 . 2008-12-02 16:30 <REP> d-------- c:\program files\Metin2_France
2008-11-29 14:49 . 2008-06-20 14:33 32,256 --a------ c:\windows\system32\alading.dll
2008-11-28 20:27 . 2008-11-28 20:27 <REP> d-------- c:\program files\Xvid
2008-11-28 20:27 . 2008-04-27 10:33 765,952 --a------ c:\windows\system32\xvidcore.dll
2008-11-28 20:27 . 2008-04-27 10:35 180,224 --a------ c:\windows\system32\xvidvfw.dll
2008-11-28 20:26 . 2008-11-28 20:26 <REP> d-------- c:\program files\ZD Soft
2008-11-28 17:26 . 2008-11-28 17:26 677,376 --a------ c:\windows\system32\nsc1C5.dll
2008-11-27 21:48 . 2008-12-01 15:42 <REP> d-------- c:\documents and settings\nour\Incomplete
2008-11-27 21:47 . 2008-11-27 21:47 <REP> d-------- c:\program files\LimeWire
2008-11-27 21:47 . 2008-12-01 17:59 <REP> d-------- c:\documents and settings\nour\Application Data\LimeWire
2008-11-27 21:39 . 2008-11-27 21:39 <REP> d-------- c:\documents and settings\nour\Application Data\Creative
2008-11-27 21:38 . 2008-11-27 21:38 <REP> d-------- c:\documents and settings\nour\Application Data\Publish Providers
2008-11-27 21:37 . 2008-11-27 21:37 <REP> d-------- c:\documents and settings\nour\Application Data\Sony
2008-11-26 20:04 . 2008-11-26 20:04 <REP> d-------- c:\program files\Zattoo
2008-11-18 17:19 . 2008-11-25 10:49 <REP> d-------- C:\Endless Dream
2008-11-17 19:59 . 2008-11-17 19:59 96,093 --a------ c:\windows\system32\kfzgqmbmonflcl.dll-uninst.exe
2008-11-12 17:02 . 2008-11-28 21:43 <REP> d-------- c:\program files\Wakfu
2008-11-09 18:20 . 2008-11-09 18:20 <REP> d-------- c:\documents and settings\nour\Application Data\DivX
2008-11-08 14:14 . 2008-11-08 14:14 <REP> d-------- c:\documents and settings\nour\Application Data\DMV Technologies
2008-11-08 13:59 . 2008-11-08 13:59 <REP> d-------- c:\windows\MaxTV
2008-11-08 13:59 . 2008-11-08 13:59 <REP> d-------- c:\program files\DMV
2008-11-05 17:19 . 2008-11-05 17:19 <REP> d-------- c:\program files\SystemRequirementsLab

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-04 16:11 --------- d-----w c:\documents and settings\nour\Application Data\DMCache
2008-12-04 16:06 1,037,312 ----a-w c:\windows\explorer.exe
2008-12-04 10:51 1,068,690 ----a-w C:\Blizzard Updater.exe
2008-12-02 18:55 --------- d-----w c:\documents and settings\nour\Application Data\VMNTOOLBAR
2008-11-29 13:49 --------- d-----w c:\program files\alaplaya
2008-11-29 13:35 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 18:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-27 20:07 --------- d-----w c:\program files\CamStudio
2008-11-27 18:13 --------- d-----w c:\program files\lx_cats
2008-11-24 16:12 6,748 ----a-w c:\documents and settings\nour\Application Data\wklnhst.dat
2008-11-23 18:17 --------- d-----w c:\program files\Dofus
2008-11-20 15:25 --------- d-----w c:\program files\GPotato
2008-11-18 13:13 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-12 17:30 --------- d-----w c:\program files\Ruff-Rose
2008-11-12 17:28 --------- d-----w c:\program files\LRose
2008-11-12 17:26 --------- d-----w c:\program files\Outspark
2008-11-12 17:10 --------- d-----w c:\program files\America's Army
2008-11-12 16:34 --------- d-----w c:\program files\Speed Rose Onlinea
2008-11-12 16:33 --------- d-----w c:\program files\Valhalla-Destiny
2008-11-12 16:33 --------- d-----w c:\program files\LegendGunZ V1.2
2008-11-12 16:33 --------- d-----w c:\program files\Kantaris
2008-11-03 18:44 --------- d-----w c:\program files\DriftCity
2008-11-03 18:41 --------- d--h--w c:\documents and settings\nour\Application Data\ijjigame
2008-11-03 18:39 --------- d-----w c:\documents and settings\All Users\Application Data\IJJIGame
2008-11-03 17:12 --------- d-----w c:\documents and settings\nour\Application Data\.purple
2008-11-02 18:02 --------- d-----w c:\program files\iTunes
2008-11-02 18:02 --------- d-----w c:\program files\iPod
2008-11-02 18:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-02 18:01 --------- d-----w c:\documents and settings\nour\Application Data\Apple Computer
2008-11-02 18:00 --------- d-----w c:\program files\QuickTime
2008-11-02 18:00 --------- d-----w c:\program files\Bonjour
2008-11-02 17:59 --------- d-----w c:\program files\Fichiers communs\Apple
2008-11-02 17:57 --------- d-----w c:\program files\Apple Software Update
2008-11-02 17:56 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-11-01 18:51 --------- d-----w c:\documents and settings\nour\Application Data\vlc
2008-11-01 11:41 --------- d-----w c:\documents and settings\nour\Application Data\IDM
2008-10-31 17:04 --------- d-----w c:\program files\Pack Securite
2008-10-30 18:00 --------- d-----w c:\documents and settings\Shogi\Application Data\mIRC
2008-10-30 17:39 --------- d-----w c:\program files\mIRC
2008-10-30 17:06 --------- d-----w c:\documents and settings\Shogi\Application Data\DMCache
2008-10-30 13:58 --------- d-----w c:\documents and settings\All Users\Application Data\fssg
2008-10-30 12:18 --------- d-----w c:\program files\VS Revo Group
2008-10-28 13:44 --------- d-----w c:\documents and settings\All Users\Application Data\F-Secure
2008-10-27 16:35 --------- d-----w c:\program files\SFR
2008-10-27 16:35 --------- d-----w c:\program files\neuf telecom
2008-10-27 16:19 --------- d-----w c:\program files\Fichiers communs\Eltima Shared
2008-10-27 16:19 --------- d-----w c:\program files\Eltima Software
2008-10-27 16:19 --------- d-----w c:\documents and settings\Shogi\Application Data\Eltima Software
2008-10-26 18:17 --------- d-----w c:\program files\Fichiers communs\DVDVideoSoft
2008-10-26 14:50 --------- d-----w c:\program files\FlyForFuture
2008-10-22 14:29 --------- d-----w c:\program files\Windows Live
2008-10-22 14:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-10-22 14:26 --------- d-----w c:\program files\Microsoft
2008-10-22 14:19 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-10-22 14:13 --------- d-----w c:\documents and settings\Shogi\Application Data\.purple
2008-10-20 13:32 --------- d-----w c:\documents and settings\Shogi\Application Data\vlc
2008-10-20 13:30 --------- d-----w c:\documents and settings\Shogi\Application Data\VMNTOOLBAR
2008-10-18 15:03 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-18 10:50 --------- d-----w c:\program files\Neuf
2008-10-18 10:27 --------- d-----w c:\program files\adslTV
2008-10-15 10:53 --------- d-----w c:\documents and settings\Shogi\Application Data\Yahoo!
2008-10-11 17:52 990 ----a-w c:\documents and settings\Shogi\Application Data\wklnhst.dat
2008-10-11 17:41 --------- d-----w c:\documents and settings\Shogi\Application Data\gtk-2.0
2008-10-11 15:46 --------- d-----w c:\program files\GAMENAO
2008-10-11 12:08 --------- d--h--w c:\documents and settings\Shogi\Application Data\ijjigame
2008-10-10 17:10 --------- d-----w c:\program files\Flyff
2008-10-04 18:01 --------- d-----w c:\documents and settings\Administrateur\Application Data\VMNTOOLBAR
2008-10-04 17:53 360,320 ----a-w c:\windows\system32\drivers\TCPIP.SYS
2008-10-04 16:47 --------- d-----w c:\documents and settings\Administrateur\Application Data\DMCache
2008-10-04 16:28 --------- dc----w c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-10-04 16:24 --------- d-----w c:\program files\Counter-Strike 1.6
2008-09-05 14:04 288,768 ----a-w c:\windows\WLXPGSS.SCR
2008-06-19 10:24 107,880 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\GDIPFONTCACHEV1.DAT
2008-06-12 14:25 107,880 ----a-w c:\documents and settings\nour\Application Data\GDIPFONTCACHEV1.DAT
2008-05-02 13:53 36,976 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\wklnhst.dat
2008-04-01 18:58 2,000 ----a-w c:\documents and settings\Administrateur\Application Data\wklnhst.dat
2008-02-28 17:32 22,328 ----a-w c:\documents and settings\Administrateur\Application Data\PnkBstrK.sys
2007-12-22 16:46 22,328 ----a-w c:\documents and settings\Shogi\Application Data\PnkBstrK.sys
2007-12-03 11:53 108,304 ----a-w c:\documents and settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2007-12-02 17:24 22,328 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\PnkBstrK.sys
2006-02-25 19:12 251 ----a-w c:\program files\wt3d.ini
2004-12-17 22:44 1,221,312 ----a-w c:\documents and settings\Nouveau dossier (2)\Installer.exe
2005-11-30 07:58 610,816 ----a-w c:\program files\mozilla firefox\plugins\MannequinPlayer.dll
2007-01-13 16:10 10,240 --sha-w c:\windows\rnapxs\rnapxs.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db8ba7b4-4b66-41f8-5722-e5d875944fd8}]
2008-11-28 17:26 677376 --a------ c:\windows\system32\nsc1C5.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-02-20 2667952]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-09-08 3582976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-02-23 3026944]
"LXCTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 106496]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 495616]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 359208]
"nwiz"="nwiz.exe" [2004-02-23 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2005-01-27 263776]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2004-06-30 95344]
"Symantec NetDriver Warning"="c:\progra~1\SYMNET~1\SNDWarn.exe" [2004-10-29 287864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"StartMS"="c:\program files\Creative\Shared Files\Media Sniffer\StartMS.EXE" [2003-03-26 57344]
"CMSRegOW.exe"="c:\program files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" [2003-06-16 57344]
"SRUUninstall"="c:\windows\system32\msiexec.exe" [2005-05-04 78848]
"SetDefaultMIDI"="MIDIDEF.EXE" [2003-06-21 c:\windows\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"MSACM.VOXACM118"= vdk32118.acm
"MSACM.NSX83"= nsx83p32.acm
"MSACM.NSPAC"= NSPAC32.ACM
"msacm.divxa32"= DivXa32.acm
"VIDC.SP54"= SP5X_32.DLL
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 359208 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-02-27 08:25 171448 c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2007-01-29 12:07 3718312 c:\program files\TomTom HOME\TomTomHOME.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\Slayers Online\\slayersonline.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe"=
"c:\\Program Files\\softnyx\\Rakion\\Bin\\Rakion.bin"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pack Securite\\backweb\\361343\\Program\\fspex.exe"=
"c:\\WINDOWS\\system32\\lxctcoms.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Documents and Settings\\SAYAH NOUR\\Bureau\\Public Release\\LegacyGamersFullClientUpdateV4.6Update2\\LegacyGamers.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\ijji\\ENGLISH\\u_gunz.exe"=
"c:\\ijji\\ENGLISH\\u_skid.exe"=
"c:\\Program Files\\DriftCity\\DriftCity.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\ijji\\ENGLISH\\u_gbound.exe"=
"c:\\ijji\\ENGLISH\\Gunbound Revolution\\GunBound.gme"=
"c:\\Program Files\\Trinity Entertainment\\Trinity GunZ\\Trinity.exe"=
"c:\\Program Files\\Zattoo\\Zattoo2.exe"=
"c:\\ijji\\ENGLISH\\u_sf.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\alaplaya\\S4League\\S4Client.exe"=
"c:\\Documents and Settings\\Shogi\\Bureau\\Tales_Runner_Client_us080814\\trgame.exe"=
"c:\\Program Files\\Softnyx\\Rakion-bdrs\\Bin\\rakion.bin"=
"c:\\Program Files\\Fichiers communs\\Adobe\\Calibration\\Adobe Gamma Loader.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe"=
"c:\\Flyff\\Neuz.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\UberIcon\\UberIcon Manager.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\Steam.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Pidgin\\pidgin.exe"=
"c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\lxctPSWX.EXE"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\RocketDock\\RocketDock.exe"=
"c:\\lunia\\LuniaClient.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\YzShadow\\YzShadow.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= c:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe
"c:\\Program Files\\CCleaner\\ccleaner.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\TransBar\\TransBar.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\nDoors\\Atlantica\\Atlantica.exe"=
"c:\\Program Files\\iTunes\\iTunesHelper.exe"=
"c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=
"c:\\Program Files\\QuickTime\\QTTask.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Program Files\\DMV\\MaxTV4\\core\\maxtv_xul.exe"=
"c:\\Program Files\\Microsoft Works\\WkDStore.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\DMV\\MaxTV4\\maxtv.exe"=
"c:\\Documents and Settings\\nour\\Bureau\\msgr9fr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\alaplaya\\launcher\\AlaplayaLauncher.exe"=
"c:\\Documents and Settings\\nour\\Mes documents\\Downloads\\Programs\\wowclient-downloader.exe"=
"c:\\WINDOWS\\system32\\CF32338.exe"=
"c:\\DOCUME~1\\nour\\LOCALS~1\\Temp\\mvks.exe"=
"c:\\DOCUME~1\\nour\\LOCALS~1\\Temp\\imuhke.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9149:TCP"= 9149:TCP:BitComet 9149 TCP
"9149:UDP"= 9149:UDP:BitComet 9149 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"6901:TCP"= 6901:TCP:ro1
"6122:TCP"= 6122:TCP:ro2
"5122:TCP"= 5122:TCP:ro3
"5000:UDP"= 5000:UDPw
"5010:UDP"= 5010:UDPw2
"19998:TCP"= 19998:TCPw3
"21000:TCP"= 21000:TCPw4
"23404:TCP"= 23404:TCP:BitComet 23404 TCP
"23404:UDP"= 23404:UDP:BitComet 23404 UDP
"21925:TCP"= 21925:TCP:*isabled:SolidNetworkManager
"21925:UDP"= 21925:UDP:*isabled:SolidNetworkManager
"58292:TCP"= 58292:TCPando P2P TCP Listening Port
"58292:UDP"= 58292:UDPando P2P UDP Listening Port

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10af0d66-8d41-11dd-ad51-00112f47215f}]
\Shell\AUtOpLay\command - G:\agoyhe.pif
\Shell\AutoRun\command - G:\agoyhe.pif
\Shell\Explore\CommAnD - G:\agoyhe.pif
\Shell\oPEn\cOmmAnD - G:\agoyhe.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1759a163-e6da-11dc-abef-5050506f4531}]
\sHelL\AUtOplaY\cOmMand - G:\vnqvl.pif
\sHelL\AutoRun\command - G:\vnqvl.pif
\sHelL\EXPLorE\cOMmand - G:\vnqvl.pif
\sHelL\opEn\COMMAND - G:\vnqvl.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e62e009-4ccc-11dd-acd8-00112f47215f}]
\sHEll\AuToplaY\ComMANd - G:\iilj.pif
\sHEll\AutoRun\command - G:\iilj.pif
\sHEll\ExpLoRe\comMAnD - G:\iilj.pif
\sHEll\oPen\CommaNd - G:\iilj.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{967a5195-c9fc-11dc-abb5-5050506f4531}]
\shelL\AutOPLay\ComMand - G:\ppro.pif
\shelL\AutoRun\command - G:\ppro.pif
\shelL\eXplORe\COmmand - G:\ppro.pif
\shelL\opeN\COMMaNd - G:\ppro.pif
.
Contenu du dossier 'Tâches planifiées'

2008-12-03 c:\windows\Tasks\AAA8AC9F918F2353.job
- c:\docume~1\amin\applic~1\planst~1\that proc data.exe []

2008-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-11-21 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2005-05-24 15:42]

2008-12-04 c:\windows\Tasks\Windows Update.job
- c:\windows\system32\wupdmgr.exe [2004-02-11 22:01]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{B5DE974D-DC8D-F8B3-052B-C4EC15A5776E} - c:\windows\system32\kfzgqmbmonflcl.dll
MSConfigStartUp-Flashget - c:\program files\FlashGet\FlashGet.exe
MSConfigStartUp-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe

.
------- Examen supplémentaire -------
.
mStart Page = hxxp://www.trinity-ro.com/forums/
uInternet Settings,ProxyOverride = *.local
IE: &Bloquer cette fenêtre publicitaire - c:\program files\Pack Securite\Anti-Spyware\blockpopups.htm
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: &MSN Search - c:\program files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Shogi\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Shogi\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk -
Handler: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - c:\windows\system32\alading.dll

c:\windows\Downloaded Program Files\sysreqlab3.dll - O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E}
hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
c:\windows\Downloaded Program Files\SysReqLab3.osd

O16 -: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe

c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\ImageUploader3.ocx
O16 -: {92E7E45A-D8C8-480E-AF99-176E43997CAA}
hxxp://www.3suissesphotos.fr/Components/Upload/ImageUploader3.cab
c:\windows\Downloaded Program Files\ImageUploader3.inf

c:\windows\system32\comctl32.ocx - c:\windows\system32\msvbvm60.dll
c:\windows\system32\OLEAUT32.DLL
c:\windows\system32\OLEPRO32.DLL
c:\windows\system32\ASYCFILT.DLL
c:\windows\system32\STDOLE2.TLB
c:\windows\system32\COMCAT.DLL
c:\windows\system32\IVBExtractImageLib.tlb
c:\windows\system32\dbgwproc.dll
c:\windows\system32\ISHF_Ex.tlb
c:\windows\system32\JPegsize.dll
c:\windows\Downloaded Program Files\MCLPhoto.ocx
O16 -: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5}
hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
c:\windows\Downloaded Program Files\MCLPhoto.INF

c:\windows\system32\msvcp60.dll - c:\windows\system32\atl.dll
c:\windows\Downloaded Program Files\AdVerifierADP.dll
c:\windows\Downloaded Program Files\AdSignerADP.dll
O16 -: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF}
hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
c:\windows\Downloaded Program Files\AdSignerADP.inf

c:\windows\Downloaded Program Files\iaplayer.dll - O16 -: {DB7BF79A-FC51-4B5A-92BC-A65731174380}
hxxp://www.instantaction.com/download/iaplayer.cab
c:\windows\Downloaded Program Files\cab.inf

O16 -: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
FireFox -: Profile - c:\documents and settings\nour\Application Data\Mozilla\Firefox\Profiles\o2t1tnz1.default\
FF -: plugin - c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npGraalPlugin.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava11.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava12.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava131_18.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npoji600.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npredoute.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npssn.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\np32dsw.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npaudio.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npavi32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npbeatnk.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npcosmop.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npdrmv2.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npdsplay.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava11.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava12.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava131_18.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nplau32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npnul32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nppdf32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nppl3260.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin2.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin3.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin4.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin5.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin6.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin7.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPSVGVw.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPSWF32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npwmsdrm.dll
FF -: plugin - c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF -: plugin - c:\program files\Virtools\3D Life Player\npvirtools.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
FF -: plugin - c:\windows\system32\SolidStateNetworks\SolidStateION\npssn.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 17:10:49
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\windows\system32\CTSVCCDA.EXE
c:\windows\eHome\ehsched.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\lxctcoms.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\docume~1\nour\LOCALS~1\temp\mvks.exe
c:\docume~1\nour\LOCALS~1\temp\imuhke.exe
.
**************************************************************************
.
Heure de fin: 2008-12-04 17:30:42 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-04 16:30:38

Avant-CF: 29 978 451 968 octets libres
Après-CF: 33,018,093,568 octets libres

554 --- E O F --- 2008-10-28 22:09:43

Répondre à Shogi

Tu aimes les infections on dirait.

Télécharge UsbFix (de Chiquitine29) sur ton Bureau.
Lance l'installation avec les paramètres par défaut.
Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
Double-clique sur le raccourci UsbFix sur ton Bureau.
Choisis l'option 1 (Nettoyage).
Le PC va redémarrer.
Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Répondre à Destrio5

Et si je n'ai pas de sources de données externes ?

Répondre à Shogi

Fais quand même la manip'.

Répondre à Destrio5

-------------- UsbFix V2.413.2 ---------------

* User : nour - CHOUCHOU
* Outils mis a jours le 01/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 17:51:09 le 04/12/2008
* Windows Xp - Internet Explorer 6.0.2900.2180

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\DOCUME~1\nour\LOCALS~1\Temp\1.tmp\b2e.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[01/01/2004 08:29][--a------] C:\AUTOEXEC.BAT
[23/10/2004 18:29][-rahs----] C:\NTDETECT.COM
[04/12/2008 11:51][--a------] C:\Blizzard Updater.exe
[16/04/2008 15:37][-rahs----] C:\boot.ini
[16/04/2008 15:37][-rahs----] C:\globdata.ini
[16/04/2008 15:37][-rahs----] C:\install.ini
[10/07/2006 10:30][--a------] C:\AILog.txt
[10/07/2006 10:30][--a------] C:\ComboFix.txt
[10/07/2006 10:30][--a------] C:\eula.1028.txt
[10/07/2006 10:30][--a------] C:\eula.1031.txt
[10/07/2006 10:30][--a------] C:\eula.1033.txt
[10/07/2006 10:30][--a------] C:\eula.1036.txt
[10/07/2006 10:30][--a------] C:\eula.1040.txt
[10/07/2006 10:30][--a------] C:\eula.1041.txt
[10/07/2006 10:30][--a------] C:\eula.1042.txt
[10/07/2006 10:30][--a------] C:\eula.2052.txt
[10/07/2006 10:30][--a------] C:\eula.3082.txt
[10/07/2006 10:30][--a------] C:\mpeg.txt
[10/07/2006 10:30][--a------] C:\README.txt
[10/07/2006 10:30][--a------] C:\SAFEBOOT_REPAIR.TXT
[10/07/2006 10:30][--a------] C:\UsbFix.txt
[10/07/2006 10:30][--a------] C:\YServer.txt
[01/01/2004 08:29][--a------] C:\CONFIG.SYS
[01/01/2004 08:29][--a------] C:\hiberfil.sys
[01/01/2004 08:29][--a------] C:\IO.SYS
[01/01/2004 08:29][--a------] C:\MSDOS.SYS
[01/01/2004 08:29][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Lecteur fixe

+- Listing des fichiers présents :

[27/07/2001 20:07][---hs----] D:\AUTOEXEC.BAT
[25/07/2001 12:00][---hs----] D:\NTDETECT.COM
[10/09/2002 11:54][---hs----] D:\Info.exe
[09/01/2002 09:52][---hs----] D:\BOOT.INI
[09/01/2002 09:52][---hs----] D:\Desktop.ini
[09/01/2002 09:52][---hs----] D:\WINBOM.INI
[10/09/2002 07:21][---hs----] D:\Folder.htt
[27/07/2001 20:07][---hs----] D:\CONFIG.SYS
[27/07/2001 20:07][---hs----] D:\IO.SYS
[27/07/2001 20:07][---hs----] D:\MSDOS.SYS
[27/07/2001 20:07][---hs----] D:\RCBoot.sys

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
IDMan=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
msnmsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
LXCTCATS=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
nwiz=nwiz.exe /install

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10af0d66-8d41-11dd-ad51-00112f47215f}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10af0d66-8d41-11dd-ad51-00112f47215f}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10af0d66-8d41-11dd-ad51-00112f47215f}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1759a163-e6da-11dc-abef-5050506f4531}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1759a163-e6da-11dc-abef-5050506f4531}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1759a163-e6da-11dc-abef-5050506f4531}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e62e009-4ccc-11dd-acd8-00112f47215f}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e62e009-4ccc-11dd-acd8-00112f47215f}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e62e009-4ccc-11dd-acd8-00112f47215f}\Shell\open\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{967a5195-c9fc-11dc-abb5-5050506f4531}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{967a5195-c9fc-11dc-abb5-5050506f4531}\Shell\explore\Command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{967a5195-c9fc-11dc-abb5-5050506f4531}\Shell\open\Command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - [10/09/2002 07:21][---hs----] D:\Folder.htt
Supprimé ! - [10/09/2002 11:54][---hs----] D:\info.exe

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre [http://www.virustotal.com/fr/ interprété] par un spécialiste /!\

[01/01/2004 08:29][--a------] C:\AUTOEXEC.BAT
[23/10/2004 18:29][-rahs----] C:\NTDETECT.COM
[04/12/2008 11:51][--a------] C:\Blizzard Updater.exe
[16/04/2008 15:37][-rahs----] C:\boot.ini
[16/04/2008 15:37][-rahs----] C:\globdata.ini
[16/04/2008 15:37][-rahs----] C:\install.ini
[27/07/2001 20:07][---hs----] D:\AUTOEXEC.BAT
[25/07/2001 12:00][---hs----] D:\NTDETECT.COM
[09/01/2002 09:52][---hs----] D:\BOOT.INI
[09/01/2002 09:52][---hs----] D:\Desktop.ini
[09/01/2002 09:52][---hs----] D:\WINBOM.INI

--------------- ! Fin du rapport ! ----------------

Répondre à Shogi

Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
Double-clique sur Navilog1.exe afin de lancer l'installation.
Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
Appuie sur F ou f puis valide par Entrée.
Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
Patiente jusqu'au message : *** Analyse terminée le ..... ***
Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.

Répondre à Destrio5

"N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan. "
J'ai trop peur pour mon ordi pour faire ça lol ^^

Répondre à Shogi

Navilog1, ce n'est rien à côté de ComboFix.

Fais la manip', aucun problème.

Répondre à Destrio5

Oui je sais mais je parlais de tenter quelque chose dont je ne sais rien ^^

Le scan de navilog va bientot se terminer là

Répondre à Shogi

Ah pardon, je ne l'avais pas compris dans ce sens

Répondre à Destrio5

Après la recherche avec catchme ( gmer ) il y a la recherche avec generic navi search et mon ordi semble inactif ( il ram pas comme avec la recherche avant )

Répondre à Shogi

Patiente.

Répondre à Destrio5

Search Navipromo version 3.6.9 commencé le 04/12/2008 à 18:00:33,15

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "nour"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

Favorit
Favorit

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\nour\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\iman\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\SAYAHN~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Shogi\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\nour\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Shogi\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\nour\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\SAYAHN~1\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Shogi\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\nour\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\Shogi\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

oins.exe trouvé !

* Dans "C:\Documents and Settings\nour\locals~1\applic~1" :

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

* Dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" :

* Dans "C:\DOCUME~1\Shogi\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 04/12/2008 à 18:53:46,53 ***

Répondre à Shogi

Relance Navilog1, fais l'option 2 et poste le rapport.

Répondre à Destrio5

Clean Navipromo version 3.6.9 commencé le 04/12/2008 à 19:00:24,37

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "nour"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage exécuté au redémarrage de l'ordinateur

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\nour\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\Shogi\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\nour\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\iman\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\SAYAHN~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\Shogi\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\nour\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\Shogi\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\nour\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\SAYAHN~1\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\Shogi\menudm~1\progra~1" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\nour\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

oins.exe trouvé !
Copie oins.exe réalisée avec succès !
oins.exe supprimé !

* Dans "C:\Documents and Settings\nour\locals~1\applic~1" *

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

* Dans "C:\DOCUME~1\SAYAHN~1\locals~1\applic~1" *

* Dans "C:\DOCUME~1\Shogi\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 04/12/2008 à 19:04:36,32 ***

Répondre à Shogi

Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar S&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)

Répondre à Destrio5

C'est normal qu'il n'y ait plus rien écrit et que mon ordi semble inactif ? Je patiente ?

Répondre à Shogi

-----------\\ ToolBar S&D 1.2.5 XP/Vista

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [1] ( 04/12/2008|19:25 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskPBar
C:\Program Files\AskPBar\bar
C:\Program Files\AskPBar\bar\1.bin
C:\Program Files\AskPBar\bar\Cache
C:\Program Files\AskPBar\bar\History
C:\Program Files\AskPBar\bar\Settings
C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
C:\Program Files\AskPBar\bar\Cache\00037456
C:\Program Files\AskPBar\bar\Cache\000377D1
C:\Program Files\AskPBar\bar\Cache\00037B1D.bin
C:\Program Files\AskPBar\bar\Cache\00037E59.bin
C:\Program Files\AskPBar\bar\Cache\00038212.bin
C:\Program Files\AskPBar\bar\Cache\files.ini
C:\Program Files\AskPBar\bar\History\search2
C:\Program Files\AskPBar\bar\Settings\prevcfg2.htm
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dictionary.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\games1_5.cfg
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hororank.xml
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\img_games1_5.cfg
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\security.bmp1411656
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt221640
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt232281
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt291000
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt360093
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red5.bmp396843
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbar1_6-207.zip
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbartb0500.cfg
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\Yahoo.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_brazil.bmp3110218
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hororank.xml
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34115312
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34120593
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34163843
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34170515
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34178546
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34222062
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\Yahoo.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_dark.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_green.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_white.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\234x60storage-dropdownEN.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\4x4 Rally.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\add_en.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Air Dodge.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\air hockey.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\alias.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Alien.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Alpha Bravo Charlie.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_red.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_red2.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Balloony.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Battle Tanks.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_300px.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_cityweather.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_games3.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_games4.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_story.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_tblresults.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Black Jack.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bomber bob.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Bowling.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_close.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_minus.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Bubble Bobble The Revival.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Connect 2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Cowboy Bullet.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\cubeez.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\curve ball.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dictionary.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\fish eat fish.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Flashludo.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Fly plane.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Flyplane.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\forest challenge 2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\galaxians.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games.xml
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games1_5.cfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gamesmenu.html
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\game_placeholder.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gold diggers.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Hungry Space.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\img_games1_5.cfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\indiana jones.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\keep ups 2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ma balls.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Memory Trial.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\micro tanks.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini nitros.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini pool 2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini pool.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini putt 3.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\minipool2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Muay Thai.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\naval gun.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34457171
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt39861046
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt43463046
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5397640
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5658000
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Office Paintball v2.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\overlord.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pig wars.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pubplaceholder.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Raidenx.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rssmenu1_5b.zip
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_dictionnary.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_domain.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_ency.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_graphic.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_images.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_music.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_news.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_people.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_products.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_software.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_stocks.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_video.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\show jumping.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt3669203
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt7438187
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt7450125
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo1.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo10.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo11.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo12.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo13.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo14.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo15.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo16.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo17.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo18.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo19.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo2.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo20.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo3.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo4.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo5.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo6.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo7.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo8.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo9.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Space explorer.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Stone Breaker.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sweet tooth.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\table tennis.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Tanks.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tetris.JPG
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Tower Defence.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\toy cars.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\upgrade.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\virtual cop.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1403.cfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbar_151.zip
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\war games.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\worm.jpg
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\yahoo.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\downfile\searchdata.php16341796
C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\downfile\searchdata.php2339578
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hororank.xml
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp221765
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.bmp370625
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt182203
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt20886062
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt246781
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt44271140
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt449703
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\Yahoo.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\zoom.bmp
C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\downfile\searchdata.php44271015
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
C:\Program Files\VMNToolbar\VMNTOO~11.old
C:\WINDOWS\iun6002.exe

-----------\\ Extensions

(SAYAH NOUR) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(SAYAH NOUR) - {8e12f188-352c-4476-8198-e9b8f4a4353a} => blackjapanmax__45_5.69__45_fx
(SAYAH NOUR) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(SAYAH NOUR) - {8e12f188-352c-4476-8198-e9b8f4a4353a} => blackjapanmax-5.69-fx

(Shogi) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(Shogi) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Shogi) - {c36177c0-224a-11da-8cd6-0800200c9a66} => fasterfox

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://fr.msn.com/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\nour\Bureau\Flyff\SFX\sfx_sklassknuburstcrack01.sfx
C:\DOCUME~1\nour\Bureau\Flyff\Sound\PcSkillD-Burstcrack.wav

1 - "C:\ToolBar SD\TB_1.txt" - 04/12/2008|19:27 - Option : [1]

-----------\\ Fin du rapport a 19:27:23,06

Répondre à Shogi

Mon PC est foutu ? Plus rien à faire ? XD

Répondre à Shogi

Je mangeais.

Relance ToolBar S&D, fais l'option 2 et poste le rapport.

Répondre à Destrio5

Ah désolé ^^

Répondre à Shogi

-----------\\ ToolBar S&D 1.2.5 XP/Vista

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 04/12/2008|19:55 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskPBar\bar
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dictionary.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\games1_5.cfg
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\hororank.xml
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\img_games1_5.cfg
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\security.bmp1411656
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt221640
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt232281
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt291000
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sinfo.txt360093
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\stars-red5.bmp396843
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbar1_6-207.zip
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbartb0500.cfg
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\Yahoo.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_brazil.bmp3110218
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\hororank.xml
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34115312
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34120593
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34163843
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34170515
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34178546
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sinfo.txt34222062
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\Yahoo.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\234x60storage-dropdownEN.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\4x4 Rally.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\add_en.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Air Dodge.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\air hockey.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\alias.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Alien.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Alpha Bravo Charlie.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Balloony.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Battle Tanks.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_300px.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_cityweather.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_games3.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_games4.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_story.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_tblresults.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Black Jack.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\bomber bob.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Bowling.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Bubble Bobble The Revival.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Connect 2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Cowboy Bullet.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\cubeez.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\curve ball.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dictionary.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\fish eat fish.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Flashludo.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Fly plane.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Flyplane.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\forest challenge 2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\galaxians.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games.xml
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\games1_5.cfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gamesmenu.html
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\game_placeholder.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\gold diggers.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Hungry Space.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\img_games1_5.cfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\indiana jones.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\keep ups 2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\ma balls.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Memory Trial.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\micro tanks.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini nitros.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini pool 2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini pool.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\mini putt 3.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\minipool2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Muay Thai.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\naval gun.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt34457171
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt39861046
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt43463046
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5397640
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\New York_NY_weather.txt5658000
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Office Paintball v2.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\overlord.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pig wars.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\pubplaceholder.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Raidenx.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rssmenu1_5b.zip
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_dictionnary.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_domain.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_ency.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_graphic.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_images.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_music.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_news.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_people.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_products.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_software.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_stocks.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\search_video.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\show jumping.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt3669203
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt7438187
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sinfo.txt7450125
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo1.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo10.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo11.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo12.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo13.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo14.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo15.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo16.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo17.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo18.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo19.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo2.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo20.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo3.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo4.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo5.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo6.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo7.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo8.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Sinfo9.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Space explorer.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Stone Breaker.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\sweet tooth.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\table tennis.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Tanks.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tetris.JPG
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\Tower Defence.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\toy cars.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\upgrade.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\virtual cop.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1403.cfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vmntoolbar_151.zip
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\war games.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\worm.jpg
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\hororank.xml
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp221765
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.bmp370625
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt182203
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt20886062
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt246781
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt44271140
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sinfo.txt449703
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\Yahoo.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\Program Files\VMNToolbar\VMNTOO~11.old
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\Program Files\AskPBar
Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\VMNToolbar
Supprime! - C:\DOCUME~1\nour\APPLIC~1\VMNToolbar
Supprime! - C:\DOCUME~1\SAYAHN~1\APPLIC~1\VMNToolbar
Supprime! - C:\DOCUME~1\Shogi\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(SAYAH NOUR) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(SAYAH NOUR) - {8e12f188-352c-4476-8198-e9b8f4a4353a} => blackjapanmax__45_5.69__45_fx
(SAYAH NOUR) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(SAYAH NOUR) - {8e12f188-352c-4476-8198-e9b8f4a4353a} => blackjapanmax-5.69-fx

(Shogi) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar
(Shogi) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Shogi) - {c36177c0-224a-11da-8cd6-0800200c9a66} => fasterfox

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\nour\Bureau\Flyff\SFX\sfx_sklassknuburstcrack01.sfx
C:\DOCUME~1\nour\Bureau\Flyff\Sound\PcSkillD-Burstcrack.wav

1 - "C:\ToolBar SD\TB_1.txt" - 04/12/2008|19:27 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/12/2008|20:08 - Option : [2]

-----------\\ Fin du rapport a 20:08:46,67

Répondre à Shogi

Bien.

Refais un scan ComboFix et poste le rapport.

Répondre à Destrio5

ComboFix 08-12-03.04 - nour 2008-12-04 20:18:11.2 - NTFSx86
Lancé depuis: c:\documents and settings\nour\Bureau\combat.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\nour\Application Data\urlredir.cfg

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-04 au 2008-12-04 ))))))))))))))))))))))))))))))))))))
.

2008-12-04 19:19 . 2008-12-04 20:08 <REP> d-------- C:\ToolBar SD
2008-12-04 17:59 . 2008-12-04 19:04 <REP> d-------- c:\program files\Navilog1
2008-12-04 17:48 . 2008-12-04 17:51 <REP> d-------- c:\program files\UsbFix
2008-12-04 16:58 . 2008-12-04 20:17 <REP> d-------- C:\ComboFix
2008-12-04 11:49 . 2008-12-04 11:49 <REP> d-------- c:\windows\ERUNT
2008-12-04 11:37 . 2008-12-04 11:45 <REP> d-------- c:\documents and settings\nour\Application Data\Tibia
2008-12-04 11:36 . 2008-12-04 11:36 <REP> d-------- c:\program files\Tibia
2008-12-03 21:11 . 2008-12-03 21:12 <REP> d-------- c:\documents and settings\nour\amsn
2008-12-03 21:10 . 2008-12-03 21:10 <REP> d-------- c:\program files\aMSN
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\documents and settings\nour\Application Data\Malwarebytes
2008-12-03 15:11 . 2008-12-03 15:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-03 15:11 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 15:11 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups_old1
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups_old
2008-12-03 14:54 . 2008-12-03 14:54 <REP> d-------- c:\documents and settings\nour\backups
2008-12-03 14:53 . 2008-12-03 14:53 <REP> d-------- c:\documents and settings\nour\backups_old2
2008-12-03 14:52 . 2008-12-03 14:52 <REP> d-------- c:\documents and settings\nour\backups_old3
2008-12-03 14:51 . 2008-12-03 14:51 <REP> d-------- c:\documents and settings\nour\backups_old4
2008-12-03 14:51 . 2008-12-03 14:51 <REP> d-------- c:\documents and settings\nour\backupreg
2008-12-03 14:51 . 2004-08-20 00:10 304,640 --a------ c:\documents and settings\nour\editreg.exe
2008-12-03 14:51 . 2004-08-20 00:09 111,104 --a------ c:\documents and settings\nour\rtsdnif.exe
2008-12-03 14:51 . 2004-02-12 18:54 93,184 --a------ c:\documents and settings\nour\attrib.exe
2008-12-03 14:51 . 2004-02-11 23:07 78,848 --a------ c:\documents and settings\nour\dnif.exe
2008-12-03 14:00 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2008-12-03 12:44 . 2008-12-03 12:44 <REP> d-------- c:\program files\Trend Micro
2008-12-02 19:41 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2008-12-02 19:40 . 2008-12-02 19:40 <REP> d-------- c:\program files\Panda Security
2008-12-02 17:03 . 2008-12-02 17:03 1,181,696 --a------ c:\windows\system32\Paris Hilton 1.scr
2008-12-02 17:03 . 2008-12-02 17:03 18,432 --a------ c:\windows\ss3unstl.exe
2008-11-29 19:22 . 2008-12-02 16:30 <REP> d-------- c:\program files\Metin2_France
2008-11-29 14:49 . 2008-06-20 14:33 32,256 --a------ c:\windows\system32\alading.dll
2008-11-28 20:27 . 2008-11-28 20:27 <REP> d-------- c:\program files\Xvid
2008-11-28 20:27 . 2008-04-27 10:33 765,952 --a------ c:\windows\system32\xvidcore.dll
2008-11-28 20:27 . 2008-04-27 10:35 180,224 --a------ c:\windows\system32\xvidvfw.dll
2008-11-28 20:26 . 2008-11-28 20:26 <REP> d-------- c:\program files\ZD Soft
2008-11-28 17:26 . 2008-11-28 17:26 677,376 --a------ c:\windows\system32\nsc1C5.dll
2008-11-27 21:48 . 2008-12-01 15:42 <REP> d-------- c:\documents and settings\nour\Incomplete
2008-11-27 21:47 . 2008-11-27 21:47 <REP> d-------- c:\program files\LimeWire
2008-11-27 21:47 . 2008-12-01 17:59 <REP> d-------- c:\documents and settings\nour\Application Data\LimeWire
2008-11-27 21:39 . 2008-11-27 21:39 <REP> d-------- c:\documents and settings\nour\Application Data\Creative
2008-11-27 21:38 . 2008-11-27 21:38 <REP> d-------- c:\documents and settings\nour\Application Data\Publish Providers
2008-11-27 21:37 . 2008-11-27 21:37 <REP> d-------- c:\documents and settings\nour\Application Data\Sony
2008-11-26 20:04 . 2008-11-26 20:04 <REP> d-------- c:\program files\Zattoo
2008-11-18 17:19 . 2008-11-25 10:49 <REP> d-------- C:\Endless Dream
2008-11-17 19:59 . 2008-11-17 19:59 96,093 --a------ c:\windows\system32\kfzgqmbmonflcl.dll-uninst.exe
2008-11-12 17:02 . 2008-11-28 21:43 <REP> d-------- c:\program files\Wakfu
2008-11-09 18:20 . 2008-11-09 18:20 <REP> d-------- c:\documents and settings\nour\Application Data\DivX
2008-11-08 14:14 . 2008-11-08 14:14 <REP> d-------- c:\documents and settings\nour\Application Data\DMV Technologies
2008-11-08 13:59 . 2008-11-08 13:59 <REP> d-------- c:\windows\MaxTV
2008-11-08 13:59 . 2008-11-08 13:59 <REP> d-------- c:\program files\DMV
2008-11-05 17:19 . 2008-11-05 17:19 <REP> d-------- c:\program files\SystemRequirementsLab

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-04 18:09 --------- d-----w c:\documents and settings\nour\Application Data\DMCache
2008-12-04 16:06 1,037,312 ----a-w c:\windows\explorer.exe
2008-12-04 10:51 1,068,690 ----a-w C:\Blizzard Updater.exe
2008-11-29 13:49 --------- d-----w c:\program files\alaplaya
2008-11-29 13:35 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 20:18 53,966 ----a-w c:\windows\system32\cont_dcads-remove.exe
2008-11-28 18:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-27 20:07 --------- d-----w c:\program files\CamStudio
2008-11-27 18:13 --------- d-----w c:\program files\lx_cats
2008-11-24 16:12 6,748 ----a-w c:\documents and settings\nour\Application Data\wklnhst.dat
2008-11-23 18:17 --------- d-----w c:\program files\Dofus
2008-11-20 15:25 --------- d-----w c:\program files\GPotato
2008-11-18 13:13 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-12 17:30 --------- d-----w c:\program files\Ruff-Rose
2008-11-12 17:28 --------- d-----w c:\program files\LRose
2008-11-12 17:26 --------- d-----w c:\program files\Outspark
2008-11-12 17:15 25,600 ----a-w c:\windows\system32\wcdrtc32.dll
2008-11-12 17:10 --------- d-----w c:\program files\America's Army
2008-11-12 16:34 --------- d-----w c:\program files\Speed Rose Onlinea
2008-11-12 16:33 --------- d-----w c:\program files\Valhalla-Destiny
2008-11-12 16:33 --------- d-----w c:\program files\LegendGunZ V1.2
2008-11-12 16:33 --------- d-----w c:\program files\Kantaris
2008-11-03 18:44 --------- d-----w c:\program files\DriftCity
2008-11-03 18:41 --------- d--h--w c:\documents and settings\nour\Application Data\ijjigame
2008-11-03 18:39 --------- d-----w c:\documents and settings\All Users\Application Data\IJJIGame
2008-11-03 17:12 --------- d-----w c:\documents and settings\nour\Application Data\.purple
2008-11-02 18:02 --------- d-----w c:\program files\iTunes
2008-11-02 18:02 --------- d-----w c:\program files\iPod
2008-11-02 18:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-02 18:01 --------- d-----w c:\documents and settings\nour\Application Data\Apple Computer
2008-11-02 18:00 --------- d-----w c:\program files\QuickTime
2008-11-02 18:00 --------- d-----w c:\program files\Bonjour
2008-11-02 17:59 --------- d-----w c:\program files\Fichiers communs\Apple
2008-11-02 17:57 --------- d-----w c:\program files\Apple Software Update
2008-11-02 17:56 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-11-01 18:51 --------- d-----w c:\documents and settings\nour\Application Data\vlc
2008-11-01 11:41 --------- d-----w c:\documents and settings\nour\Application Data\IDM
2008-10-31 17:04 --------- d-----w c:\program files\Pack Securite
2008-10-30 18:00 --------- d-----w c:\documents and settings\Shogi\Application Data\mIRC
2008-10-30 17:39 --------- d-----w c:\program files\mIRC
2008-10-30 17:06 --------- d-----w c:\documents and settings\Shogi\Application Data\DMCache
2008-10-30 13:58 --------- d-----w c:\documents and settings\All Users\Application Data\fssg
2008-10-30 12:18 --------- d-----w c:\program files\VS Revo Group
2008-10-28 13:44 --------- d-----w c:\documents and settings\All Users\Application Data\F-Secure
2008-10-27 16:35 --------- d-----w c:\program files\SFR
2008-10-27 16:35 --------- d-----w c:\program files\neuf telecom
2008-10-27 16:19 --------- d-----w c:\program files\Fichiers communs\Eltima Shared
2008-10-27 16:19 --------- d-----w c:\program files\Eltima Software
2008-10-27 16:19 --------- d-----w c:\documents and settings\Shogi\Application Data\Eltima Software
2008-10-26 18:17 --------- d-----w c:\program files\Fichiers communs\DVDVideoSoft
2008-10-26 14:50 --------- d-----w c:\program files\FlyForFuture
2008-10-22 14:29 --------- d-----w c:\program files\Windows Live
2008-10-22 14:28 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2008-10-22 14:26 --------- d-----w c:\program files\Microsoft
2008-10-22 14:19 --------- d-----w c:\program files\Fichiers communs\Windows Live
2008-10-22 14:13 --------- d-----w c:\documents and settings\Shogi\Application Data\.purple
2008-10-20 13:32 --------- d-----w c:\documents and settings\Shogi\Application Data\vlc
2008-10-20 12:38 401,510 ----a-w c:\windows\system32\xpcom_core.dll
2008-10-18 15:03 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-18 10:50 --------- d-----w c:\program files\Neuf
2008-10-18 10:27 --------- d-----w c:\program files\adslTV
2008-10-16 20:05 20,480 ----a-w c:\windows\system32\plc4.dll
2008-10-16 20:05 198,144 ----a-w c:\windows\system32\nspr4.dll
2008-10-16 20:05 17,920 ----a-w c:\windows\system32\xpcom.dll
2008-10-16 20:05 17,408 ----a-w c:\windows\system32\plds4.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 10:53 --------- d-----w c:\documents and settings\Shogi\Application Data\Yahoo!
2008-10-11 17:52 990 ----a-w c:\documents and settings\Shogi\Application Data\wklnhst.dat
2008-10-11 17:41 --------- d-----w c:\documents and settings\Shogi\Application Data\gtk-2.0
2008-10-11 15:46 --------- d-----w c:\program files\GAMENAO
2008-10-11 12:08 --------- d--h--w c:\documents and settings\Shogi\Application Data\ijjigame
2008-10-10 17:10 --------- d-----w c:\program files\Flyff
2008-10-04 17:53 360,320 ----a-w c:\windows\system32\drivers\TCPIP.SYS
2008-10-04 16:47 --------- d-----w c:\documents and settings\Administrateur\Application Data\DMCache
2008-10-04 16:28 --------- dc----w c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2008-10-04 16:24 --------- d-----w c:\program files\Counter-Strike 1.6
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-08 22:03 51,712 ----a-w c:\windows\system32\sirenacm.dll
2008-09-05 14:04 288,768 ----a-w c:\windows\WLXPGSS.SCR
2008-06-19 10:24 107,880 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\GDIPFONTCACHEV1.DAT
2008-06-12 14:25 107,880 ----a-w c:\documents and settings\nour\Application Data\GDIPFONTCACHEV1.DAT
2008-05-02 13:53 36,976 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\wklnhst.dat
2008-04-01 18:58 2,000 ----a-w c:\documents and settings\Administrateur\Application Data\wklnhst.dat
2008-02-28 17:32 22,328 ----a-w c:\documents and settings\Administrateur\Application Data\PnkBstrK.sys
2007-12-22 16:46 22,328 ----a-w c:\documents and settings\Shogi\Application Data\PnkBstrK.sys
2007-12-03 11:53 108,304 ----a-w c:\documents and settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2007-12-02 17:24 22,328 ----a-w c:\documents and settings\SAYAH NOUR\Application Data\PnkBstrK.sys
2006-02-25 19:12 251 ----a-w c:\program files\wt3d.ini
2004-12-17 22:44 1,221,312 ----a-w c:\documents and settings\Nouveau dossier (2)\Installer.exe
2001-03-28 10:02 122,880 ----a-w c:\windows\inf\Agfa\message.exe
2005-11-30 07:58 610,816 ----a-w c:\program files\mozilla firefox\plugins\MannequinPlayer.dll
2007-01-13 16:10 10,240 --sha-w c:\windows\rnapxs\rnapxs.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db8ba7b4-4b66-41f8-5722-e5d875944fd8}]
2008-11-28 17:26 677376 --a------ c:\windows\system32\nsc1C5.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-02-20 2667952]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-09-08 3582976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-02-23 3026944]
"LXCTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 106496]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 495616]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 359208]
"nwiz"="nwiz.exe" [2004-02-23 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2005-01-27 263776]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2004-06-30 95344]
"Symantec NetDriver Warning"="c:\progra~1\SYMNET~1\SNDWarn.exe" [2004-10-29 287864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"StartMS"="c:\program files\Creative\Shared Files\Media Sniffer\StartMS.EXE" [2003-03-26 57344]
"CMSRegOW.exe"="c:\program files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" [2003-06-16 57344]
"SRUUninstall"="c:\windows\system32\msiexec.exe" [2005-05-04 78848]
"SetDefaultMIDI"="MIDIDEF.EXE" [2003-06-21 c:\windows\MIDIDEF.EXE]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"MSACM.VOXACM118"= vdk32118.acm
"MSACM.NSX83"= nsx83p32.acm
"MSACM.NSPAC"= NSPAC32.ACM
"msacm.divxa32"= DivXa32.acm
"VIDC.SP54"= SP5X_32.DLL
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 359208 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-02-27 08:25 171448 c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
--a------ 2007-01-29 12:07 3718312 c:\program files\TomTom HOME\TomTomHOME.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\Slayers Online\\slayersonline.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe"=
"c:\\Program Files\\softnyx\\Rakion\\Bin\\Rakion.bin"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pack Securite\\backweb\\361343\\Program\\fspex.exe"=
"c:\\WINDOWS\\system32\\lxctcoms.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Documents and Settings\\SAYAH NOUR\\Bureau\\Public Release\\LegacyGamersFullClientUpdateV4.6Update2\\LegacyGamers.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\ijji\\ENGLISH\\u_gunz.exe"=
"c:\\ijji\\ENGLISH\\u_skid.exe"=
"c:\\Program Files\\DriftCity\\DriftCity.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\ijji\\ENGLISH\\u_gbound.exe"=
"c:\\ijji\\ENGLISH\\Gunbound Revolution\\GunBound.gme"=
"c:\\Program Files\\Trinity Entertainment\\Trinity GunZ\\Trinity.exe"=
"c:\\Program Files\\Zattoo\\Zattoo2.exe"=
"c:\\ijji\\ENGLISH\\u_sf.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\alaplaya\\S4League\\S4Client.exe"=
"c:\\Documents and Settings\\Shogi\\Bureau\\Tales_Runner_Client_us080814\\trgame.exe"=
"c:\\Program Files\\Softnyx\\Rakion-bdrs\\Bin\\rakion.bin"=
"c:\\Program Files\\Fichiers communs\\Adobe\\Calibration\\Adobe Gamma Loader.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe"=
"c:\\Flyff\\Neuz.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\UberIcon\\UberIcon Manager.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\Steam.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Pidgin\\pidgin.exe"=
"c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\lxctPSWX.EXE"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\RocketDock\\RocketDock.exe"=
"c:\\lunia\\LuniaClient.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\YzShadow\\YzShadow.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= c:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe
"c:\\Program Files\\CCleaner\\ccleaner.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\WINDOWS\\BricoPacks\\Vista Inspirat 2\\TransBar\\TransBar.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\nDoors\\Atlantica\\Atlantica.exe"=
"c:\\Program Files\\iTunes\\iTunesHelper.exe"=
"c:\\Program Files\\Internet Download Manager\\IEMonitor.exe"=
"c:\\Program Files\\QuickTime\\QTTask.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Program Files\\DMV\\MaxTV4\\core\\maxtv_xul.exe"=
"c:\\Program Files\\Microsoft Works\\WkDStore.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\DMV\\MaxTV4\\maxtv.exe"=
"c:\\Documents and Settings\\nour\\Bureau\\msgr9fr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\alaplaya\\launcher\\AlaplayaLauncher.exe"=
"c:\\Documents and Settings\\nour\\Mes documents\\Downloads\\Programs\\wowclient-downloader.exe"=
"c:\\Program Files\\Tibia\\Tibia.exe"=
"c:\\WINDOWS\\VFIND.exe"=
"c:\\WINDOWS\\system32\\CF5829.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9149:TCP"= 9149:TCP:BitComet 9149 TCP
"9149:UDP"= 9149:UDP:BitComet 9149 UDP
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"6901:TCP"= 6901:TCP:ro1
"6122:TCP"= 6122:TCP:ro2
"5122:TCP"= 5122:TCP:ro3
"5000:UDP"= 5000:UDPw
"5010:UDP"= 5010:UDPw2
"19998:TCP"= 19998:TCPw3
"21000:TCP"= 21000:TCPw4
"23404:TCP"= 23404:TCP:BitComet 23404 TCP
"23404:UDP"= 23404:UDP:BitComet 23404 UDP
"21925:TCP"= 21925:TCP:*isabled:SolidNetworkManager
"21925:UDP"= 21925:UDP:*isabled:SolidNetworkManager
"58292:TCP"= 58292:TCPando P2P TCP Listening Port
"58292:UDP"= 58292:UDPando P2P UDP Listening Port
.
Contenu du dossier 'Tâches planifiées'

2008-12-04 c:\windows\Tasks\AAA8AC9F918F2353.job
- c:\docume~1\amin\applic~1\planst~1\that proc data.exe []

2008-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-11-21 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\PACKSE~1\ANTI-V~1\fsav.exe [2005-05-24 15:42]

2008-12-04 c:\windows\Tasks\Windows Update.job
- c:\windows\system32\wupdmgr.exe [2004-02-11 22:01]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: &Bloquer cette fenêtre publicitaire - c:\program files\Pack Securite\Anti-Spyware\blockpopups.htm
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: &MSN Search - c:\program files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Shogi\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Shogi\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk -
Handler: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - c:\windows\system32\alading.dll

c:\windows\Downloaded Program Files\sysreqlab3.dll - O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E}
hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
c:\windows\Downloaded Program Files\SysReqLab3.osd

O16 -: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe

c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\ImageUploader3.ocx
O16 -: {92E7E45A-D8C8-480E-AF99-176E43997CAA}
hxxp://www.3suissesphotos.fr/Components/Upload/ImageUploader3.cab
c:\windows\Downloaded Program Files\ImageUploader3.inf

c:\windows\system32\comctl32.ocx - c:\windows\system32\msvbvm60.dll
c:\windows\system32\OLEAUT32.DLL
c:\windows\system32\OLEPRO32.DLL
c:\windows\system32\ASYCFILT.DLL
c:\windows\system32\STDOLE2.TLB
c:\windows\system32\COMCAT.DLL
c:\windows\system32\IVBExtractImageLib.tlb
c:\windows\system32\dbgwproc.dll
c:\windows\system32\ISHF_Ex.tlb
c:\windows\system32\JPegsize.dll
c:\windows\Downloaded Program Files\MCLPhoto.ocx
O16 -: {AD7A67A5-5461-4B6B-A9C5-09DD071527F5}
hxxp://auchan.fujifilmnet.com/MCLPhoto.CAB
c:\windows\Downloaded Program Files\MCLPhoto.INF

c:\windows\system32\msvcp60.dll - c:\windows\system32\atl.dll
c:\windows\Downloaded Program Files\AdVerifierADP.dll
c:\windows\Downloaded Program Files\AdSignerADP.dll
O16 -: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF}
hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
c:\windows\Downloaded Program Files\AdSignerADP.inf

c:\windows\Downloaded Program Files\iaplayer.dll - O16 -: {DB7BF79A-FC51-4B5A-92BC-A65731174380}
hxxp://www.instantaction.com/download/iaplayer.cab
c:\windows\Downloaded Program Files\cab.inf

O16 -: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
FireFox -: Profile - c:\documents and settings\nour\Application Data\Mozilla\Firefox\Profiles\o2t1tnz1.default\
FF -: plugin - c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF -: plugin - c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npGraalPlugin.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava11.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava12.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava131_18.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npoji600.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npredoute.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npssn.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\np32dsw.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npaudio.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npavi32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npbeatnk.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npcosmop.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npdrmv2.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npdsplay.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava11.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava12.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava131_18.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPJava32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nplau32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npnul32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nppdf32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\nppl3260.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin2.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin3.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin4.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin5.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin6.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npqtplugin7.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPSVGVw.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\NPSWF32.dll
FF -: plugin - c:\program files\Netscape\Communicator\Program\Plugins\npwmsdrm.dll
FF -: plugin - c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF -: plugin - c:\program files\Virtools\3D Life Player\npvirtools.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
FF -: plugin - c:\windows\system32\SolidStateNetworks\SolidStateION\npssn.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 20:24:49
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-12-04 20:48:37
ComboFix-quarantined-files.txt 2008-12-04 19:48:34
ComboFix2.txt 2008-12-04 16:30:43

Avant-CF: 36 402 294 784 octets libres
Après-CF: 36,421,115,904 octets libres

472 --- E O F --- 2008-10-28 22:09:43

Il était long c'ui là x)

Répondre à Shogi

Télécharge Lop S&D sur ton Bureau.
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
Patiente jusqu'à la fin du scan.
Poste le rapport généré (C:\lopR.txt).

Répondre à Destrio5

C'est très gentil de ta part de m'aider pendant tout ce temps ^^

Répondre à Shogi

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 04/12/2008|21:04 )

--------------------\\ Listing des dossiers dans APPLIC~1

[19/04/2008|14:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\.purple
[28/11/2007|12:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\5400 Series
[09/02/2008|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[04/01/2008|13:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[22/09/2004|16:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[03/04/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[24/12/2007|14:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[16/03/2008|19:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
[04/10/2008|17:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\DMCache
[28/03/2008|20:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Free Download Manager
[02/12/2007|12:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[28/11/2007|12:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[17/04/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[01/01/2004|08:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/04/2008|16:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\IDM
[01/12/2007|13:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\ijjigame
[11/03/2008|13:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/08/2008|12:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[19/03/2008|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\mIRC
[22/04/2008|16:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[18/12/2007|18:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Netscape
[24/12/2007|16:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Opera
[18/04/2008|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[16/03/2008|19:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Publish Providers
[06/04/2008|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[26/12/2007|10:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\River Past G5
[01/01/2004|11:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[22/09/2004|14:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[16/03/2008|19:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[30/01/2008|20:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[28/11/2007|12:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Teleca
[25/12/2007|23:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Winamp
[06/04/2008|14:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Xfire

[02/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[04/10/2008|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[23/03/2007|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\5400 Series
[13/05/2007|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/11/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/01/2008|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AutoClic
[20/08/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8(2)
[20/01/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/06/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[21/10/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[06/01/2005|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[10/08/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\data blue open mail
[11/10/2006|07:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[03/07/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
[13/05/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[29/11/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[28/10/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[30/10/2008|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[18/11/2007|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GeoVid
[24/01/2007|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/01/2004|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[03/11/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IJJIGame
[09/02/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[18/12/2004|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[03/12/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/10/2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/12/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
[01/01/2004|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[02/09/2005|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[24/09/2004|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[23/07/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS
[17/02/2006|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[28/03/2006|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[06/03/2005|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[22/09/2004|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[02/10/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Outspark
[13/10/2004|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/12/2007|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[01/01/2004|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[22/07/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[07/02/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[05/12/2006|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/02/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[28/11/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/02/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[08/12/2006|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[21/05/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[14/04/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/05/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[18/11/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[18/11/2007|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[04/05/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/01/2004|08:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|09:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|11:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|09:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[22/09/2004|18:42] C:\DOCUME~1\iman\APPLIC~1\Adobe
[22/09/2004|18:13] C:\DOCUME~1\iman\APPLIC~1\Apple Computer
[22/09/2004|20:57] C:\DOCUME~1\iman\APPLIC~1\HP
[01/01/2004|08:29] C:\DOCUME~1\iman\APPLIC~1\Identities
[02/12/2004|16:00] C:\DOCUME~1\iman\APPLIC~1\Lavasoft
[22/09/2004|20:52] C:\DOCUME~1\iman\APPLIC~1\Leadertech
[13/10/2004|14:58] C:\DOCUME~1\iman\APPLIC~1\Macromedia
[03/12/2008|17:00] C:\DOCUME~1\iman\APPLIC~1\Microsoft

[24/03/2007|07:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\5400 Series
[20/08/2008|12:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[29/12/2006|16:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

[20/08/2008|12:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/03/2005|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[01/12/2007|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

[03/11/2008|18:12] C:\DOCUME~1\nour\APPLIC~1\.purple
[21/12/2007|22:55] C:\DOCUME~1\nour\APPLIC~1\5400 Series
[17/11/2008|17:24] C:\DOCUME~1\nour\APPLIC~1\Adobe
[02/04/2008|09:57] C:\DOCUME~1\nour\APPLIC~1\AdobeUM
[02/11/2008|19:01] C:\DOCUME~1\nour\APPLIC~1\Apple Computer
[27/11/2008|21:39] C:\DOCUME~1\nour\APPLIC~1\Creative
[09/11/2008|18:20] C:\DOCUME~1\nour\APPLIC~1\DivX
[04/12/2008|19:09] C:\DOCUME~1\nour\APPLIC~1\DMCache
[08/11/2008|14:14] C:\DOCUME~1\nour\APPLIC~1\DMV Technologies
[14/05/2008|11:37] C:\DOCUME~1\nour\APPLIC~1\F-Secure
[08/07/2008|10:01] C:\DOCUME~1\nour\APPLIC~1\Google
[01/01/2004|08:29] C:\DOCUME~1\nour\APPLIC~1\Identities
[01/11/2008|12:41] C:\DOCUME~1\nour\APPLIC~1\IDM
[03/11/2008|19:41] C:\DOCUME~1\nour\APPLIC~1\ijjigame
[01/12/2008|17:59] C:\DOCUME~1\nour\APPLIC~1\LimeWire
[21/12/2007|22:57] C:\DOCUME~1\nour\APPLIC~1\Macromedia
[03/12/2008|15:11] C:\DOCUME~1\nour\APPLIC~1\Malwarebytes
[21/11/2008|14:23] C:\DOCUME~1\nour\APPLIC~1\Microsoft
[24/04/2008|10:43] C:\DOCUME~1\nour\APPLIC~1\Mozilla
[22/11/2008|13:59] C:\DOCUME~1\nour\APPLIC~1\Opera
[27/11/2008|21:38] C:\DOCUME~1\nour\APPLIC~1\Publish Providers
[02/04/2008|09:46] C:\DOCUME~1\nour\APPLIC~1\Real
[01/01/2004|11:16] C:\DOCUME~1\nour\APPLIC~1\SampleView
[21/12/2007|22:54] C:\DOCUME~1\nour\APPLIC~1\Sonic
[27/11/2008|21:37] C:\DOCUME~1\nour\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\nour\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\nour\APPLIC~1\Symantec
[21/12/2007|22:55] C:\DOCUME~1\nour\APPLIC~1\Teleca
[04/12/2008|11:45] C:\DOCUME~1\nour\APPLIC~1\Tibia
[01/11/2008|19:51] C:\DOCUME~1\nour\APPLIC~1\vlc

[18/12/2005|13:20] C:\DOCUME~1\SAYAHN~1\APPLIC~1\.ABC 3.01
[14/06/2006|14:39] C:\DOCUME~1\SAYAHN~1\APPLIC~1\.bittorrent
[23/03/2007|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\5400 Series
[13/05/2007|13:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Adobe
[09/06/2006|07:43] C:\DOCUME~1\SAYAHN~1\APPLIC~1\AdobeUM
[07/02/2007|09:12] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Apple Computer
[15/12/2005|19:21] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ArcSoft
[20/01/2008|12:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\AVS4YOU
[04/10/2007|17:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Azureus
[19/03/2008|22:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\BitTorrent DNA
[23/07/2005|09:54] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Common Files
[05/03/2005|11:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Creative
[10/08/2005|15:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Creative soap
[11/10/2007|18:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\DMCache
[05/12/2006|18:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Download Manager
[05/12/2006|18:45] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Droppix
[03/07/2007|22:20] C:\DOCUME~1\SAYAHN~1\APPLIC~1\EBP
[02/09/2006|10:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\F-Secure
[04/03/2007|20:02] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Google
[09/12/2004|13:07] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Help
[05/12/2006|18:45] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Hewlett-Packard
[19/01/2005|20:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\HP
[14/08/2006|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Identities
[11/10/2007|18:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\IDM
[03/04/2008|22:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ijjigame
[08/12/2006|21:26] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InstallShield
[06/01/2005|13:28] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InterTrust
[13/11/2004|13:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InterVideo
[02/05/2006|18:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Irth
[01/10/2007|15:31] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Joost
[29/11/2004|19:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Lavasoft
[19/01/2005|19:57] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Leadertech
[08/02/2005|19:55] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Macromedia
[01/05/2006|16:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Media Player Classic
[20/08/2008|12:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Microsoft
[02/12/2004|09:02] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Motive
[02/05/2008|08:58] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Mozilla
[27/12/2005|15:26] C:\DOCUME~1\SAYAHN~1\APPLIC~1\MSN6
[24/08/2007|16:28] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Netscape
[28/03/2006|08:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\OD2
[02/11/2007|10:30] C:\DOCUME~1\SAYAHN~1\APPLIC~1\OpenOffice.org2
[05/12/2006|18:37] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Opera
[22/09/2004|21:51] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Otto
[02/09/2006|08:35] C:\DOCUME~1\SAYAHN~1\APPLIC~1\PEX
[20/01/2008|11:58] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Real
[27/07/2005|09:08] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Registry Cleaner
[01/01/2004|11:16] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SampleView
[09/07/2007|19:29] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SecondLife
[02/05/2008|15:29] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Shareaza
[19/01/2005|19:57] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Sonic
[01/01/2004|09:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Symantec
[21/10/2007|16:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SystemRequirementsLab
[26/03/2005|14:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Talkback
[01/11/2007|14:11] C:\DOCUME~1\SAYAHN~1\APPLIC~1\teamspeak2
[07/02/2007|09:48] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Teleca
[19/11/2004|21:25] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ubi.com
[11/12/2006|10:27] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Ulead Systems
[08/10/2006|16:36] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Visicom Media
[18/11/2007|11:08] C:\DOCUME~1\SAYAHN~1\APPLIC~1\VisiPPT
[17/11/2007|20:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Weflirt
[31/10/2007|16:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\WinRAR
[01/02/2007|19:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Yahoo!
[14/08/2006|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Zylom

[13/08/2008|19:52] C:\DOCUME~1\Shogi\APPLIC~1\.bittorrent
[22/10/2008|15:13] C:\DOCUME~1\Shogi\APPLIC~1\.purple
[19/12/2007|18:48] C:\DOCUME~1\Shogi\APPLIC~1\5400 Series
[30/07/2008|11:47] C:\DOCUME~1\Shogi\APPLIC~1\Adobe
[04/05/2008|14:57] C:\DOCUME~1\Shogi\APPLIC~1\AdobeUM
[28/07/2008|20:04] C:\DOCUME~1\Shogi\APPLIC~1\AVS4YOU
[13/09/2008|12:17] C:\DOCUME~1\Shogi\APPLIC~1\CamfrogWEB
[25/04/2008|17:07] C:\DOCUME~1\Shogi\APPLIC~1\Creative
[22/07/2008|12:54] C:\DOCUME~1\Shogi\APPLIC~1\DivX
[30/10/2008|18:06] C:\DOCUME~1\Shogi\APPLIC~1\DMCache
[13/09/2008|19:10] C:\DOCUME~1\Shogi\APPLIC~1\DNA
[27/10/2008|17:19] C:\DOCUME~1\Shogi\APPLIC~1\Eltima Software
[15/09/2008|13:04] C:\DOCUME~1\Shogi\APPLIC~1\Free Download Manager
[25/04/2008|16:24] C:\DOCUME~1\Shogi\APPLIC~1\F-Secure
[25/08/2008|17:23] C:\DOCUME~1\Shogi\APPLIC~1\GarageGames
[21/09/2008|13:32] C:\DOCUME~1\Shogi\APPLIC~1\GetRightToGo
[31/07/2008|15:27] C:\DOCUME~1\Shogi\APPLIC~1\Google
[11/10/2008|18:41] C:\DOCUME~1\Shogi\APPLIC~1\gtk-2.0
[01/01/2004|08:29] C:\DOCUME~1\Shogi\APPLIC~1\Identities
[30/07/2008|11:50] C:\DOCUME~1\Shogi\APPLIC~1\IDM
[11/10/2008|13:08] C:\DOCUME~1\Shogi\APPLIC~1\ijjigame
[26/04/2008|11:34] C:\DOCUME~1\Shogi\APPLIC~1\IMVU
[30/07/2008|10:40] C:\DOCUME~1\Shogi\APPLIC~1\InstallShield
[21/05/2008|13:43] C:\DOCUME~1\Shogi\APPLIC~1\kantaris
[04/05/2008|16:50] C:\DOCUME~1\Shogi\APPLIC~1\Macromedia
[21/07/2008|21:00] C:\DOCUME~1\Shogi\APPLIC~1\MeuhMeuhTV
[20/08/2008|12:46] C:\DOCUME~1\Shogi\APPLIC~1\Microsoft
[30/10/2008|19:00] C:\DOCUME~1\Shogi\APPLIC~1\mIRC
[24/04/2008|15:13] C:\DOCUME~1\Shogi\APPLIC~1\Mozilla
[27/08/2008|13:30] C:\DOCUME~1\Shogi\APPLIC~1\Nexon
[29/06/2008|19:39] C:\DOCUME~1\Shogi\APPLIC~1\NPLUTO Corporation
[30/07/2008|16:54] C:\DOCUME~1\Shogi\APPLIC~1\Opera
[22/07/2008|13:53] C:\DOCUME~1\Shogi\APPLIC~1\Publish Providers
[19/12/2007|18:47] C:\DOCUME~1\Shogi\APPLIC~1\Real
[01/01/2004|11:16] C:\DOCUME~1\Shogi\APPLIC~1\SampleView
[19/12/2007|18:47] C:\DOCUME~1\Shogi\APPLIC~1\Sonic
[22/07/2008|13:53] C:\DOCUME~1\Shogi\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\Shogi\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\Shogi\APPLIC~1\Symantec
[19/12/2007|18:48] C:\DOCUME~1\Shogi\APPLIC~1\Teleca
[20/10/2008|14:32] C:\DOCUME~1\Shogi\APPLIC~1\vlc
[15/10/2008|11:53] C:\DOCUME~1\Shogi\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/12/2008 17:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/11/2008 15:00][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[04/12/2008 21:00][--ah-----] C:\WINDOWS\tasks\AAA8AC9F918F2353.job
[04/12/2008 19:03][--a------] C:\WINDOWS\tasks\Windows Update.job
[13/02/2004 02:15][-rah-----] C:\WINDOWS\tasks\desktop.ini
[04/12/2008 20:48][--ah-----] C:\WINDOWS\tasks\SA.DAT

( AAA8AC9F918F2353.job )=( c:\docume~1\amin\applic~1\planst~1\thatprocdata.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[06/01/2008|17:09] C:\Program Files\3000AD
[13/05/2007|12:17] C:\Program Files\Adobe
[18/10/2008|11:27] C:\Program Files\adslTV
[30/12/2006|16:04] C:\Program Files\Agenda Etam
[13/10/2004|16:16] C:\Program Files\Agfa
[28/07/2008|19:57] C:\Program Files\AimOne_AlltoMP3
[29/11/2008|14:49] C:\Program Files\alaplaya
[28/11/2004|13:25] C:\Program Files\Alwil Software
[12/11/2008|18:10] C:\Program Files\America's Army
[03/12/2008|21:10] C:\Program Files\aMSN
[03/04/2008|22:07] C:\Program Files\Angels Online
[02/11/2008|18:57] C:\Program Files\Apple Software Update
[21/12/2007|23:10] C:\Program Files\Archos MP4SP
[15/12/2005|19:17] C:\Program Files\ArcSoft
[30/01/2008|17:24] C:\Program Files\AutoClic
[20/08/2008|13:10] C:\Program Files\AVG(2)
[19/01/2008|18:28] C:\Program Files\AviSynth 2.5
[28/07/2008|20:03] C:\Program Files\AVS4YOU
[03/04/2008|22:09] C:\Program Files\Azureus
[05/12/2006|18:46] C:\Program Files\Bioforma-CDF
[09/08/2008|13:08] C:\Program Files\BitComet
[17/11/2007|20:48] C:\Program Files\BKEDV
[02/11/2008|19:00] C:\Program Files\Bonjour
[03/04/2008|22:10] C:\Program Files\BOTS
[23/07/2007|16:27] C:\Program Files\Business-in-a-Box
[24/10/2004|21:08] C:\Program Files\Caere
[27/11/2008|21:07] C:\Program Files\CamStudio
[17/11/2007|21:56] C:\Program Files\CCleaner
[05/05/2006|11:14] C:\Program Files\CCP
[04/02/2006|20:04] C:\Program Files\CEDP Stealer 4.0
[18/05/2008|12:59] C:\Program Files\CenterLock
[13/09/2008|12:03] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[17/11/2007|20:36] C:\Program Files\CleanMyPC
[07/04/2007|07:57] C:\Program Files\Code de la route
[24/01/2008|12:04] C:\Program Files\Common Files
[01/01/2004|08:25] C:\Program Files\ComPlus Applications
[04/10/2008|17:24] C:\Program Files\Counter-Strike 1.6
[06/01/2005|20:50] C:\Program Files\Creative
[27/02/2005|09:36] C:\Program Files\directx
[07/02/2007|07:57] C:\Program Files\Disc2Phone
[01/08/2008|12:46] C:\Program Files\DivX
[08/11/2008|13:59] C:\Program Files\DMV
[13/09/2008|13:36] C:\Program Files\DNA
[23/11/2008|19:17] C:\Program Files\Dofus
[03/04/2008|22:24] C:\Program Files\Dofus-Arena beta 2
[27/04/2006|08:17] C:\Program Files\DOSBox-0.65
[03/11/2008|19:44] C:\Program Files\DriftCity
[11/05/2008|12:41] C:\Program Files\Driver Sweeper
[28/07/2008|21:06] C:\Program Files\DVDVideoSoft
[31/03/2006|16:21] C:\Program Files\Easy Internet signup
[16/12/2006|21:34] C:\Program Files\eBay
[03/07/2007|15:47] C:\Program Files\EBP
[27/10/2008|17:19] C:\Program Files\Eltima Software
[03/04/2008|22:25] C:\Program Files\eMule
[18/01/2005|20:46] C:\Program Files\Encyclopédie Médicale Française
[14/01/2005|14:40] C:\Program Files\EZFace
[18/12/2004|20:42] C:\Program Files\Family Games
[04/12/2008|20:22] C:\Program Files\Fichiers communs
[06/04/2008|11:43] C:\Program Files\Flash Movie Player
[06/04/2008|11:50] C:\Program Files\Flash2X
[02/05/2008|15:22] C:\Program Files\FlashGet
[06/04/2008|11:37] C:\Program Files\FLV Player
[10/10/2008|18:10] C:\Program Files\Flyff
[26/10/2008|15:50] C:\Program Files\FlyForFuture
[23/08/2008|15:31] C:\Program Files\FP
[10/09/2008|14:54] C:\Program Files\Free Download Manager
[05/10/2004|10:24] C:\Program Files\Friendly Technologies
[28/05/2006|18:56] C:\Program Files\Fujifilm
[05/12/2006|18:44] C:\Program Files\GalaNet
[11/10/2008|16:46] C:\Program Files\GAMENAO
[24/05/2008|18:50] C:\Program Files\GOA
[08/07/2008|10:00] C:\Program Files\Google
[03/01/2008|21:47] C:\Program Files\Google Video
[20/11/2008|16:25] C:\Program Files\GPotato
[06/09/2008|17:39] C:\Program Files\Gpotato.eu
[29/03/2008|15:15] C:\Program Files\Graal
[15/07/2008|15:20] C:\Program Files\Heartbreak Strip Poker - Gold Edition
[02/08/2005|09:56] C:\Program Files\Hewlett-Packard
[02/08/2005|09:56] C:\Program Files\HP
[01/01/2004|11:03] C:\Program Files\HP Media Center Help
[28/07/2008|16:57] C:\Program Files\HyCam2
[26/04/2008|11:31] C:\Program Files\IMVU
[29/11/2008|14:35] C:\Program Files\InstallShield Installation Information
[14/05/2008|16:07] C:\Program Files\Internet Download Manager
[16/10/2008|21:18] C:\Program Files\Internet Explorer
[22/09/2004|14:05] C:\Program Files\InterVideo
[02/11/2008|19:02] C:\Program Files\iPod
[02/11/2008|19:02] C:\Program Files\iTunes
[22/12/2007|18:58] C:\Program Files\Java
[08/04/2006|13:59] C:\Program Files\JavaSoft
[12/11/2008|17:33] C:\Program Files\Kantaris
[05/10/2004|10:21] C:\Program Files\Kit ADSL
[03/04/2008|22:49] C:\Program Files\Labtec
[12/11/2008|17:33] C:\Program Files\LegendGunZ V1.2
[23/03/2007|13:35] C:\Program Files\Lexmark 5400 Series
[23/03/2007|13:21] C:\Program Files\Lexmark Toolbar
[27/11/2008|21:47] C:\Program Files\LimeWire
[12/11/2008|18:28] C:\Program Files\LRose
[29/03/2008|11:29] C:\Program Files\LucasArts
[27/11/2008|19:13] C:\Program Files\lx_cats
[14/05/2007|15:52] C:\Program Files\MAIET
[03/12/2008|15:11] C:\Program Files\Malwarebytes' Anti-Malware
[23/07/2008|11:44] C:\Program Files\Maxis
[24/08/2007|16:32] C:\Program Files\Meetstream
[26/03/2005|14:50] C:\Program Files\Mercora
[20/09/2008|18:16] C:\Program Files\Messenger
[20/11/2007|20:48] C:\Program Files\Messenger Plus! 3
[23/12/2007|20:24] C:\Program Files\Messenger Plus! Live
[20/11/2007|20:47] C:\Program Files\MessengerPlus! 3
[02/12/2008|16:30] C:\Program Files\Metin2_France
[21/07/2008|21:00] C:\Program Files\MeuhMeuhTV Alpha
[15/01/2007|19:24] C:\Program Files\Micro Application
[13/01/2005|17:02] C:\Program Files\MicroProse Software
[22/10/2008|15:26] C:\Program Files\Microsoft
[22/09/2004|18:25] C:\Program Files\Microsoft AutoRoute
[23/10/2005|11:11] C:\Program Files\Microsoft Baseline Security Analyzer
[04/12/2007|00:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24/09/2004|17:20] C:\Program Files\Microsoft Encarta
[19/10/2004|17:35] C:\Program Files\microsoft frontpage
[22/09/2004|18:24] C:\Program Files\Microsoft Money
[23/11/2007|19:16] C:\Program Files\Microsoft Office
[05/05/2007|19:01] C:\Program Files\Microsoft Picture It! 9
[18/10/2008|16:03] C:\Program Files\Microsoft Silverlight
[22/10/2008|15:28] C:\Program Files\Microsoft SQL Server Compact Edition
[05/12/2006|18:46] C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[22/09/2004|18:20] C:\Program Files\Microsoft Works
[22/09/2004|18:08] C:\Program Files\Microsoft Works Suite 2004
[19/10/2004|17:44] C:\Program Files\Microsoft.NET
[30/10/2008|18:39] C:\Program Files\mIRC
[05/10/2004|10:22] C:\Program Files\ModemAdsl
[06/04/2008|11:49] C:\Program Files\Mohsoft
[22/07/2008|13:04] C:\Program Files\Movie Maker
[04/12/2008|20:49] C:\Program Files\Mozilla Firefox
[07/05/2008|17:56] C:\Program Files\Mozilla Firefox 3 Beta 5
[09/04/2007|10:06] C:\Program Files\MSBuild
[23/11/2007|19:16] C:\Program Files\MSECache
[29/09/2005|11:22] C:\Program Files\MSN
[01/01/2004|08:24] C:\Program Files\MSN Gaming Zone
[13/07/2008|10:37] C:\Program Files\MSN Messenger
[02/09/2005|19:34] C:\Program Files\MSN Toolbar Suite
[05/12/2006|18:49] C:\Program Files\MSXML 4.0
[15/08/2007|10:15] C:\Program Files\MSXML 6.0
[25/03/2006|20:32] C:\Program Files\Music Manager
[23/02/2007|13:16] C:\Program Files\Musicmatch
[04/12/2008|19:04] C:\Program Files\Navilog1
[13/08/2008|19:32] C:\Program Files\NetEase
[08/01/2006|11:24] C:\Program Files\NetMeeting
[24/08/2007|16:27] C:\Program Files\Netscape
[18/10/2008|11:50] C:\Program Files\Neuf
[04/08/2006|16:40] C:\Program Files\neuf Talk
[27/10/2008|17:35] C:\Program Files\neuf telecom
[24/07/2008|14:00] C:\Program Files\NEXON
[08/05/2006|15:24] C:\Program Files\NimoCodec Pack
[05/12/2006|18:40] C:\Program Files\Norton AntiVirus
[05/12/2006|18:40] C:\Program Files\Norton AntiVirus(2)
[04/10/2007|18:21] C:\Program Files\NudgeMania
[10/03/2005|19:13] C:\Program Files\OfficeUpdate11
[23/09/2004|08:04] C:\Program Files\OLYMPUS
[21/07/2008|18:31] C:\Program Files\Online TV & Radio Stations
[10/08/2007|14:54] C:\Program Files\OpenOffice.org 2.1
[02/11/2007|12:14] C:\Program Files\OpenOffice.org 2.3
[24/08/2007|16:27] C:\Program Files\Opera
[05/12/2006|18:39] C:\Program Files\Opera(2)
[21/04/2005|07:54] C:\Program Files\ORB Networks
[03/04/2008|22:24] C:\Program Files\Ororea
[19/05/2008|11:14] C:\Program Files\Outlook Express
[12/11/2008|18:26] C:\Program Files\Outspark
[31/10/2008|18:04] C:\Program Files\Pack Securite
[02/12/2008|19:40] C:\Program Files\Panda Security
[14/05/2007|11:38] C:\Program Files\Patch Kingdom of Heaven
[30/01/2008|17:20] C:\Program Files\Perfect Macro Recorder
[21/09/2008|14:30] C:\Program Files\Perfect World International
[18/01/2005|21:18] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
[19/05/2005|11:09] C:\Program Files\Photo Station
[12/11/2005|08:31] C:\Program Files\PhotoFiltre
[04/11/2007|22:05] C:\Program Files\PhotoFiltre Studio
[08/04/2008|11:21] C:\Program Files\Pidgin
[18/05/2007|16:32] C:\Program Files\Project64 1.6
[02/11/2008|19:00] C:\Program Files\QuickTime
[09/04/2007|10:01] C:\Program Files\Reference Assemblies
[08/03/2006|16:43] C:\Program Files\Reflex English
[17/11/2007|21:53] C:\Program Files\RegCleaner
[19/01/2008|18:28] C:\Program Files\Ripp-it_AM
[26/12/2007|10:20] C:\Program Files\River Past
[07/02/2007|17:34] C:\Program Files\Rockstar Games
[14/09/2008|16:08] C:\Program Files\ROSE Online Evolution
[12/11/2008|18:30] C:\Program Files\Ruff-Rose
[28/03/2005|16:34] C:\Program Files\SCi
[01/01/2004|11:10] C:\Program Files\Services en ligne
[27/10/2008|17:35] C:\Program Files\SFR
[02/05/2008|15:29] C:\Program Files\Shareaza
[09/03/2008|12:55] C:\Program Files\Sierra
[01/10/2008|14:12] C:\Program Files\Slayers Online
[11/06/2007|11:47] C:\Program Files\SlySoft
[27/02/2008|23:35] C:\Program Files\SnailWeb
[29/08/2008|16:17] C:\Program Files\Softnyx
[11/08/2008|12:20] C:\Program Files\Sol Edit
[22/07/2008|13:28] C:\Program Files\Sony
[07/02/2007|09:25] C:\Program Files\Sony Ericsson
[22/07/2008|13:27] C:\Program Files\Sony Setup
[12/11/2008|17:34] C:\Program Files\Speed Rose Onlinea
[05/12/2006|18:40] C:\Program Files\Symantec
[05/12/2006|18:40] C:\Program Files\SymNetDrv
[05/11/2008|17:19] C:\Program Files\SystemRequirementsLab
[30/01/2008|20:28] C:\Program Files\Teamspeak2_RC2
[24/05/2008|13:39] C:\Program Files\The KMPlayer
[23/02/2007|12:34] C:\Program Files\Thomson
[04/12/2008|11:36] C:\Program Files\Tibia
[05/12/2006|18:46] C:\Program Files\Tiscali Games
[08/12/2006|21:37] C:\Program Files\TomTom DesktopSuite
[01/02/2007|19:34] C:\Program Files\TomTom HOME
[03/12/2008|12:44] C:\Program Files\Trend Micro
[02/05/2008|15:24] C:\Program Files\Trillian
[16/07/2008|19:08] C:\Program Files\Trinity Entertainment
[08/12/2006|23:19] C:\Program Files\Trust
[08/12/2006|23:24] C:\Program Files\Ulead Systems
[05/12/2006|18:45] C:\Program Files\UltraVNC
[13/11/2004|11:16] C:\Program Files\Uninstall Information
[04/12/2008|17:51] C:\Program Files\UsbFix
[12/11/2008|17:33] C:\Program Files\Valhalla-Destiny
[09/02/2008|17:40] C:\Program Files\Veoh Networks
[05/12/2007|19:51] C:\Program Files\Vg
[18/05/2008|16:47] C:\Program Files\VideoLAN
[08/05/2005|13:23] C:\Program Files\Viewpoint
[07/07/2008|17:05] C:\Program Files\Virtools
[28/07/2008|19:58] C:\Program Files\VirtualDubMOD
[05/12/2006|18:45] C:\Program Files\Visicom Media
[18/11/2007|11:06] C:\Program Files\VisiFly
[30/10/2008|13:18] C:\Program Files\VS Revo Group
[22/07/2008|13:28] C:\Program Files\Vstplugins
[28/11/2008|21:43] C:\Program Files\Wakfu
[02/05/2008|15:27] C:\Program Files\WarRock
[30/08/2006|15:54] C:\Program Files\Webzen
[29/03/2008|15:13] C:\Program Files\WellGet
[21/05/2008|14:05] C:\Program Files\Winamp Toolbar
[22/10/2008|15:29] C:\Program Files\Windows Live
[03/06/2008|16:39] C:\Program Files\Windows Media Player
[23/10/2004|18:33] C:\Program Files\Windows NT
[26/08/2008|09:07] C:\Program Files\WindowsUpdate
[14/09/2008|17:52] C:\Program Files\WindSlayer
[08/06/2006|11:57] C:\Program Files\WinRAR
[10/12/2004|17:46] C:\Program Files\Wizet
[01/01/2004|08:30] C:\Program Files\xerox
[28/11/2008|20:27] C:\Program Files\Xvid
[17/11/2007|21:56] C:\Program Files\Yahoo!
[28/09/2008|10:37] C:\Program Files\YouTube Downloader
[26/11/2008|20:04] C:\Program Files\Zattoo
[28/11/2008|20:26] C:\Program Files\ZD Soft
[06/04/2008|11:51] C:\Program Files\zeraha.org
[13/08/2008|11:27] C:\Program Files\Zoomby

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[13/05/2007|12:14] C:\Program Files\Fichiers communs\Adobe
[02/11/2008|18:59] C:\Program Files\Fichiers communs\Apple
[28/07/2008|20:03] C:\Program Files\Fichiers communs\AVSMedia
[02/05/2008|17:36] C:\Program Files\Fichiers communs\Blizzard Entertainment
[24/10/2004|21:09] C:\Program Files\Fichiers communs\Caere
[21/10/2007|18:59] C:\Program Files\Fichiers communs\Ciel
[22/09/2004|18:19] C:\Program Files\Fichiers communs\Designer
[02/10/2007|17:01] C:\Program Files\Fichiers communs\DirectX
[26/10/2008|19:17] C:\Program Files\Fichiers communs\DVDVideoSoft
[03/07/2007|15:47] C:\Program Files\Fichiers communs\EBP
[27/10/2008|17:19] C:\Program Files\Fichiers communs\Eltima Shared
[03/04/2008|22:26] C:\Program Files\Fichiers communs\FotoWire
[18/11/2007|11:06] C:\Program Files\Fichiers communs\GeoVid
[05/03/2006|19:58] C:\Program Files\Fichiers communs\GraphBoard 2.00
[28/12/2007|11:58] C:\Program Files\Fichiers communs\GTK
[01/01/2004|09:46] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|09:47] C:\Program Files\Fichiers communs\HP
[09/02/2007|15:41] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|09:09] C:\Program Files\Fichiers communs\Java
[05/12/2006|18:45] C:\Program Files\Fichiers communs\LightScribe
[27/02/2005|09:35] C:\Program Files\Fichiers communs\Logitech
[13/05/2007|11:58] C:\Program Files\Fichiers communs\Macrovision Shared
[22/10/2008|15:25] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|10:44] C:\Program Files\Fichiers communs\Microsoft Visual J# .NET Setup
[08/05/2005|13:22] C:\Program Files\Fichiers communs\mozilla.org
[01/01/2004|08:27] C:\Program Files\Fichiers communs\MSSoap
[20/06/2006|11:41] C:\Program Files\Fichiers communs\Oberon Media
[01/01/2004|08:21] C:\Program Files\Fichiers communs\ODBC
[19/11/2004|21:25] C:\Program Files\Fichiers communs\PocketSoft
[02/05/2008|15:32] C:\Program Files\Fichiers communs\Real
[26/12/2007|10:20] C:\Program Files\Fichiers communs\River Past
[28/08/2007|15:17] C:\Program Files\Fichiers communs\Scanner
[07/08/2004|03:03] C:\Program Files\Fichiers communs\Services
[05/12/2006|18:41] C:\Program Files\Fichiers communs\sndp202
[29/07/2006|17:55] C:\Program Files\Fichiers communs\snpstd
[22/09/2004|14:05] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|08:21] C:\Program Files\Fichiers communs\SpeechEngines
[05/12/2006|18:53] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|18:16] C:\Program Files\Fichiers communs\System
[07/02/2007|09:47] C:\Program Files\Fichiers communs\Teleca Shared
[24/08/2007|17:36] C:\Program Files\Fichiers communs\Totem Shared
[08/12/2006|23:24] C:\Program Files\Fichiers communs\Ulead Systems
[02/07/2006|12:03] C:\Program Files\Fichiers communs\Vbox
[22/10/2008|15:19] C:\Program Files\Fichiers communs\Windows Live
[02/12/2007|22:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 36 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\WINDOWS\Tasks\AAA8AC9F918F2353.job

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 21:05:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\nour\Bureau\Flyff\SFX\sfx_sklassknuburstcrack01.sfx
C:\DOCUME~1\nour\Bureau\Flyff\Sound\PcSkillD-Burstcrack.wav

[F:4][D:1]-> C:\DOCUME~1\nour\LOCALS~1\Temp
[F:6][D:0]-> C:\DOCUME~1\nour\Cookies
[F:4][D:1]-> C:\DOCUME~1\nour\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/12/2008|21:07 - Option : [1]

--------------------\\ Fin du rapport a 21:07:26

Répondre à Shogi

Relance Lop S&D.
Choisis cette fois-ci l'option 2 (Suppression).
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Répondre à Destrio5

Je ne sais pas si je l'ai déjà dit mais j'ai un problème avec mon gestionnaire des tâches ' désactivé par mon administrateur ' ( sûrement le virus en question qui me joue des tours )

Répondre à Shogi

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 04/12/2008|21:17 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\AAA8AC9F918F2353.job

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\Program Files\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[19/04/2008|14:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\.purple
[28/11/2007|12:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\5400 Series
[09/02/2008|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[04/01/2008|13:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[22/09/2004|16:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[03/04/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[24/12/2007|14:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[16/03/2008|19:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
[04/10/2008|17:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\DMCache
[28/03/2008|20:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Free Download Manager
[02/12/2007|12:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[28/11/2007|12:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[17/04/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[01/01/2004|08:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/04/2008|16:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\IDM
[01/12/2007|13:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\ijjigame
[11/03/2008|13:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[20/08/2008|12:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[19/03/2008|20:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\mIRC
[22/04/2008|16:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[18/12/2007|18:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Netscape
[24/12/2007|16:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Opera
[18/04/2008|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[16/03/2008|19:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Publish Providers
[06/04/2008|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[26/12/2007|10:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\River Past G5
[01/01/2004|11:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
[22/09/2004|14:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
[16/03/2008|19:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[30/01/2008|20:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[28/11/2007|12:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Teleca
[25/12/2007|23:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Winamp
[06/04/2008|14:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Xfire

[02/11/2008|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[04/10/2008|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
[23/03/2007|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\5400 Series
[13/05/2007|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/11/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/01/2008|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AutoClic
[20/08/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8(2)
[20/01/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[11/06/2007|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[21/10/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[06/01/2005|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[10/08/2005|06:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\data blue open mail
[11/10/2006|07:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[03/07/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
[13/05/2007|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[29/11/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[28/10/2008|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[30/10/2008|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[18/11/2007|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GeoVid
[24/01/2007|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/01/2004|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[03/11/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IJJIGame
[09/02/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[18/12/2004|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[03/12/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/10/2005|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/10/2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/12/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Corporation
[01/01/2004|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[02/09/2005|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar
[24/09/2004|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[23/07/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS
[17/02/2006|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[28/03/2006|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[06/03/2005|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[22/09/2004|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[02/10/2007|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Outspark
[13/10/2004|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/12/2007|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[01/01/2004|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[22/07/2008|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[07/02/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[05/12/2006|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[07/02/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[28/11/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/02/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[08/12/2006|23:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[21/05/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar
[14/04/2006|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[19/05/2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[18/11/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[18/11/2007|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[04/05/2008|16:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/01/2004|08:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2004|09:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2004|11:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[01/01/2004|09:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[22/09/2004|18:42] C:\DOCUME~1\iman\APPLIC~1\Adobe
[22/09/2004|18:13] C:\DOCUME~1\iman\APPLIC~1\Apple Computer
[22/09/2004|20:57] C:\DOCUME~1\iman\APPLIC~1\HP
[01/01/2004|08:29] C:\DOCUME~1\iman\APPLIC~1\Identities
[02/12/2004|16:00] C:\DOCUME~1\iman\APPLIC~1\Lavasoft
[22/09/2004|20:52] C:\DOCUME~1\iman\APPLIC~1\Leadertech
[13/10/2004|14:58] C:\DOCUME~1\iman\APPLIC~1\Macromedia
[03/12/2008|17:00] C:\DOCUME~1\iman\APPLIC~1\Microsoft

[24/03/2007|07:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\5400 Series
[20/08/2008|12:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[29/12/2006|16:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

[20/08/2008|12:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[07/03/2005|16:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[01/12/2007|19:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

[03/11/2008|18:12] C:\DOCUME~1\nour\APPLIC~1\.purple
[21/12/2007|22:55] C:\DOCUME~1\nour\APPLIC~1\5400 Series
[17/11/2008|17:24] C:\DOCUME~1\nour\APPLIC~1\Adobe
[02/04/2008|09:57] C:\DOCUME~1\nour\APPLIC~1\AdobeUM
[02/11/2008|19:01] C:\DOCUME~1\nour\APPLIC~1\Apple Computer
[27/11/2008|21:39] C:\DOCUME~1\nour\APPLIC~1\Creative
[09/11/2008|18:20] C:\DOCUME~1\nour\APPLIC~1\DivX
[04/12/2008|19:09] C:\DOCUME~1\nour\APPLIC~1\DMCache
[08/11/2008|14:14] C:\DOCUME~1\nour\APPLIC~1\DMV Technologies
[14/05/2008|11:37] C:\DOCUME~1\nour\APPLIC~1\F-Secure
[08/07/2008|10:01] C:\DOCUME~1\nour\APPLIC~1\Google
[01/01/2004|08:29] C:\DOCUME~1\nour\APPLIC~1\Identities
[01/11/2008|12:41] C:\DOCUME~1\nour\APPLIC~1\IDM
[03/11/2008|19:41] C:\DOCUME~1\nour\APPLIC~1\ijjigame
[01/12/2008|17:59] C:\DOCUME~1\nour\APPLIC~1\LimeWire
[21/12/2007|22:57] C:\DOCUME~1\nour\APPLIC~1\Macromedia
[03/12/2008|15:11] C:\DOCUME~1\nour\APPLIC~1\Malwarebytes
[21/11/2008|14:23] C:\DOCUME~1\nour\APPLIC~1\Microsoft
[24/04/2008|10:43] C:\DOCUME~1\nour\APPLIC~1\Mozilla
[22/11/2008|13:59] C:\DOCUME~1\nour\APPLIC~1\Opera
[27/11/2008|21:38] C:\DOCUME~1\nour\APPLIC~1\Publish Providers
[02/04/2008|09:46] C:\DOCUME~1\nour\APPLIC~1\Real
[01/01/2004|11:16] C:\DOCUME~1\nour\APPLIC~1\SampleView
[21/12/2007|22:54] C:\DOCUME~1\nour\APPLIC~1\Sonic
[27/11/2008|21:37] C:\DOCUME~1\nour\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\nour\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\nour\APPLIC~1\Symantec
[21/12/2007|22:55] C:\DOCUME~1\nour\APPLIC~1\Teleca
[04/12/2008|11:45] C:\DOCUME~1\nour\APPLIC~1\Tibia
[01/11/2008|19:51] C:\DOCUME~1\nour\APPLIC~1\vlc

[18/12/2005|13:20] C:\DOCUME~1\SAYAHN~1\APPLIC~1\.ABC 3.01
[14/06/2006|14:39] C:\DOCUME~1\SAYAHN~1\APPLIC~1\.bittorrent
[23/03/2007|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\5400 Series
[13/05/2007|13:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Adobe
[09/06/2006|07:43] C:\DOCUME~1\SAYAHN~1\APPLIC~1\AdobeUM
[07/02/2007|09:12] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Apple Computer
[15/12/2005|19:21] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ArcSoft
[20/01/2008|12:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\AVS4YOU
[04/10/2007|17:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Azureus
[19/03/2008|22:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\BitTorrent DNA
[23/07/2005|09:54] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Common Files
[05/03/2005|11:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Creative
[10/08/2005|15:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Creative soap
[11/10/2007|18:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\DMCache
[05/12/2006|18:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Download Manager
[05/12/2006|18:45] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Droppix
[03/07/2007|22:20] C:\DOCUME~1\SAYAHN~1\APPLIC~1\EBP
[02/09/2006|10:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\F-Secure
[04/03/2007|20:02] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Google
[09/12/2004|13:07] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Help
[05/12/2006|18:45] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Hewlett-Packard
[19/01/2005|20:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\HP
[14/08/2006|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Identities
[11/10/2007|18:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\IDM
[03/04/2008|22:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ijjigame
[08/12/2006|21:26] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InstallShield
[06/01/2005|13:28] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InterTrust
[13/11/2004|13:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\InterVideo
[02/05/2006|18:22] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Irth
[01/10/2007|15:31] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Joost
[29/11/2004|19:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Lavasoft
[19/01/2005|19:57] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Leadertech
[08/02/2005|19:55] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Macromedia
[01/05/2006|16:10] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Media Player Classic
[20/08/2008|12:46] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Microsoft
[02/12/2004|09:02] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Motive
[02/05/2008|08:58] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Mozilla
[27/12/2005|15:26] C:\DOCUME~1\SAYAHN~1\APPLIC~1\MSN6
[24/08/2007|16:28] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Netscape
[28/03/2006|08:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\OD2
[02/11/2007|10:30] C:\DOCUME~1\SAYAHN~1\APPLIC~1\OpenOffice.org2
[05/12/2006|18:37] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Opera
[22/09/2004|21:51] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Otto
[02/09/2006|08:35] C:\DOCUME~1\SAYAHN~1\APPLIC~1\PEX
[20/01/2008|11:58] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Real
[27/07/2005|09:08] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Registry Cleaner
[01/01/2004|11:16] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SampleView
[09/07/2007|19:29] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SecondLife
[02/05/2008|15:29] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Shareaza
[19/01/2005|19:57] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Sonic
[01/01/2004|09:09] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Symantec
[21/10/2007|16:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\SystemRequirementsLab
[26/03/2005|14:52] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Talkback
[01/11/2007|14:11] C:\DOCUME~1\SAYAHN~1\APPLIC~1\teamspeak2
[07/02/2007|09:48] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Teleca
[19/11/2004|21:25] C:\DOCUME~1\SAYAHN~1\APPLIC~1\ubi.com
[11/12/2006|10:27] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Ulead Systems
[08/10/2006|16:36] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Visicom Media
[18/11/2007|11:08] C:\DOCUME~1\SAYAHN~1\APPLIC~1\VisiPPT
[17/11/2007|20:03] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Weflirt
[31/10/2007|16:04] C:\DOCUME~1\SAYAHN~1\APPLIC~1\WinRAR
[01/02/2007|19:18] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Yahoo!
[14/08/2006|13:32] C:\DOCUME~1\SAYAHN~1\APPLIC~1\Zylom

[13/08/2008|19:52] C:\DOCUME~1\Shogi\APPLIC~1\.bittorrent
[22/10/2008|15:13] C:\DOCUME~1\Shogi\APPLIC~1\.purple
[19/12/2007|18:48] C:\DOCUME~1\Shogi\APPLIC~1\5400 Series
[30/07/2008|11:47] C:\DOCUME~1\Shogi\APPLIC~1\Adobe
[04/05/2008|14:57] C:\DOCUME~1\Shogi\APPLIC~1\AdobeUM
[28/07/2008|20:04] C:\DOCUME~1\Shogi\APPLIC~1\AVS4YOU
[13/09/2008|12:17] C:\DOCUME~1\Shogi\APPLIC~1\CamfrogWEB
[25/04/2008|17:07] C:\DOCUME~1\Shogi\APPLIC~1\Creative
[22/07/2008|12:54] C:\DOCUME~1\Shogi\APPLIC~1\DivX
[30/10/2008|18:06] C:\DOCUME~1\Shogi\APPLIC~1\DMCache
[13/09/2008|19:10] C:\DOCUME~1\Shogi\APPLIC~1\DNA
[27/10/2008|17:19] C:\DOCUME~1\Shogi\APPLIC~1\Eltima Software
[15/09/2008|13:04] C:\DOCUME~1\Shogi\APPLIC~1\Free Download Manager
[25/04/2008|16:24] C:\DOCUME~1\Shogi\APPLIC~1\F-Secure
[25/08/2008|17:23] C:\DOCUME~1\Shogi\APPLIC~1\GarageGames
[21/09/2008|13:32] C:\DOCUME~1\Shogi\APPLIC~1\GetRightToGo
[31/07/2008|15:27] C:\DOCUME~1\Shogi\APPLIC~1\Google
[11/10/2008|18:41] C:\DOCUME~1\Shogi\APPLIC~1\gtk-2.0
[01/01/2004|08:29] C:\DOCUME~1\Shogi\APPLIC~1\Identities
[30/07/2008|11:50] C:\DOCUME~1\Shogi\APPLIC~1\IDM
[11/10/2008|13:08] C:\DOCUME~1\Shogi\APPLIC~1\ijjigame
[26/04/2008|11:34] C:\DOCUME~1\Shogi\APPLIC~1\IMVU
[30/07/2008|10:40] C:\DOCUME~1\Shogi\APPLIC~1\InstallShield
[21/05/2008|13:43] C:\DOCUME~1\Shogi\APPLIC~1\kantaris
[04/05/2008|16:50] C:\DOCUME~1\Shogi\APPLIC~1\Macromedia
[21/07/2008|21:00] C:\DOCUME~1\Shogi\APPLIC~1\MeuhMeuhTV
[20/08/2008|12:46] C:\DOCUME~1\Shogi\APPLIC~1\Microsoft
[30/10/2008|19:00] C:\DOCUME~1\Shogi\APPLIC~1\mIRC
[24/04/2008|15:13] C:\DOCUME~1\Shogi\APPLIC~1\Mozilla
[27/08/2008|13:30] C:\DOCUME~1\Shogi\APPLIC~1\Nexon
[29/06/2008|19:39] C:\DOCUME~1\Shogi\APPLIC~1\NPLUTO Corporation
[30/07/2008|16:54] C:\DOCUME~1\Shogi\APPLIC~1\Opera
[22/07/2008|13:53] C:\DOCUME~1\Shogi\APPLIC~1\Publish Providers
[19/12/2007|18:47] C:\DOCUME~1\Shogi\APPLIC~1\Real
[01/01/2004|11:16] C:\DOCUME~1\Shogi\APPLIC~1\SampleView
[19/12/2007|18:47] C:\DOCUME~1\Shogi\APPLIC~1\Sonic
[22/07/2008|13:53] C:\DOCUME~1\Shogi\APPLIC~1\Sony
[01/01/2004|09:09] C:\DOCUME~1\Shogi\APPLIC~1\Sun
[01/01/2004|08:05] C:\DOCUME~1\Shogi\APPLIC~1\Symantec
[19/12/2007|18:48] C:\DOCUME~1\Shogi\APPLIC~1\Teleca
[20/10/2008|14:32] C:\DOCUME~1\Shogi\APPLIC~1\vlc
[15/10/2008|11:53] C:\DOCUME~1\Shogi\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/12/2008 17:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[21/11/2008 15:00][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[04/12/2008 19:03][--a------] C:\WINDOWS\tasks\Windows Update.job
[13/02/2004 02:15][-rah-----] C:\WINDOWS\tasks\desktop.ini
[04/12/2008 20:48][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[06/01/2008|17:09] C:\Program Files\3000AD
[13/05/2007|12:17] C:\Program Files\Adobe
[18/10/2008|11:27] C:\Program Files\adslTV
[30/12/2006|16:04] C:\Program Files\Agenda Etam
[13/10/2004|16:16] C:\Program Files\Agfa
[28/07/2008|19:57] C:\Program Files\AimOne_AlltoMP3
[29/11/2008|14:49] C:\Program Files\alaplaya
[28/11/2004|13:25] C:\Program Files\Alwil Software
[12/11/2008|18:10] C:\Program Files\America's Army
[03/12/2008|21:10] C:\Program Files\aMSN
[03/04/2008|22:07] C:\Program Files\Angels Online
[02/11/2008|18:57] C:\Program Files\Apple Software Update
[21/12/2007|23:10] C:\Program Files\Archos MP4SP
[15/12/2005|19:17] C:\Program Files\ArcSoft
[30/01/2008|17:24] C:\Program Files\AutoClic
[20/08/2008|13:10] C:\Program Files\AVG(2)
[19/01/2008|18:28] C:\Program Files\AviSynth 2.5
[28/07/2008|20:03] C:\Program Files\AVS4YOU
[03/04/2008|22:09] C:\Program Files\Azureus
[05/12/2006|18:46] C:\Program Files\Bioforma-CDF
[09/08/2008|13:08] C:\Program Files\BitComet
[17/11/2007|20:48] C:\Program Files\BKEDV
[02/11/2008|19:00] C:\Program Files\Bonjour
[03/04/2008|22:10] C:\Program Files\BOTS
[23/07/2007|16:27] C:\Program Files\Business-in-a-Box
[24/10/2004|21:08] C:\Program Files\Caere
[27/11/2008|21:07] C:\Program Files\CamStudio
[17/11/2007|21:56] C:\Program Files\CCleaner
[05/05/2006|11:14] C:\Program Files\CCP
[04/02/2006|20:04] C:\Program Files\CEDP Stealer 4.0
[18/05/2008|12:59] C:\Program Files\CenterLock
[13/09/2008|12:03] C:\Program Files\CFWebAdvancedU_BOBTV.FR
[17/11/2007|20:36] C:\Program Files\CleanMyPC
[07/04/2007|07:57] C:\Program Files\Code de la route
[24/01/2008|12:04] C:\Program Files\Common Files
[01/01/2004|08:25] C:\Program Files\ComPlus Applications
[04/10/2008|17:24] C:\Program Files\Counter-Strike 1.6
[06/01/2005|20:50] C:\Program Files\Creative
[27/02/2005|09:36] C:\Program Files\directx
[07/02/2007|07:57] C:\Program Files\Disc2Phone
[01/08/2008|12:46] C:\Program Files\DivX
[08/11/2008|13:59] C:\Program Files\DMV
[13/09/2008|13:36] C:\Program Files\DNA
[23/11/2008|19:17] C:\Program Files\Dofus
[03/04/2008|22:24] C:\Program Files\Dofus-Arena beta 2
[27/04/2006|08:17] C:\Program Files\DOSBox-0.65
[03/11/2008|19:44] C:\Program Files\DriftCity
[11/05/2008|12:41] C:\Program Files\Driver Sweeper
[28/07/2008|21:06] C:\Program Files\DVDVideoSoft
[31/03/2006|16:21] C:\Program Files\Easy Internet signup
[16/12/2006|21:34] C:\Program Files\eBay
[03/07/2007|15:47] C:\Program Files\EBP
[27/10/2008|17:19] C:\Program Files\Eltima Software
[03/04/2008|22:25] C:\Program Files\eMule
[18/01/2005|20:46] C:\Program Files\Encyclopédie Médicale Française
[14/01/2005|14:40] C:\Program Files\EZFace
[18/12/2004|20:42] C:\Program Files\Family Games
[04/12/2008|20:22] C:\Program Files\Fichiers communs
[06/04/2008|11:43] C:\Program Files\Flash Movie Player
[06/04/2008|11:50] C:\Program Files\Flash2X
[02/05/2008|15:22] C:\Program Files\FlashGet
[06/04/2008|11:37] C:\Program Files\FLV Player
[10/10/2008|18:10] C:\Program Files\Flyff
[26/10/2008|15:50] C:\Program Files\FlyForFuture
[23/08/2008|15:31] C:\Program Files\FP
[10/09/2008|14:54] C:\Program Files\Free Download Manager
[05/10/2004|10:24] C:\Program Files\Friendly Technologies
[28/05/2006|18:56] C:\Program Files\Fujifilm
[05/12/2006|18:44] C:\Program Files\GalaNet
[11/10/2008|16:46] C:\Program Files\GAMENAO
[24/05/2008|18:50] C:\Program Files\GOA
[08/07/2008|10:00] C:\Program Files\Google
[03/01/2008|21:47] C:\Program Files\Google Video
[20/11/2008|16:25] C:\Program Files\GPotato
[06/09/2008|17:39] C:\Program Files\Gpotato.eu
[29/03/2008|15:15] C:\Program Files\Graal
[15/07/2008|15:20] C:\Program Files\Heartbreak Strip Poker - Gold Edition
[02/08/2005|09:56] C:\Program Files\Hewlett-Packard
[02/08/2005|09:56] C:\Program Files\HP
[01/01/2004|11:03] C:\Program Files\HP Media Center Help
[28/07/2008|16:57] C:\Program Files\HyCam2
[26/04/2008|11:31] C:\Program Files\IMVU
[29/11/2008|14:35] C:\Program Files\InstallShield Installation Information
[14/05/2008|16:07] C:\Program Files\Internet Download Manager
[16/10/2008|21:18] C:\Program Files\Internet Explorer
[22/09/2004|14:05] C:\Program Files\InterVideo
[02/11/2008|19:02] C:\Program Files\iPod
[02/11/2008|19:02] C:\Program Files\iTunes
[22/12/2007|18:58] C:\Program Files\Java
[08/04/2006|13:59] C:\Program Files\JavaSoft
[12/11/2008|17:33] C:\Program Files\Kantaris
[05/10/2004|10:21] C:\Program Files\Kit ADSL
[03/04/2008|22:49] C:\Program Files\Labtec
[12/11/2008|17:33] C:\Program Files\LegendGunZ V1.2
[23/03/2007|13:35] C:\Program Files\Lexmark 5400 Series
[23/03/2007|13:21] C:\Program Files\Lexmark Toolbar
[27/11/2008|21:47] C:\Program Files\LimeWire
[12/11/2008|18:28] C:\Program Files\LRose
[29/03/2008|11:29] C:\Program Files\LucasArts
[27/11/2008|19:13] C:\Program Files\lx_cats
[14/05/2007|15:52] C:\Program Files\MAIET
[03/12/2008|15:11] C:\Program Files\Malwarebytes' Anti-Malware
[23/07/2008|11:44] C:\Program Files\Maxis
[24/08/2007|16:32] C:\Program Files\Meetstream
[26/03/2005|14:50] C:\Program Files\Mercora
[20/09/2008|18:16] C:\Program Files\Messenger
[20/11/2007|20:48] C:\Program Files\Messenger Plus! 3
[23/12/2007|20:24] C:\Program Files\Messenger Plus! Live
[20/11/2007|20:47] C:\Program Files\MessengerPlus! 3
[02/12/2008|16:30] C:\Program Files\Metin2_France
[21/07/2008|21:00] C:\Program Files\MeuhMeuhTV Alpha
[15/01/2007|19:24] C:\Program Files\Micro Application
[13/01/2005|17:02] C:\Program Files\MicroProse Software
[22/10/2008|15:26] C:\Program Files\Microsoft
[22/09/2004|18:25] C:\Program Files\Microsoft AutoRoute
[23/10/2005|11:11] C:\Program Files\Microsoft Baseline Security Analyzer
[04/12/2007|00:04] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[24/09/2004|17:20] C:\Program Files\Microsoft Encarta
[19/10/2004|17:35] C:\Program Files\microsoft frontpage
[22/09/2004|18:24] C:\Program Files\Microsoft Money
[23/11/2007|19:16] C:\Program Files\Microsoft Office
[05/05/2007|19:01] C:\Program Files\Microsoft Picture It! 9
[18/10/2008|16:03] C:\Program Files\Microsoft Silverlight
[22/10/2008|15:28] C:\Program Files\Microsoft SQL Server Compact Edition
[05/12/2006|18:46] C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[22/09/2004|18:20] C:\Program Files\Microsoft Works
[22/09/2004|18:08] C:\Program Files\Microsoft Works Suite 2004
[19/10/2004|17:44] C:\Program Files\Microsoft.NET
[30/10/2008|18:39] C:\Program Files\mIRC
[05/10/2004|10:22] C:\Program Files\ModemAdsl
[06/04/2008|11:49] C:\Program Files\Mohsoft
[22/07/2008|13:04] C:\Program Files\Movie Maker
[04/12/2008|20:49] C:\Program Files\Mozilla Firefox
[07/05/2008|17:56] C:\Program Files\Mozilla Firefox 3 Beta 5
[09/04/2007|10:06] C:\Program Files\MSBuild
[23/11/2007|19:16] C:\Program Files\MSECache
[29/09/2005|11:22] C:\Program Files\MSN
[01/01/2004|08:24] C:\Program Files\MSN Gaming Zone
[13/07/2008|10:37] C:\Program Files\MSN Messenger
[02/09/2005|19:34] C:\Program Files\MSN Toolbar Suite
[05/12/2006|18:49] C:\Program Files\MSXML 4.0
[15/08/2007|10:15] C:\Program Files\MSXML 6.0
[25/03/2006|20:32] C:\Program Files\Music Manager
[23/02/2007|13:16] C:\Program Files\Musicmatch
[04/12/2008|19:04] C:\Program Files\Navilog1
[13/08/2008|19:32] C:\Program Files\NetEase
[08/01/2006|11:24] C:\Program Files\NetMeeting
[24/08/2007|16:27] C:\Program Files\Netscape
[18/10/2008|11:50] C:\Program Files\Neuf
[04/08/2006|16:40] C:\Program Files\neuf Talk
[27/10/2008|17:35] C:\Program Files\neuf telecom
[24/07/2008|14:00] C:\Program Files\NEXON
[08/05/2006|15:24] C:\Program Files\NimoCodec Pack
[05/12/2006|18:40] C:\Program Files\Norton AntiVirus
[05/12/2006|18:40] C:\Program Files\Norton AntiVirus(2)
[04/10/2007|18:21] C:\Program Files\NudgeMania
[10/03/2005|19:13] C:\Program Files\OfficeUpdate11
[23/09/2004|08:04] C:\Program Files\OLYMPUS
[21/07/2008|18:31] C:\Program Files\Online TV & Radio Stations
[10/08/2007|14:54] C:\Program Files\OpenOffice.org 2.1
[02/11/2007|12:14] C:\Program Files\OpenOffice.org 2.3
[24/08/2007|16:27] C:\Program Files\Opera
[05/12/2006|18:39] C:\Program Files\Opera(2)
[21/04/2005|07:54] C:\Program Files\ORB Networks
[03/04/2008|22:24] C:\Program Files\Ororea
[19/05/2008|11:14] C:\Program Files\Outlook Express
[12/11/2008|18:26] C:\Program Files\Outspark
[31/10/2008|18:04] C:\Program Files\Pack Securite
[02/12/2008|19:40] C:\Program Files\Panda Security
[14/05/2007|11:38] C:\Program Files\Patch Kingdom of Heaven
[30/01/2008|17:20] C:\Program Files\Perfect Macro Recorder
[21/09/2008|14:30] C:\Program Files\Perfect World International
[18/01/2005|21:18] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
[19/05/2005|11:09] C:\Program Files\Photo Station
[12/11/2005|08:31] C:\Program Files\PhotoFiltre
[04/11/2007|22:05] C:\Program Files\PhotoFiltre Studio
[08/04/2008|11:21] C:\Program Files\Pidgin
[18/05/2007|16:32] C:\Program Files\Project64 1.6
[02/11/2008|19:00] C:\Program Files\QuickTime
[09/04/2007|10:01] C:\Program Files\Reference Assemblies
[08/03/2006|16:43] C:\Program Files\Reflex English
[17/11/2007|21:53] C:\Program Files\RegCleaner
[19/01/2008|18:28] C:\Program Files\Ripp-it_AM
[26/12/2007|10:20] C:\Program Files\River Past
[07/02/2007|17:34] C:\Program Files\Rockstar Games
[14/09/2008|16:08] C:\Program Files\ROSE Online Evolution
[12/11/2008|18:30] C:\Program Files\Ruff-Rose
[28/03/2005|16:34] C:\Program Files\SCi
[01/01/2004|11:10] C:\Program Files\Services en ligne
[27/10/2008|17:35] C:\Program Files\SFR
[02/05/2008|15:29] C:\Program Files\Shareaza
[09/03/2008|12:55] C:\Program Files\Sierra
[01/10/2008|14:12] C:\Program Files\Slayers Online
[11/06/2007|11:47] C:\Program Files\SlySoft
[27/02/2008|23:35] C:\Program Files\SnailWeb
[29/08/2008|16:17] C:\Program Files\Softnyx
[11/08/2008|12:20] C:\Program Files\Sol Edit
[22/07/2008|13:28] C:\Program Files\Sony
[07/02/2007|09:25] C:\Program Files\Sony Ericsson
[22/07/2008|13:27] C:\Program Files\Sony Setup
[12/11/2008|17:34] C:\Program Files\Speed Rose Onlinea
[05/12/2006|18:40] C:\Program Files\Symantec
[05/12/2006|18:40] C:\Program Files\SymNetDrv
[05/11/2008|17:19] C:\Program Files\SystemRequirementsLab
[30/01/2008|20:28] C:\Program Files\Teamspeak2_RC2
[24/05/2008|13:39] C:\Program Files\The KMPlayer
[23/02/2007|12:34] C:\Program Files\Thomson
[04/12/2008|11:36] C:\Program Files\Tibia
[05/12/2006|18:46] C:\Program Files\Tiscali Games
[08/12/2006|21:37] C:\Program Files\TomTom DesktopSuite
[01/02/2007|19:34] C:\Program Files\TomTom HOME
[03/12/2008|12:44] C:\Program Files\Trend Micro
[02/05/2008|15:24] C:\Program Files\Trillian
[16/07/2008|19:08] C:\Program Files\Trinity Entertainment
[08/12/2006|23:19] C:\Program Files\Trust
[08/12/2006|23:24] C:\Program Files\Ulead Systems
[05/12/2006|18:45] C:\Program Files\UltraVNC
[13/11/2004|11:16] C:\Program Files\Uninstall Information
[04/12/2008|17:51] C:\Program Files\UsbFix
[12/11/2008|17:33] C:\Program Files\Valhalla-Destiny
[09/02/2008|17:40] C:\Program Files\Veoh Networks
[05/12/2007|19:51] C:\Program Files\Vg
[18/05/2008|16:47] C:\Program Files\VideoLAN
[07/07/2008|17:05] C:\Program Files\Virtools
[28/07/2008|19:58] C:\Program Files\VirtualDubMOD
[05/12/2006|18:45] C:\Program Files\Visicom Media
[18/11/2007|11:06] C:\Program Files\VisiFly
[30/10/2008|13:18] C:\Program Files\VS Revo Group
[22/07/2008|13:28] C:\Program Files\Vstplugins
[28/11/2008|21:43] C:\Program Files\Wakfu
[02/05/2008|15:27] C:\Program Files\WarRock
[30/08/2006|15:54] C:\Program Files\Webzen
[29/03/2008|15:13] C:\Program Files\WellGet
[21/05/2008|14:05] C:\Program Files\Winamp Toolbar
[22/10/2008|15:29] C:\Program Files\Windows Live
[03/06/2008|16:39] C:\Program Files\Windows Media Player
[23/10/2004|18:33] C:\Program Files\Windows NT
[26/08/2008|09:07] C:\Program Files\WindowsUpdate
[14/09/2008|17:52] C:\Program Files\WindSlayer
[08/06/2006|11:57] C:\Program Files\WinRAR
[10/12/2004|17:46] C:\Program Files\Wizet
[01/01/2004|08:30] C:\Program Files\xerox
[28/11/2008|20:27] C:\Program Files\Xvid
[17/11/2007|21:56] C:\Program Files\Yahoo!
[28/09/2008|10:37] C:\Program Files\YouTube Downloader
[26/11/2008|20:04] C:\Program Files\Zattoo
[28/11/2008|20:26] C:\Program Files\ZD Soft
[06/04/2008|11:51] C:\Program Files\zeraha.org
[13/08/2008|11:27] C:\Program Files\Zoomby

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[13/05/2007|12:14] C:\Program Files\Fichiers communs\Adobe
[02/11/2008|18:59] C:\Program Files\Fichiers communs\Apple
[28/07/2008|20:03] C:\Program Files\Fichiers communs\AVSMedia
[02/05/2008|17:36] C:\Program Files\Fichiers communs\Blizzard Entertainment
[24/10/2004|21:09] C:\Program Files\Fichiers communs\Caere
[21/10/2007|18:59] C:\Program Files\Fichiers communs\Ciel
[22/09/2004|18:19] C:\Program Files\Fichiers communs\Designer
[02/10/2007|17:01] C:\Program Files\Fichiers communs\DirectX
[26/10/2008|19:17] C:\Program Files\Fichiers communs\DVDVideoSoft
[03/07/2007|15:47] C:\Program Files\Fichiers communs\EBP
[27/10/2008|17:19] C:\Program Files\Fichiers communs\Eltima Shared
[03/04/2008|22:26] C:\Program Files\Fichiers communs\FotoWire
[18/11/2007|11:06] C:\Program Files\Fichiers communs\GeoVid
[05/03/2006|19:58] C:\Program Files\Fichiers communs\GraphBoard 2.00
[28/12/2007|11:58] C:\Program Files\Fichiers communs\GTK
[01/01/2004|09:46] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/01/2004|09:47] C:\Program Files\Fichiers communs\HP
[09/02/2007|15:41] C:\Program Files\Fichiers communs\InstallShield
[01/01/2004|09:09] C:\Program Files\Fichiers communs\Java
[05/12/2006|18:45] C:\Program Files\Fichiers communs\LightScribe
[27/02/2005|09:35] C:\Program Files\Fichiers communs\Logitech
[13/05/2007|11:58] C:\Program Files\Fichiers communs\Macrovision Shared
[22/10/2008|15:25] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2004|10:44] C:\Program Files\Fichiers communs\Microsoft Visual J# .NET Setup
[08/05/2005|13:22] C:\Program Files\Fichiers communs\mozilla.org
[01/01/2004|08:27] C:\Program Files\Fichiers communs\MSSoap
[20/06/2006|11:41] C:\Program Files\Fichiers communs\Oberon Media
[01/01/2004|08:21] C:\Program Files\Fichiers communs\ODBC
[19/11/2004|21:25] C:\Program Files\Fichiers communs\PocketSoft
[02/05/2008|15:32] C:\Program Files\Fichiers communs\Real
[26/12/2007|10:20] C:\Program Files\Fichiers communs\River Past
[28/08/2007|15:17] C:\Program Files\Fichiers communs\Scanner
[07/08/2004|03:03] C:\Program Files\Fichiers communs\Services
[05/12/2006|18:41] C:\Program Files\Fichiers communs\sndp202
[29/07/2006|17:55] C:\Program Files\Fichiers communs\snpstd
[22/09/2004|14:05] C:\Program Files\Fichiers communs\Sonic
[01/01/2004|08:21] C:\Program Files\Fichiers communs\SpeechEngines
[05/12/2006|18:53] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|18:16] C:\Program Files\Fichiers communs\System
[07/02/2007|09:47] C:\Program Files\Fichiers communs\Teleca Shared
[24/08/2007|17:36] C:\Program Files\Fichiers communs\Totem Shared
[08/12/2006|23:24] C:\Program Files\Fichiers communs\Ulead Systems
[02/07/2006|12:03] C:\Program Files\Fichiers communs\Vbox
[22/10/2008|15:19] C:\Program Files\Fichiers communs\Windows Live
[02/12/2007|22:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 37 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 21:19:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\nour\LOCALS~1\APPLIC~1\Mozilla\Firefox\Profiles\o2t1tnz1.default\Cache\BDE7585Ed01 26038 bytes
C:\DOCUME~1\nour\LOCALS~1\APPLIC~1\Mozilla\Firefox\Profiles\o2t1tnz1.default\Cache\2067AC1Dd01 34611 bytes
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\nour\Bureau\Flyff\SFX\sfx_sklassknuburstcrack01.sfx
C:\DOCUME~1\nour\Bureau\Flyff\Sound\PcSkillD-Burstcrack.wav

[F:9][D:4]-> C:\DOCUME~1\nour\LOCALS~1\Temp
[F:6][D:0]-> C:\DOCUME~1\nour\Cookies
[F:4][D:1]-> C:\DOCUME~1\nour\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/12/2008|21:07 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/12/2008|21:21 - Option : [2]

--------------------\\ Fin du rapport a 21:21:03

Répondre à Shogi

Citation :

Je ne sais pas si je l'ai déjà dit mais j'ai un problème avec mon gestionnaire des tâches ' désactivé par mon administrateur '

---> Oui, je l'ai vu, pareil pour l'éditeur de registre (regedit).

Je vais m'absenter, fais ceci :

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
Choisis 3 months et clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit

Répondre à Destrio5

Je vais bientot aller manger et aller dormir aussi ^^

J'te dis à demain alors et merci beaucoup ^^

PS : lorsque le logiciel lance automatiquement HiJackThis, il me met une erreur Autoit :
Line -1
Error : subscript used with non-Array variable

Message édité par Shogi le 04-12-2008 à 21:31:52

Répondre à Shogi

Donne ton avis en vidéo

Messages similaires

Dans l'actualité

Mais quand sortira l'iPhone en France ?

Skype propose de nouvelles possibilités pour utiliser ses services

Les téléchargements

Ressources relatives

Albums

Les derniers dossiers

Test : Nokia N97, un vrai clavier, du Wi-Fi, un grand écran tactile...

Les bonnes raisons pour ne pas passer à l'iPhone 3G S

Faut-il craquer pour une TV à Led ?

Clés USB : capacité ou vitesse, le comparatif

Téléchargement

Liens commerciaux

Attention