Se connecter / S'enregistrer
Votre question

[Résolu] HotBar / ShopperReports

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Septembre 2009 13:29:19

Salut les gars, encore moi...

Je reviens vers nous pour un souci de trojan. On m'a passé un PC pour un problème de son et de souris, mais dès le boot, j'ai un message concernant une hotbar.

J'ai voulu installer le SP3 (PC toujours sous SP2) pour commencer, mais pas assez d'espace sur le disque (disque de 15 Go a priori). En regardant de plus près, j'ai trouvé un dossier assez gros nommé ShopperReports et le premier résultat sur google avec ce nom me m'inspire pas confiance :D .

Voilà donc un rapport HJT fait à l'instant :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:30, on 30/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Analog Devices\SoundMAX\smagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe
C:\WINDOWS\system32\dvdupgrd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\didier\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ryvtfwfefqinmhhfrzzaqsxdt.com/jk78JaWWydovuM...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xruiyptfktbkqusnoe.uk/jk78JaWWydq7tWLzpy3Sb6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm...
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: CIEIntegrator Object - {2178F3FB-2560-458F-BDEE-631E2FE0DFE4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O2 - BHO: (no name) - {A1BF97D5-0F3F-756D-F70B-9A580A890549} - C:\DOCUME~1\CÉCILE\APPLIC~1\SETUPO~1\Stupid Part.exe
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
O2 - BHO: (no name) - {E1160B78-2553-AC22-5C93-220875A0BADC} - C:\DOCUME~1\delphine\APPLIC~1\BATPRO~1\BASE SHIM.exe
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
O4 - HKLM\..\Run: [DVDUpgrade] DVDUpgrd.exe /async
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe"
O4 - HKLM\..\Run: [jepsoevr] C:\WINDOWS\system32\yakpjmkj.exe
O4 - HKLM\..\Run: [new knob remote book] C:\Documents and Settings\All Users\Application Data\Bleh Team New Knob\sect math.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Win Data Book Sect] C:\Documents and Settings\All Users\Application Data\One idol win data\pile chic.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1045.dll,InstantAccess
O4 - HKCU\..\Run: [jump pure] C:\DOCUME~1\didier\APPLIC~1\DUMBRE~1\Vga gram.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winantispyware.com
O15 - Trusted Zone: http://*.winantivirus.com
O15 - Trusted Zone: http://*.winantiviruspro.com
O15 - Trusted Zone: http://*.winfixer.com
O15 - Trusted Zone: http://*.winnanny.com
O15 - Trusted Zone: http://*.winsoftware.com
O16 - DPF: Win32 Classes -
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4300E5A-E9F1-4684-B768-EF172E9FF26A}: NameServer = 192.168.2.1
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\smagent.exe

--
End of file - 8288 bytes




Merci d'avance pour l'aide que vous pourrez m'apporter (encore une fois). :whistle: 

Autres pages sur : resolu hotbar shopperreports

30 Septembre 2009 13:33:11

Bonjour ,
En effet ton ordinateur est bien bien infecté.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    30 Septembre 2009 17:33:39

    T'es devenu Helper Romain ?
    Contenus similaires
    30 Septembre 2009 17:34:11

    Salut ,
    Je fais une formation pour oui :) 
    a c 267 8 Sécurité
    1 Octobre 2009 16:41:29

    Bonjour,

    Le PC est pas mal infecté.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    1 Octobre 2009 17:07:14

    Salut Destrio. Merci beaucoup pour ta rapidité (encore une fois). :jap: 

    Par contre, je n'ai pas eu à installer Lop S&D. Il s'est lancé immédiatement depuis le bureau.

    Voilà le rapport (effectivement, ça semble pire que ce que j'imaginais...) :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Rev 2.00
    USER : didier ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:13 Go (Free:1 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1919 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 01/10/2009|17:02 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [18/01/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [18/01/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [10/04/2006|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob
    [04/12/2008|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast
    [30/09/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [09/09/2006|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/09/2009|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [30/09/2009|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [08/04/2006|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/04/2006|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/09/2007|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One
    [04/12/2008|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
    [08/04/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [04/12/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware
    [08/04/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [11/02/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [11/02/2007|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [21/05/2006|16:30] C:\DOCUME~1\anthony\APPLIC~1\Adobe
    [09/04/2006|13:29] C:\DOCUME~1\anthony\APPLIC~1\Identities
    [09/04/2006|13:33] C:\DOCUME~1\anthony\APPLIC~1\Macromedia
    [08/04/2006|11:49] C:\DOCUME~1\anthony\APPLIC~1\Microsoft
    [09/04/2006|13:30] C:\DOCUME~1\anthony\APPLIC~1\Mozilla
    [12/04/2006|12:51] C:\DOCUME~1\anthony\APPLIC~1\ShopperReports
    [09/04/2006|13:34] C:\DOCUME~1\anthony\APPLIC~1\Sun
    [09/04/2006|13:30] C:\DOCUME~1\anthony\APPLIC~1\Talkback
    [16/04/2006|22:34] C:\DOCUME~1\anthony\APPLIC~1\Thunderbird

    [22/12/2006|18:34] C:\DOCUME~1\c‚cile\APPLIC~1\dumbrect01
    [08/04/2006|19:18] C:\DOCUME~1\c‚cile\APPLIC~1\Identities
    [08/04/2006|19:43] C:\DOCUME~1\c‚cile\APPLIC~1\Macromedia
    [10/04/2006|18:50] C:\DOCUME~1\c‚cile\APPLIC~1\Mail The Mode
    [01/04/2007|11:26] C:\DOCUME~1\c‚cile\APPLIC~1\Microsoft
    [08/04/2006|19:22] C:\DOCUME~1\c‚cile\APPLIC~1\Mozilla
    [20/05/2006|11:14] C:\DOCUME~1\c‚cile\APPLIC~1\setupopen
    [12/04/2006|18:50] C:\DOCUME~1\c‚cile\APPLIC~1\ShopperReports
    [01/07/2007|20:20] C:\DOCUME~1\c‚cile\APPLIC~1\Starware
    [08/04/2006|21:43] C:\DOCUME~1\c‚cile\APPLIC~1\Sun
    [08/04/2006|19:23] C:\DOCUME~1\c‚cile\APPLIC~1\Talkback
    [08/04/2006|19:32] C:\DOCUME~1\c‚cile\APPLIC~1\Thunderbird
    [17/06/2007|14:16] C:\DOCUME~1\c‚cile\APPLIC~1\TuneUp Software

    [08/04/2006|11:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [16/09/2006|20:12] C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy
    [26/04/2008|21:04] C:\DOCUME~1\delphine\APPLIC~1\dumbrect01
    [19/10/2006|20:35] C:\DOCUME~1\delphine\APPLIC~1\Help
    [09/04/2006|14:19] C:\DOCUME~1\delphine\APPLIC~1\Identities
    [09/04/2006|14:21] C:\DOCUME~1\delphine\APPLIC~1\Macromedia
    [25/11/2007|14:08] C:\DOCUME~1\delphine\APPLIC~1\Microsoft
    [09/04/2006|14:20] C:\DOCUME~1\delphine\APPLIC~1\Mozilla
    [25/11/2006|23:04] C:\DOCUME~1\delphine\APPLIC~1\ShopperReports
    [26/04/2008|22:33] C:\DOCUME~1\delphine\APPLIC~1\Starware
    [09/04/2006|14:22] C:\DOCUME~1\delphine\APPLIC~1\Sun
    [09/04/2006|14:20] C:\DOCUME~1\delphine\APPLIC~1\Talkback
    [09/04/2006|14:42] C:\DOCUME~1\delphine\APPLIC~1\Thunderbird
    [22/09/2007|14:01] C:\DOCUME~1\delphine\APPLIC~1\TuneUp Software

    [24/12/2006|15:21] C:\DOCUME~1\didier\APPLIC~1\Adobe
    [24/12/2006|15:22] C:\DOCUME~1\didier\APPLIC~1\AdobeUM
    [16/09/2006|22:47] C:\DOCUME~1\didier\APPLIC~1\Apple Computer
    [13/02/2007|11:52] C:\DOCUME~1\didier\APPLIC~1\dumbrect01
    [18/06/2006|13:08] C:\DOCUME~1\didier\APPLIC~1\Help
    [08/04/2006|12:29] C:\DOCUME~1\didier\APPLIC~1\Identities
    [09/09/2006|17:08] C:\DOCUME~1\didier\APPLIC~1\Leadertech
    [15/04/2006|16:52] C:\DOCUME~1\didier\APPLIC~1\Macromedia
    [30/09/2009|13:53] C:\DOCUME~1\didier\APPLIC~1\Malwarebytes
    [15/12/2006|11:58] C:\DOCUME~1\didier\APPLIC~1\Microsoft
    [30/09/2009|15:05] C:\DOCUME~1\didier\APPLIC~1\Mozilla
    [30/09/2009|13:55] C:\DOCUME~1\didier\APPLIC~1\Starware
    [09/04/2006|17:51] C:\DOCUME~1\didier\APPLIC~1\Talkback
    [15/04/2006|20:38] C:\DOCUME~1\didier\APPLIC~1\Thunderbird
    [11/02/2007|14:38] C:\DOCUME~1\didier\APPLIC~1\TuneUp Software
    [11/02/2007|22:34] C:\DOCUME~1\didier\APPLIC~1\uTorrent

    [08/04/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [08/04/2006|11:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [14/01/2008|17:24] C:\DOCUME~1\yanti\APPLIC~1\Apple Computer
    [04/12/2008|20:12] C:\DOCUME~1\yanti\APPLIC~1\dumbrect01
    [06/07/2006|21:10] C:\DOCUME~1\yanti\APPLIC~1\Help
    [09/04/2006|09:48] C:\DOCUME~1\yanti\APPLIC~1\Identities
    [18/01/2008|17:01] C:\DOCUME~1\yanti\APPLIC~1\LimeWire
    [10/04/2006|12:02] C:\DOCUME~1\yanti\APPLIC~1\Macromedia
    [18/12/2006|23:40] C:\DOCUME~1\yanti\APPLIC~1\Microsoft
    [09/04/2006|09:49] C:\DOCUME~1\yanti\APPLIC~1\Mozilla
    [15/06/2006|18:04] C:\DOCUME~1\yanti\APPLIC~1\Real
    [23/11/2006|09:57] C:\DOCUME~1\yanti\APPLIC~1\ShopperReports
    [04/12/2008|22:07] C:\DOCUME~1\yanti\APPLIC~1\Starware
    [21/04/2006|15:41] C:\DOCUME~1\yanti\APPLIC~1\Sun
    [09/04/2006|09:49] C:\DOCUME~1\yanti\APPLIC~1\Talkback
    [16/04/2006|10:08] C:\DOCUME~1\yanti\APPLIC~1\Thunderbird
    [31/03/2007|10:07] C:\DOCUME~1\yanti\APPLIC~1\TuneUp Software

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [01/10/2009 17:00][--ah-c---] C:\WINDOWS\tasks\A189D669918E54C9.job
    [01/10/2009 17:00][--ah-c---] C:\WINDOWS\tasks\ABAC205D918FD589.job
    [18/01/2008 18:01][--a--c---] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [01/10/2009 17:00][--ah-c---] C:\WINDOWS\tasks\A20E79439181F2F7.job
    [23/05/2008 17:15][--a--c---] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [01/10/2009 16:58][--ah-c---] C:\WINDOWS\tasks\SA.DAT
    [01/10/2009 17:00][--ah-c---] C:\WINDOWS\tasks\AE635BC19188CC9D.job
    [30/04/2005 23:53][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A189D669918E54C9.job )=( c:\docume~1\yanti\applic~1\dumbre~1\SendStoreBash.exe )
    ( A20E79439181F2F7.job )=( c:\docume~1\didier\applic~1\dumbre~1\SendStoreBash.exe )
    ( ABAC205D918FD589.job )=( c:\docume~1\delphine\applic~1\dumbre~1\SendStoreBash.exe )
    ( AE635BC19188CC9D.job )=( c:\docume~1\cécile\applic~1\mailth~1\CoolMultiIso.exe )

    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "SponsorInstalled"=dword:00000000


    --------------------\\ Listing des dossiers dans C:\Program Files

    [28/10/2002|18:49] C:\Program Files\Adobe
    [11/02/2007|15:01] C:\Program Files\Advanced JPEG Compressor
    [12/03/2006|17:02] C:\Program Files\Adverts
    [18/12/2005|21:33] C:\Program Files\Analog Devices
    [18/01/2008|17:59] C:\Program Files\Apple Software Update
    [28/10/2002|19:07] C:\Program Files\ArcSoft
    [12/11/2005|18:14] C:\Program Files\Auralog
    [21/02/2004|12:14] C:\Program Files\AvantGo Connect
    [18/01/2008|18:18] C:\Program Files\Bonjour
    [28/10/2002|19:44] C:\Program Files\Canon
    [24/04/2004|15:00] C:\Program Files\Cegetel
    [02/10/2000|16:02] C:\Program Files\CHAT
    [21/02/2004|12:14] C:\Program Files\Common Files
    [08/04/2006|12:00] C:\Program Files\ComPlus Applications
    [19/12/2000|10:35] C:\Program Files\dialogue-chat2
    [02/10/2000|16:02] C:\Program Files\DirectCD
    [04/12/2008|20:09] C:\Program Files\dumbrect01
    [02/10/2006|18:56] C:\Program Files\Easy CD Creator
    [02/10/2000|16:02] C:\Program Files\Easy Internet
    [22/11/2000|17:33] C:\Program Files\Egypte
    [11/02/2007|15:01] C:\Program Files\EHMINSTALL
    [29/01/2007|20:11] C:\Program Files\eMule
    [18/01/2008|17:56] C:\Program Files\Fichiers communs
    [02/10/2000|16:02] C:\Program Files\Freesbee
    [03/06/2004|19:00] C:\Program Files\FunWebProducts
    [06/03/2004|17:11] C:\Program Files\hewlett-packard
    [19/10/2006|18:37] C:\Program Files\Hotbar
    [30/09/2009|15:01] C:\Program Files\InstallShield Installation Information
    [01/08/2003|15:45] C:\Program Files\Instant Access
    [02/10/2000|16:02] C:\Program Files\Intel
    [11/02/2007|17:15] C:\Program Files\Internet Explorer
    [09/09/2006|17:06] C:\Program Files\Iomega
    [04/03/2004|09:43] C:\Program Files\iPAQ Download Agent
    [18/01/2008|18:46] C:\Program Files\iPod
    [18/01/2008|18:48] C:\Program Files\iTunes
    [18/08/2001|22:13] C:\Program Files\IxoVM
    [02/01/2006|00:46] C:\Program Files\Jasc Software Inc
    [10/03/2006|15:56] C:\Program Files\Java
    [14/10/1990|18:28] C:\Program Files\Labtec
    [14/01/2008|17:06] C:\Program Files\LimeWire
    [29/01/2006|21:00] C:\Program Files\Logitech
    [13/01/2001|13:44] C:\Program Files\Lucky Luke
    [30/09/2009|15:09] C:\Program Files\ma-config.com
    [15/09/2005|21:58] C:\Program Files\MailSkinner
    [30/09/2009|13:53] C:\Program Files\Malwarebytes' Anti-Malware
    [18/12/2005|21:49] C:\Program Files\Marvell
    [14/08/2004|21:34] C:\Program Files\Maxis
    [08/04/2006|11:58] C:\Program Files\Messenger
    [12/03/2006|17:01] C:\Program Files\MessengerPlus! 3
    [21/02/2004|12:14] C:\Program Files\Microsoft ActiveSync
    [29/12/2001|19:10] C:\Program Files\Microsoft AutoRoute Express Europe 2000
    [02/10/2000|16:02] C:\Program Files\Microsoft Encarta
    [27/10/2000|08:59] C:\Program Files\Microsoft FrontPage
    [27/10/2000|08:55] C:\Program Files\Microsoft Office
    [27/10/2000|09:01] C:\Program Files\Microsoft Visual Studio
    [02/10/2000|16:02] C:\Program Files\Microsoft Works
    [25/08/1990|01:40] C:\Program Files\Montorgueil
    [08/04/2006|12:01] C:\Program Files\Movie Maker
    [11/02/2007|17:38] C:\Program Files\Mozilla Firefox
    [11/02/2007|17:38] C:\Program Files\Mozilla Thunderbird
    [31/07/2004|13:57] C:\Program Files\MSN Apps
    [08/04/2006|11:58] C:\Program Files\MSN Gaming Zone
    [27/10/2007|16:51] C:\Program Files\MSN Messenger
    [03/06/2004|19:00] C:\Program Files\MyWebSearch
    [08/04/2006|12:00] C:\Program Files\NetMeeting
    [02/10/2000|16:02] C:\Program Files\Netropa
    [05/09/2004|15:32] C:\Program Files\Norton AntiVirus
    [02/10/2006|23:52] C:\Program Files\Outlook Express
    [01/08/2003|12:24] C:\Program Files\Philips ToUcam Camera
    [17/09/2006|18:14] C:\Program Files\PhotoFiltre
    [02/10/2000|16:02] C:\Program Files\Plus!
    [02/10/2000|16:02] C:\Program Files\Publication Web
    [11/02/2007|15:00] C:\Program Files\QMgr
    [11/02/2007|15:01] C:\Program Files\QuickLink III
    [18/01/2008|18:15] C:\Program Files\QuickTime
    [21/10/2000|17:41] C:\Program Files\Ravisent
    [31/12/2000|17:39] C:\Program Files\Real
    [04/04/2006|19:05] C:\Program Files\SAGEM
    [28/10/2002|19:13] C:\Program Files\ScanSoft
    [08/10/1990|15:29] C:\Program Files\SearchRelevant
    [02/10/2000|16:02] C:\Program Files\Services en ligne
    [02/10/2000|16:02] C:\Program Files\SiS_MM1.06
    [05/06/2006|12:30] C:\Program Files\Starware
    [05/09/2004|15:31] C:\Program Files\Symantec
    [07/10/2006|10:22] C:\Program Files\The Adventure Company
    [11/02/2007|15:01] C:\Program Files\timtel32
    [31/03/2007|10:08] C:\Program Files\TuneUp Utilities 2007
    [01/08/2003|12:26] C:\Program Files\Ulead Systems
    [02/10/2000|16:02] C:\Program Files\Uninstall Information
    [11/02/2007|16:42] C:\Program Files\Unlocker
    [20/03/2005|10:41] C:\Program Files\U-Storage Win98 Driver
    [11/02/2007|19:09] C:\Program Files\uTorrent
    [30/09/2009|15:26] C:\Program Files\VIA
    [11/02/2007|16:42] C:\Program Files\VIAudioi
    [01/08/2003|12:27] C:\Program Files\VideoLink Mail
    [08/10/1990|15:29] C:\Program Files\Windows AdStatus
    [02/10/2006|23:58] C:\Program Files\Windows Media Player
    [11/02/2007|18:25] C:\Program Files\Windows NT
    [26/09/2004|13:29] C:\Program Files\WindowsUpdate
    [29/03/2005|21:41] C:\Program Files\Wixjgjy
    [08/04/2006|12:09] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [04/05/2005|23:04] C:\Program Files\Fichiers communs\Adaptec Shared
    [24/12/2006|15:21] C:\Program Files\Fichiers communs\Adobe
    [18/01/2008|17:56] C:\Program Files\Fichiers communs\Apple
    [27/10/2000|09:01] C:\Program Files\Fichiers communs\Designer
    [29/01/2006|21:03] C:\Program Files\Fichiers communs\FotoWire
    [28/10/2002|19:06] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|15:53] C:\Program Files\Fichiers communs\Java
    [29/01/2006|21:01] C:\Program Files\Fichiers communs\Logitech
    [27/10/2007|16:52] C:\Program Files\Fichiers communs\Microsoft Shared
    [08/04/2006|12:01] C:\Program Files\Fichiers communs\MSSoap
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\ODBC
    [28/10/2002|19:13] C:\Program Files\Fichiers communs\ScanSoft Shared
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\SERVICES
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\Smith Micro Shared
    [08/04/2006|11:51] C:\Program Files\Fichiers communs\SpeechEngines
    [05/09/2004|15:30] C:\Program Files\Fichiers communs\Symantec Shared
    [02/10/2006|23:52] C:\Program Files\Fichiers communs\SYSTEM
    [05/01/2006|22:09] C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006
    [11/02/2007|14:35] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 36 Processes )

    IEXPLORE.EXE ~ [PID:260]
    IEXPLORE.EXE ~ [PID:420]
    iexplore.exe ~ [PID:868]
    MsgPlus.exe ~ [PID:184]

    --------------------\\ Recherche avec S_Lop

    C:\DOCUME~1\c‚cile\APPLIC~1\DUMBRE~1
    C:\DOCUME~1\c‚cile\APPLIC~1\DUMBRE~1\Vga gram.exe

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\admin pop.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Balm Settings.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\barb mapi.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\boob 1.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Book Way.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Cake tray.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Cash More.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\COOL TRAY.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\CURB MEAL.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\dale slow.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Dash Time.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\debug manager.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Debug Wma.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\default dog.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Defy build.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Defy skip.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Does Bore.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\dog audio.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Dog Real.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Eggs 1.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Else Play.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\fork idle.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Great Deaf.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\heart eggs.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Help Math.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\hole soft.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\idol browse.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Idol Title.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Internet poke.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Log Size.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Media user.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Meow Cast.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Mix flag.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Mode Stop.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\More Real.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\new bat.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\noun poll.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Peak bore.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\pile chic.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\second vga.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\settings bin.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\show hope.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\soft iso.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Soft Settings.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\SPAM GRIM.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Surf Junk.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Test audio.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\the aim.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\this bias.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Thunk extra.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Tray proc.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Vc For.exe
    C:\DOCUME~1\cécile\APPLIC~1\dumbre~1
    C:\DOCUME~1\cécile\APPLIC~1\dumbre~1\Vga gram.exe
    C:\DOCUME~1\delphine\APPLIC~1\dumbre~1
    C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\Send Store Bash.exe
    C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\Vga gram.exe
    C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\znrjtitc.exe
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1\BAGSREFMESSOBJ.exe
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1\gwmjolhk.exe
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1\Send Store Bash.exe
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1\sxxbqqhd.exe
    C:\DOCUME~1\didier\APPLIC~1\dumbre~1\Vga gram.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ajutwpfk.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\alagryfx.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\azcokimr.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\BAGSREFMESSOBJ.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bgwcvabi.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\biqjjaqo.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bltbnrwu.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bmlvygcl.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bndgmxeu.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bplbxzst.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bwlrpqui.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\cjzjqykk.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ckekwelm.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dgstwlpb.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dhlfyfxj.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\djtjmjrh.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dllddbyo.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dlqfmuun.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\easfarlt.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ejfjcrvu.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fwdqsyut.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fwqlablc.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fxirypzg.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\gpmlinfw.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\havlczxe.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\hcykxbph.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\hzhcwgej.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ifhmqnmh.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\jqxqqpui.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\jtrfbnat.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\khjpdikx.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kszshpha.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kwrdemoa.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kyhqjjfv.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lgzhazqg.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lmbggwss.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lrhwcnjw.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\luapoaml.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lzdcebcn.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\mlsghcsv.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nkktmrys.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\noftnqsz.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\npvcslcw.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nraachzn.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nzefhfxw.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ockgbzil.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\odvgonye.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ojvhhgpm.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\pirglphf.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\piyvhiaa.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qjsrrrdf.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qkfrftun.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qyezxiwl.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qyulweze.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qzngrsgx.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\resxdpat.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rhesvlsm.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rjkmyrwo.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rmvmaybk.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\roexkmrt.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\roxizlgq.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sbakqhyb.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Send Comp Ref.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Send Store Bash.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sumxjwah.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sunmzgxg.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\tcsatuer.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\tdshjlbq.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ubnitsqz.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ugmfkjys.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ugoabuyw.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ulbxnzpx.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ulhlodzl.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\unsnbcex.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Vga gram.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vguulxrz.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vpfwjplc.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vqfjrefp.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wehythwv.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wggjhbwy.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wiyvurbp.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wlverwbt.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wmgsmoij.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wqjwoecg.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wqtspnkb.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\xdryclkn.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\xitnlhrp.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ycywtqsl.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\yhhawydm.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zbkdjafv.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zigfuzzm.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zqazgkjb.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zqutikyz.exe
    C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zsyzllsn.exe
    C:\Program Files\dumbre~1
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\bwsjtycv.exe
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\CoolMultiIso.exe
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\ksqqzzmh.exe
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\lcwjcfxa.exe
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\morereadme.exe
    C:\DOCUME~1\cécile\APPLIC~1\mailth~1\Regspingloveplus.exe
    C:\DOCUME~1\didier\LOCALS~1\Temp\nsg49.tmp
    C:\Program Files\Adverts
    C:\Program Files\Adverts\uninst.exe
    C:\WINDOWS\Tasks\A189D669918E54C9.job
    C:\WINDOWS\Tasks\A20E79439181F2F7.job
    C:\WINDOWS\Tasks\ABAC205D918FD589.job
    C:\WINDOWS\Tasks\AE635BC19188CC9D.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DeadRoamArmy]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\didier\\APPLIC~1\\DUMBRE~1\\Vga gram.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "jump pure"="C:\\DOCUME~1\\didier\\APPLIC~1\\DUMBRE~1\\Vga gram.exe"
    "jump pure"="C:\\DOCUME~1\\didier\\APPLIC~1\\DUMBRE~1\\Vga gram.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Win Data Book Sect"="C:\\Documents and Settings\\All Users\\Application Data\\One idol win data\\pile chic.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 72 [ 70 ## added by CiD ]

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-01 17:03:24
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    C:\Program Files\MailSkinner
    C:\Program Files\MailSkinner\anim_0.gif
    C:\Program Files\MailSkinner\anim_help.gif
    C:\Program Files\Instant Access
    C:\Program Files\Instant Access\Center
    C:\Program Files\Instant Access\DesktopIcons
    C:\Program Files\Instant Access\Dialer
    C:\Program Files\Instant Access\Join The Orgy.ico
    C:\Program Files\Instant Access\NoCreditCard.ico
    C:\Program Files\Instant Access\Thumbs.db
    ==> EGDACCESS <==

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware
    C:\DOCUME~1\c‚cile\APPLIC~1\Starware
    C:\DOCUME~1\delphine\APPLIC~1\Starware
    C:\DOCUME~1\didier\APPLIC~1\Starware
    C:\DOCUME~1\yanti\APPLIC~1\Starware
    C:\PROGRA~1\Starware
    C:\PROGRA~1\FICHIE~1\WinAntiVirus Pro 2006



    [F:12][D:3]-> C:\DOCUME~1\didier\LOCALS~1\Temp
    [F:1][D:0]-> C:\DOCUME~1\didier\Cookies
    [F:62][D:5]-> C:\WINDOWS\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - 01/10/2009|17:05 - Option : [1]

    --------------------\\ Fin du rapport a 17:05:15
    a c 267 8 Sécurité
    1 Octobre 2009 17:13:23

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    1 Octobre 2009 17:23:54

    Voilà :


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Rev 2.00
    USER : didier ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:13 Go (Free:1 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 01/10/2009|17:18 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\admin pop.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Balm Settings.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\barb mapi.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\boob 1.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Book Way.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Cake tray.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Cash More.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\COOL TRAY.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\CURB MEAL.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\dale slow.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Dash Time.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\debug manager.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Debug Wma.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\default dog.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Defy build.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Defy skip.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Does Bore.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\dog audio.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Dog Real.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Eggs 1.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Else Play.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\fork idle.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Great Deaf.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\heart eggs.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Help Math.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\hole soft.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\idol browse.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Idol Title.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Internet poke.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Log Size.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Media user.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Meow Cast.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Mix flag.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Mode Stop.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\More Real.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\new bat.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\noun poll.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Peak bore.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\pile chic.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\second vga.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\settings bin.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\show hope.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\soft iso.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Soft Settings.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\SPAM GRIM.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Surf Junk.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Test audio.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\the aim.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\this bias.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Thunk extra.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Tray proc.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data\Vc For.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\dumbre~1\Vga gram.exe
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\Send Store Bash.exe
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\Vga gram.exe
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\dumbre~1\znrjtitc.exe
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1\BAGSREFMESSOBJ.exe
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1\gwmjolhk.exe
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1\Send Store Bash.exe
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1\sxxbqqhd.exe
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1\Vga gram.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ajutwpfk.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\alagryfx.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\azcokimr.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\BAGSREFMESSOBJ.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bgwcvabi.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\biqjjaqo.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bltbnrwu.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bmlvygcl.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bndgmxeu.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bplbxzst.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\bwlrpqui.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\cjzjqykk.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ckekwelm.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dgstwlpb.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dhlfyfxj.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\djtjmjrh.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dllddbyo.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\dlqfmuun.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\easfarlt.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ejfjcrvu.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fwdqsyut.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fwqlablc.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\fxirypzg.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\gpmlinfw.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\havlczxe.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\hcykxbph.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\hzhcwgej.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ifhmqnmh.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\jqxqqpui.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\jtrfbnat.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\khjpdikx.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kszshpha.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kwrdemoa.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\kyhqjjfv.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lgzhazqg.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lmbggwss.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lrhwcnjw.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\luapoaml.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\lzdcebcn.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\mlsghcsv.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nkktmrys.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\noftnqsz.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\npvcslcw.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nraachzn.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\nzefhfxw.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ockgbzil.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\odvgonye.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ojvhhgpm.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\pirglphf.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\piyvhiaa.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qjsrrrdf.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qkfrftun.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qyezxiwl.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qyulweze.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\qzngrsgx.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\resxdpat.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rhesvlsm.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rjkmyrwo.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\rmvmaybk.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\roexkmrt.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\roxizlgq.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sbakqhyb.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Send Comp Ref.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Send Store Bash.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sumxjwah.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\sunmzgxg.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\tcsatuer.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\tdshjlbq.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ubnitsqz.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ugmfkjys.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ugoabuyw.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ulbxnzpx.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ulhlodzl.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\unsnbcex.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\Vga gram.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vguulxrz.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vpfwjplc.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\vqfjrefp.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wehythwv.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wggjhbwy.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wiyvurbp.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wlverwbt.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wmgsmoij.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wqjwoecg.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\wqtspnkb.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\xdryclkn.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\xitnlhrp.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\ycywtqsl.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\yhhawydm.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zbkdjafv.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zigfuzzm.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zqazgkjb.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zqutikyz.exe
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1\zsyzllsn.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\bwsjtycv.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\CoolMultiIso.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\ksqqzzmh.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\lcwjcfxa.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\morereadme.exe
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1\Regspingloveplus.exe
    Supprime! - C:\DOCUME~1\didier\LOCALS~1\Temp\nsg49.tmp
    Supprime! - C:\Program Files\Adverts\uninst.exe
    Supprime! - C:\WINDOWS\Tasks\A189D669918E54C9.job
    Supprime! - C:\WINDOWS\Tasks\A20E79439181F2F7.job
    Supprime! - C:\WINDOWS\Tasks\ABAC205D918FD589.job
    Supprime! - C:\WINDOWS\Tasks\AE635BC19188CC9D.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\One idol win data
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\dumbre~1
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\dumbre~1
    Supprime! - C:\DOCUME~1\didier\APPLIC~1\dumbre~1
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\dumbre~1
    Supprime! - C:\Program Files\dumbre~1
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\mailth~1
    Supprime! - C:\Program Files\Adverts
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [18/01/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [18/01/2008|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [10/04/2006|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob
    [04/12/2008|20:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast
    [30/09/2009|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [09/09/2006|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [30/09/2009|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [30/09/2009|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [08/04/2006|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [08/04/2006|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [06/09/2007|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One
    [08/04/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
    [04/12/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware
    [08/04/2006|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [11/02/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [11/02/2007|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

    [21/05/2006|16:30] C:\DOCUME~1\anthony\APPLIC~1\Adobe
    [09/04/2006|13:29] C:\DOCUME~1\anthony\APPLIC~1\Identities
    [09/04/2006|13:33] C:\DOCUME~1\anthony\APPLIC~1\Macromedia
    [08/04/2006|11:49] C:\DOCUME~1\anthony\APPLIC~1\Microsoft
    [09/04/2006|13:30] C:\DOCUME~1\anthony\APPLIC~1\Mozilla
    [12/04/2006|12:51] C:\DOCUME~1\anthony\APPLIC~1\ShopperReports
    [09/04/2006|13:34] C:\DOCUME~1\anthony\APPLIC~1\Sun
    [09/04/2006|13:30] C:\DOCUME~1\anthony\APPLIC~1\Talkback
    [16/04/2006|22:34] C:\DOCUME~1\anthony\APPLIC~1\Thunderbird

    [08/04/2006|19:18] C:\DOCUME~1\c‚cile\APPLIC~1\Identities
    [08/04/2006|19:43] C:\DOCUME~1\c‚cile\APPLIC~1\Macromedia
    [01/04/2007|11:26] C:\DOCUME~1\c‚cile\APPLIC~1\Microsoft
    [08/04/2006|19:22] C:\DOCUME~1\c‚cile\APPLIC~1\Mozilla
    [20/05/2006|11:14] C:\DOCUME~1\c‚cile\APPLIC~1\setupopen
    [12/04/2006|18:50] C:\DOCUME~1\c‚cile\APPLIC~1\ShopperReports
    [01/07/2007|20:20] C:\DOCUME~1\c‚cile\APPLIC~1\Starware
    [08/04/2006|21:43] C:\DOCUME~1\c‚cile\APPLIC~1\Sun
    [08/04/2006|19:23] C:\DOCUME~1\c‚cile\APPLIC~1\Talkback
    [08/04/2006|19:32] C:\DOCUME~1\c‚cile\APPLIC~1\Thunderbird
    [17/06/2007|14:16] C:\DOCUME~1\c‚cile\APPLIC~1\TuneUp Software

    [08/04/2006|11:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [16/09/2006|20:12] C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy
    [19/10/2006|20:35] C:\DOCUME~1\delphine\APPLIC~1\Help
    [09/04/2006|14:19] C:\DOCUME~1\delphine\APPLIC~1\Identities
    [09/04/2006|14:21] C:\DOCUME~1\delphine\APPLIC~1\Macromedia
    [25/11/2007|14:08] C:\DOCUME~1\delphine\APPLIC~1\Microsoft
    [09/04/2006|14:20] C:\DOCUME~1\delphine\APPLIC~1\Mozilla
    [25/11/2006|23:04] C:\DOCUME~1\delphine\APPLIC~1\ShopperReports
    [26/04/2008|22:33] C:\DOCUME~1\delphine\APPLIC~1\Starware
    [09/04/2006|14:22] C:\DOCUME~1\delphine\APPLIC~1\Sun
    [09/04/2006|14:20] C:\DOCUME~1\delphine\APPLIC~1\Talkback
    [09/04/2006|14:42] C:\DOCUME~1\delphine\APPLIC~1\Thunderbird
    [22/09/2007|14:01] C:\DOCUME~1\delphine\APPLIC~1\TuneUp Software

    [24/12/2006|15:21] C:\DOCUME~1\didier\APPLIC~1\Adobe
    [24/12/2006|15:22] C:\DOCUME~1\didier\APPLIC~1\AdobeUM
    [16/09/2006|22:47] C:\DOCUME~1\didier\APPLIC~1\Apple Computer
    [18/06/2006|13:08] C:\DOCUME~1\didier\APPLIC~1\Help
    [08/04/2006|12:29] C:\DOCUME~1\didier\APPLIC~1\Identities
    [09/09/2006|17:08] C:\DOCUME~1\didier\APPLIC~1\Leadertech
    [15/04/2006|16:52] C:\DOCUME~1\didier\APPLIC~1\Macromedia
    [30/09/2009|13:53] C:\DOCUME~1\didier\APPLIC~1\Malwarebytes
    [15/12/2006|11:58] C:\DOCUME~1\didier\APPLIC~1\Microsoft
    [30/09/2009|15:05] C:\DOCUME~1\didier\APPLIC~1\Mozilla
    [30/09/2009|13:55] C:\DOCUME~1\didier\APPLIC~1\Starware
    [09/04/2006|17:51] C:\DOCUME~1\didier\APPLIC~1\Talkback
    [15/04/2006|20:38] C:\DOCUME~1\didier\APPLIC~1\Thunderbird
    [11/02/2007|14:38] C:\DOCUME~1\didier\APPLIC~1\TuneUp Software
    [11/02/2007|22:34] C:\DOCUME~1\didier\APPLIC~1\uTorrent

    [08/04/2006|11:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [08/04/2006|11:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [14/01/2008|17:24] C:\DOCUME~1\yanti\APPLIC~1\Apple Computer
    [06/07/2006|21:10] C:\DOCUME~1\yanti\APPLIC~1\Help
    [09/04/2006|09:48] C:\DOCUME~1\yanti\APPLIC~1\Identities
    [18/01/2008|17:01] C:\DOCUME~1\yanti\APPLIC~1\LimeWire
    [10/04/2006|12:02] C:\DOCUME~1\yanti\APPLIC~1\Macromedia
    [18/12/2006|23:40] C:\DOCUME~1\yanti\APPLIC~1\Microsoft
    [09/04/2006|09:49] C:\DOCUME~1\yanti\APPLIC~1\Mozilla
    [15/06/2006|18:04] C:\DOCUME~1\yanti\APPLIC~1\Real
    [23/11/2006|09:57] C:\DOCUME~1\yanti\APPLIC~1\ShopperReports
    [04/12/2008|22:07] C:\DOCUME~1\yanti\APPLIC~1\Starware
    [21/04/2006|15:41] C:\DOCUME~1\yanti\APPLIC~1\Sun
    [09/04/2006|09:49] C:\DOCUME~1\yanti\APPLIC~1\Talkback
    [16/04/2006|10:08] C:\DOCUME~1\yanti\APPLIC~1\Thunderbird
    [31/03/2007|10:07] C:\DOCUME~1\yanti\APPLIC~1\TuneUp Software

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [18/01/2008 18:01][--a--c---] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [23/05/2008 17:15][--a--c---] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [01/10/2009 16:58][--ah-c---] C:\WINDOWS\tasks\SA.DAT
    [30/04/2005 23:53][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "SponsorInstalled"=dword:00000000


    --------------------\\ Listing des dossiers dans C:\Program Files

    [28/10/2002|18:49] C:\Program Files\Adobe
    [11/02/2007|15:01] C:\Program Files\Advanced JPEG Compressor
    [18/12/2005|21:33] C:\Program Files\Analog Devices
    [18/01/2008|17:59] C:\Program Files\Apple Software Update
    [28/10/2002|19:07] C:\Program Files\ArcSoft
    [12/11/2005|18:14] C:\Program Files\Auralog
    [21/02/2004|12:14] C:\Program Files\AvantGo Connect
    [18/01/2008|18:18] C:\Program Files\Bonjour
    [28/10/2002|19:44] C:\Program Files\Canon
    [24/04/2004|15:00] C:\Program Files\Cegetel
    [02/10/2000|16:02] C:\Program Files\CHAT
    [21/02/2004|12:14] C:\Program Files\Common Files
    [08/04/2006|12:00] C:\Program Files\ComPlus Applications
    [19/12/2000|10:35] C:\Program Files\dialogue-chat2
    [02/10/2000|16:02] C:\Program Files\DirectCD
    [02/10/2006|18:56] C:\Program Files\Easy CD Creator
    [02/10/2000|16:02] C:\Program Files\Easy Internet
    [22/11/2000|17:33] C:\Program Files\Egypte
    [11/02/2007|15:01] C:\Program Files\EHMINSTALL
    [29/01/2007|20:11] C:\Program Files\eMule
    [18/01/2008|17:56] C:\Program Files\Fichiers communs
    [02/10/2000|16:02] C:\Program Files\Freesbee
    [03/06/2004|19:00] C:\Program Files\FunWebProducts
    [06/03/2004|17:11] C:\Program Files\hewlett-packard
    [19/10/2006|18:37] C:\Program Files\Hotbar
    [30/09/2009|15:01] C:\Program Files\InstallShield Installation Information
    [01/08/2003|15:45] C:\Program Files\Instant Access
    [02/10/2000|16:02] C:\Program Files\Intel
    [11/02/2007|17:15] C:\Program Files\Internet Explorer
    [09/09/2006|17:06] C:\Program Files\Iomega
    [04/03/2004|09:43] C:\Program Files\iPAQ Download Agent
    [18/01/2008|18:46] C:\Program Files\iPod
    [18/01/2008|18:48] C:\Program Files\iTunes
    [18/08/2001|22:13] C:\Program Files\IxoVM
    [02/01/2006|00:46] C:\Program Files\Jasc Software Inc
    [10/03/2006|15:56] C:\Program Files\Java
    [14/10/1990|18:28] C:\Program Files\Labtec
    [14/01/2008|17:06] C:\Program Files\LimeWire
    [29/01/2006|21:00] C:\Program Files\Logitech
    [13/01/2001|13:44] C:\Program Files\Lucky Luke
    [30/09/2009|15:09] C:\Program Files\ma-config.com
    [15/09/2005|21:58] C:\Program Files\MailSkinner
    [30/09/2009|13:53] C:\Program Files\Malwarebytes' Anti-Malware
    [18/12/2005|21:49] C:\Program Files\Marvell
    [14/08/2004|21:34] C:\Program Files\Maxis
    [08/04/2006|11:58] C:\Program Files\Messenger
    [12/03/2006|17:01] C:\Program Files\MessengerPlus! 3
    [21/02/2004|12:14] C:\Program Files\Microsoft ActiveSync
    [29/12/2001|19:10] C:\Program Files\Microsoft AutoRoute Express Europe 2000
    [02/10/2000|16:02] C:\Program Files\Microsoft Encarta
    [27/10/2000|08:59] C:\Program Files\Microsoft FrontPage
    [27/10/2000|08:55] C:\Program Files\Microsoft Office
    [27/10/2000|09:01] C:\Program Files\Microsoft Visual Studio
    [02/10/2000|16:02] C:\Program Files\Microsoft Works
    [25/08/1990|01:40] C:\Program Files\Montorgueil
    [08/04/2006|12:01] C:\Program Files\Movie Maker
    [11/02/2007|17:38] C:\Program Files\Mozilla Firefox
    [11/02/2007|17:38] C:\Program Files\Mozilla Thunderbird
    [31/07/2004|13:57] C:\Program Files\MSN Apps
    [08/04/2006|11:58] C:\Program Files\MSN Gaming Zone
    [27/10/2007|16:51] C:\Program Files\MSN Messenger
    [03/06/2004|19:00] C:\Program Files\MyWebSearch
    [08/04/2006|12:00] C:\Program Files\NetMeeting
    [02/10/2000|16:02] C:\Program Files\Netropa
    [05/09/2004|15:32] C:\Program Files\Norton AntiVirus
    [02/10/2006|23:52] C:\Program Files\Outlook Express
    [01/08/2003|12:24] C:\Program Files\Philips ToUcam Camera
    [17/09/2006|18:14] C:\Program Files\PhotoFiltre
    [02/10/2000|16:02] C:\Program Files\Plus!
    [02/10/2000|16:02] C:\Program Files\Publication Web
    [11/02/2007|15:00] C:\Program Files\QMgr
    [11/02/2007|15:01] C:\Program Files\QuickLink III
    [18/01/2008|18:15] C:\Program Files\QuickTime
    [21/10/2000|17:41] C:\Program Files\Ravisent
    [31/12/2000|17:39] C:\Program Files\Real
    [04/04/2006|19:05] C:\Program Files\SAGEM
    [28/10/2002|19:13] C:\Program Files\ScanSoft
    [08/10/1990|15:29] C:\Program Files\SearchRelevant
    [02/10/2000|16:02] C:\Program Files\Services en ligne
    [02/10/2000|16:02] C:\Program Files\SiS_MM1.06
    [05/06/2006|12:30] C:\Program Files\Starware
    [05/09/2004|15:31] C:\Program Files\Symantec
    [07/10/2006|10:22] C:\Program Files\The Adventure Company
    [11/02/2007|15:01] C:\Program Files\timtel32
    [31/03/2007|10:08] C:\Program Files\TuneUp Utilities 2007
    [01/08/2003|12:26] C:\Program Files\Ulead Systems
    [02/10/2000|16:02] C:\Program Files\Uninstall Information
    [11/02/2007|16:42] C:\Program Files\Unlocker
    [20/03/2005|10:41] C:\Program Files\U-Storage Win98 Driver
    [11/02/2007|19:09] C:\Program Files\uTorrent
    [30/09/2009|15:26] C:\Program Files\VIA
    [11/02/2007|16:42] C:\Program Files\VIAudioi
    [01/08/2003|12:27] C:\Program Files\VideoLink Mail
    [08/10/1990|15:29] C:\Program Files\Windows AdStatus
    [02/10/2006|23:58] C:\Program Files\Windows Media Player
    [11/02/2007|18:25] C:\Program Files\Windows NT
    [26/09/2004|13:29] C:\Program Files\WindowsUpdate
    [29/03/2005|21:41] C:\Program Files\Wixjgjy
    [08/04/2006|12:09] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [04/05/2005|23:04] C:\Program Files\Fichiers communs\Adaptec Shared
    [24/12/2006|15:21] C:\Program Files\Fichiers communs\Adobe
    [18/01/2008|17:56] C:\Program Files\Fichiers communs\Apple
    [27/10/2000|09:01] C:\Program Files\Fichiers communs\Designer
    [29/01/2006|21:03] C:\Program Files\Fichiers communs\FotoWire
    [28/10/2002|19:06] C:\Program Files\Fichiers communs\InstallShield
    [10/03/2006|15:53] C:\Program Files\Fichiers communs\Java
    [29/01/2006|21:01] C:\Program Files\Fichiers communs\Logitech
    [27/10/2007|16:52] C:\Program Files\Fichiers communs\Microsoft Shared
    [08/04/2006|12:01] C:\Program Files\Fichiers communs\MSSoap
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\ODBC
    [28/10/2002|19:13] C:\Program Files\Fichiers communs\ScanSoft Shared
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\SERVICES
    [02/10/2000|16:02] C:\Program Files\Fichiers communs\Smith Micro Shared
    [08/04/2006|11:51] C:\Program Files\Fichiers communs\SpeechEngines
    [05/09/2004|15:30] C:\Program Files\Fichiers communs\Symantec Shared
    [02/10/2006|23:52] C:\Program Files\Fichiers communs\SYSTEM
    [05/01/2006|22:09] C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006
    [11/02/2007|14:35] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 33 Processes )

    IEXPLORE.EXE ~ [PID:752]
    iexplore.exe ~ [PID:1720]
    MsgPlus.exe ~ [PID:184]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DeadRoamArmy]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\didier\\APPLIC~1\\DUMBRE~1\\Vga gram.exe -uninstall"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-01 17:21:05
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    C:\Program Files\MailSkinner
    C:\Program Files\MailSkinner\anim_0.gif
    C:\Program Files\MailSkinner\anim_help.gif
    C:\Program Files\Instant Access
    C:\Program Files\Instant Access\Center
    C:\Program Files\Instant Access\DesktopIcons
    C:\Program Files\Instant Access\Dialer
    C:\Program Files\Instant Access\Join The Orgy.ico
    C:\Program Files\Instant Access\NoCreditCard.ico
    C:\Program Files\Instant Access\Thumbs.db
    ==> EGDACCESS <==

    --------------------\\ ROGUES ..

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware
    C:\DOCUME~1\c‚cile\APPLIC~1\Starware
    C:\DOCUME~1\delphine\APPLIC~1\Starware
    C:\DOCUME~1\didier\APPLIC~1\Starware
    C:\DOCUME~1\yanti\APPLIC~1\Starware
    C:\PROGRA~1\Starware
    C:\PROGRA~1\FICHIE~1\WinAntiVirus Pro 2006



    [F:8][D:2]-> C:\DOCUME~1\didier\LOCALS~1\Temp
    [F:1][D:0]-> C:\DOCUME~1\didier\Cookies
    [F:62][D:5]-> C:\WINDOWS\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - 01/10/2009|17:05 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 01/10/2009|17:22 - Option : [2]

    --------------------\\ Fin du rapport a 17:22:33
    a c 267 8 Sécurité
    1 Octobre 2009 17:25:36

    Ok.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Puis double-clique sur Navilog1 présent sur le Bureau.
    (Sous Vista, clique droit sur le raccourci de Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    1 Octobre 2009 18:16:54

    Au moment de la "Sauvegarde du registre", Veuillez patienter, j'ai eu un message d'erreur de Windows :

    reg.exe a rencontré un problème et doit fermer, etc..

    Mais ça s'est bien poursuivi ensuite.

    Voilà le rapport :

    Fix Navipromo version 4.0.2 commencé le 01/10/2009 17:30:03,45

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Rev 2.00
    USER : didier ( Administrator )
    BOOT : Normal boot




    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:13 Go (Free:0 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1919 Mo (Free:0 Go)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\Program Files\Instant Access supprimé !
    C:\Program Files\Mailskinner supprimé !
    C:\Program Files\Montorgueil supprimé !
    c:\docume~1\alluse~1\bureau\Instant Access.lnk supprimé !
    C:\WINDOWS\eg_auth_1045.dll supprimé !
    C:\WINDOWS\p2esocks_1045.dll supprimé !
    C:\WINDOWS\system32\authclient.exe supprimé !
    C:\WINDOWS\system32\EGDACCESS_1064.dll supprimé !
    C:\WINDOWS\system32\EGDACCESS_1068.dll supprimé !
    C:\WINDOWS\system32\EGDHTML_1017.dll supprimé !
    C:\WINDOWS\system32\EGAUTH.dll supprimé !
    C:\WINDOWS\system32\egdial.dll supprimé !
    C:\WINDOWS\system32\msclock32.dll supprimé !
    C:\WINDOWS\system32\msplock32.dll supprimé !
    C:\WINDOWS\system32\p2esocks_1030.dll supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\didier\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok





    *** Scan terminé 01/10/2009 17:56:22,31 ***

    a c 267 8 Sécurité
    1 Octobre 2009 18:47:05

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    1 Octobre 2009 18:51:18

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by didier at 2009-10-01 18:49:22
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 883 MB (6%) free of 14 GB
    Total RAM: 255 MB (29% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:49:29, on 01/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Analog Devices\SoundMAX\smagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe
    C:\WINDOWS\system32\dvdupgrd.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Documents and Settings\didier\Bureau\RSIT.exe
    C:\Documents and Settings\didier\Bureau\didier.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ryvtfwfefqinmhhfrzzaqsxdt.com/jk78JaWWydovuM...
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xruiyptfktbkqusnoe.uk/jk78JaWWydq7tWLzpy3Sb6...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x=wKX1ILEOi+UdWpSlz2q9...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL
    O4 - HKLM\..\Run: [DVDUpgrade] DVDUpgrd.exe /async
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe"
    O4 - HKLM\..\Run: [jepsoevr] C:\WINDOWS\system32\yakpjmkj.exe
    O4 - HKLM\..\Run: [new knob remote book] C:\Documents and Settings\All Users\Application Data\Bleh Team New Knob\sect math.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [jump pure] C:\DOCUME~1\didier\APPLIC~1\DUMBRE~1\Vga gram.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\INETREPL.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O15 - Trusted Zone: http://*.billingnow.com
    O15 - Trusted Zone: http://*.reliablestats.com
    O15 - Trusted Zone: http://*.winantispyware.com
    O15 - Trusted Zone: http://*.winantivirus.com
    O15 - Trusted Zone: http://*.winantiviruspro.com
    O15 - Trusted Zone: http://*.winfixer.com
    O15 - Trusted Zone: http://*.winnanny.com
    O15 - Trusted Zone: http://*.winsoftware.com
    O16 - DPF: Win32 Classes -
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4300E5A-E9F1-4684-B768-EF172E9FF26A}: NameServer = 192.168.2.1
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\smagent.exe

    --
    End of file - 7626 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Maintenance en 1 clic.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX [2001-04-16 37808]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
    ST - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL [2004-08-13 155648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    MSNToolBandBHO - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL [2006-01-17 282624]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\MSNTB.DLL [2006-01-17 282624]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "DVDUpgrade"=DVDUpgrd.exe /async []
    "MessengerPlus3"=C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe [2007-04-21 190024]
    "jepsoevr"=C:\WINDOWS\system32\yakpjmkj.exe [2006-06-25 253952]
    "new knob remote book"=C:\Documents and Settings\All Users\Application Data\Bleh Team New Knob\sect math.exe [2006-05-20 368586]
    "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2003-08-26 196608]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-01-10 385024]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-01-15 267048]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
    "jump pure"=C:\DOCUME~1\didier\APPLIC~1\DUMBRE~1\Vga gram.exe []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\WINDOWS\System32\rundll32.exe"="C:\WINDOWS\System32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    ======List of files/folders created in the last 1 months======

    2009-10-01 18:49:22 ----D---- C:\rsit
    2009-10-01 17:30:03 ----A---- C:\cleannavi.txt
    2009-10-01 17:29:22 ----DC---- C:\Program Files\Navilog1
    2009-10-01 17:24:09 ----D---- C:\Documents and Settings\didier\Application Data\dumbrect01
    2009-10-01 17:02:10 ----A---- C:\lopR.txt
    2009-10-01 17:01:27 ----D---- C:\Lop SD
    2009-09-30 15:26:19 ----C---- C:\WINDOWS\system32\difxapi.dll
    2009-09-30 15:15:56 ----AHC---- C:\WINDOWS\nst4A.tmp
    2009-09-30 15:09:09 ----DC---- C:\Program Files\ma-config.com
    2009-09-30 15:09:09 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
    2009-09-30 15:06:22 ----D---- C:\Documents and Settings\All Users\Application Data\Google
    2009-09-30 15:01:48 ----AC---- C:\WINDOWS\adiras.ini
    2009-09-30 15:01:48 ----AC---- C:\WINDOWS\adidsl.ini
    2009-09-30 15:01:14 ----AC---- C:\WINDOWS\adiras.exe
    2009-09-30 15:01:13 ----AC---- C:\WINDOWS\system32\coclassfast.dll
    2009-09-30 15:01:13 ----AC---- C:\WINDOWS\enddisk32.exe
    2009-09-30 15:01:07 ----AC---- C:\WINDOWS\system32\adadix16.dll
    2009-09-30 15:01:04 ----AC---- C:\WINDOWS\autoclk.exe
    2009-09-30 13:53:04 ----D---- C:\Documents and Settings\didier\Application Data\Malwarebytes
    2009-09-30 13:52:53 ----DC---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-09-30 13:52:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-09-30 13:03:46 ----DC---- C:\WINDOWS\system32\CatRoot_bak

    ======List of files/folders modified in the last 1 months======

    2009-10-01 18:47:06 ----DC---- C:\WINDOWS\TEMP
    2009-10-01 18:47:02 ----RDC---- C:\Program Files
    2009-10-01 18:45:20 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-10-01 18:41:58 ----DC---- C:\WINDOWS
    2009-10-01 18:15:51 ----DC---- C:\WINDOWS\Prefetch
    2009-10-01 17:56:21 ----DC---- C:\WINDOWS\SYSTEM32
    2009-10-01 17:20:05 ----SDC---- C:\WINDOWS\Tasks
    2009-09-30 17:36:15 ----DC---- C:\WINDOWS\system32\CatRoot2
    2009-09-30 16:28:59 ----HDC---- C:\WINDOWS\INF
    2009-09-30 15:27:10 ----SHDC---- C:\WINDOWS\Installer
    2009-09-30 15:27:03 ----DC---- C:\WINDOWS\system32\DRIVERS
    2009-09-30 15:26:18 ----DC---- C:\Program Files\VIA
    2009-09-30 15:18:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-30 15:05:57 ----D---- C:\Documents and Settings\didier\Application Data\Mozilla
    2009-09-30 15:01:02 ----HDC---- C:\Program Files\InstallShield Installation Information
    2009-09-30 13:56:14 ----SHDC---- C:\WINDOWS\Temporary Internet Files
    2009-09-30 13:12:05 ----DC---- C:\WINDOWS\system32\CatRoot
    2009-09-30 12:44:54 ----SHD---- C:\System Volume Information
    2009-09-30 12:44:54 ----DC---- C:\WINDOWS\system32\Restore
    2009-09-30 12:37:38 ----DC---- C:\WINDOWS\Minidump
    2009-09-30 12:37:38 ----DC---- C:\WINDOWS\Debug

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 ati2mtaa;ati2mtaa; C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2004-08-04 327168]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
    R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2004-11-01 163712]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-08-17 291840]
    S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
    S3 adiusbae;USB ADSL LAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbae.sys [2004-03-02 117289]
    S3 catchme;catchme; \??\C:\DOCUME~1\didier\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]
    S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
    S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\smagent.exe [2002-09-20 45056]
    R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
    R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
    R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-01-15 504104]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------


    --------------------------------------------------------------------------------------------------------


    info.txt logfile of random's system information tool 1.06 2009-10-01 18:49:32

    ======Uninstall list======

    -->"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    µTorrent-->"C:\Program Files\uTorrent\uninstall.exe"
    Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Barre d'outils MSN-->C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR\mtbs.exe c
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    Canon Internet Library for ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9E75AF24-815C-4BD1-9A05-F96866CC6005}
    Canon PhotoRecord-->C:\WINDOWS\IsUn040c.exe -fC:\PROGRA~1\Canon\ZOOMBR~1\..\PhotoRecord\Uninst.isu -c"C:\PROGRA~1\Canon\ZOOMBR~1\..\PhotoRecord\Program\uninstdll.dll"
    Canon Utilities File Viewer Utility 1.2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF0DD8B7-471C-463B-A298-6066C2FABAF5}
    Canon Utilities PhotoStitch 3.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{03CDDD00-BD57-4326-9480-4C74449AF597}
    Canon Utilities RemoteCapture 2.7-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}
    Canon Utilities ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
    Conexant HCF PCI Modem-->infunist.exe VEN_127A&DEV_4321&SUBSYS_43241235
    Egypte 2-->C:\Program Files\The Adventure Company\Egypte 2\Uninstall.exe
    Fenêtre d'appareil photo Canon pour ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{093625E3-7B87-49D3-AA53-AD0FCFABAF49}
    HijackThis 2.0.2-->"C:\Documents and Settings\didier\Bureau\HijackThis.exe" /uninstall
    hp deskjet 995c series-->rundll32 hpzcon04.dll,VendorJettison hp deskjet 995c series
    HP Registration-->C:\PROGRA~1\EASYIN~1\unwise.exe /A C:\PROGRA~1\EASYIN~1\install.log
    Iomega Product Registration-->MsiExec.exe /X{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}
    iPod for Windows 2006-06-28-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BD57EA4D-026E-4F08-9B93-080E282B81FE} /l1036
    iTunes-->MsiExec.exe /I{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Lapin Malin Cours Préparatoire-->C:\WINDOWS\unin040c.exe -fC:\TLCWIN\RRF\uninstal\DeIsL2.isu
    Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LimeWire 4.16.2-->"C:\Program Files\LimeWire\uninstall.exe"
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RUNTIME\09\00\INTEL32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\SETUP.EXE" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
    Logitech Print Service-->C:\PROGRA~1\LOGITECH\PRINTS~1\UNWISE.EXE C:\PROGRA~1\LOGITECH\PRINTS~1\INSTALL.LOG
    Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
    Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    Messenger Plus! 3-->"C:\Documents and Settings\cécile\Mes documents\document\MsgPlus.exe" /Remove
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
    Microsoft Works 2000-->MsiExec.exe /I{A3088CD2-612B-11D3-AF43-00C04F443448}
    MSP3880-W 56K Modem-->C:\WINDOWS\SYSTEM32\INFUNIST.EXE
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    QuickLink III-->C:\Program Files\QuickLink III\SETUP.EXE
    QuickTime-->MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
    Riptide PCI Audio-->Ripunist.exe
    Rockwell HCF 56K Modem-->infunist.exe
    SAGEM F@st 800-840-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c
    SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE"
    TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
    Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe
    VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
    VIA Vinyl Audio Codecs Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
    Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

    ======System event log======

    Computer Name: HPPAV
    Event Code: 4
    Message: Impossible de créer la liaison symbolique pour \Device\Serial0.

    Record Number: 8153
    Source Name: Serial
    Time Written: 20080327180006.000000+060
    Event Type: Avertissement
    User:

    Computer Name: HPPAV
    Event Code: 10
    Message: Ce lecteur ne semble pas prendre en charge la lecture audio numérique.

    Record Number: 8152
    Source Name: redbook
    Time Written: 20080327180006.000000+060
    Event Type: Informations
    User:

    Computer Name: HPPAV
    Event Code: 10
    Message: Ce lecteur ne semble pas prendre en charge la lecture audio numérique.

    Record Number: 8151
    Source Name: redbook
    Time Written: 20080327180006.000000+060
    Event Type: Informations
    User:

    Computer Name: HPPAV
    Event Code: 7036
    Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.

    Record Number: 8150
    Source Name: Service Control Manager
    Time Written: 20080327180006.000000+060
    Event Type: Informations
    User:

    Computer Name: HPPAV
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

    Record Number: 8149
    Source Name: Service Control Manager
    Time Written: 20080327180006.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    =====Application event log=====

    Computer Name: HPPAV
    Event Code: 454
    Message: wuauclt (1716) La récupération/restauration de la base de données a échoué en raison d'une erreur inattendue -255.

    Record Number: 1122
    Source Name: ESENT
    Time Written: 20080330093456.000000+120
    Event Type: erreur
    User:

    Computer Name: HPPAV
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 1121
    Source Name: SecurityCenter
    Time Written: 20080330093410.000000+120
    Event Type: Informations
    User:

    Computer Name: HPPAV
    Event Code: 1
    Message:
    Record Number: 1120
    Source Name: Bonjour Service
    Time Written: 20080330093409.000000+120
    Event Type: Informations
    User:

    Computer Name: HPPAV
    Event Code: 454
    Message: wuauclt (3852) La récupération/restauration de la base de données a échoué en raison d'une erreur inattendue -255.

    Record Number: 1119
    Source Name: ESENT
    Time Written: 20080329183532.000000+060
    Event Type: erreur
    User:

    Computer Name: HPPAV
    Event Code: 454
    Message: wuauclt (376) La récupération/restauration de la base de données a échoué en raison d'une erreur inattendue -255.

    Record Number: 1118
    Source Name: ESENT
    Time Written: 20080329183531.000000+060
    Event Type: erreur
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\
    "windir"=C:\WINDOWS
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 28 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=1c00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=C:\windows\TEMP
    "TMP"=c:\windows\TEMP
    "PROMPT"=$p$g
    "winbootdir"=C:\WINDOWS
    "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip

    -----------------EOF-----------------

    a c 267 8 Sécurité
    1 Octobre 2009 19:01:10

  • Télécharge SystemLook sur ton Bureau.
  • Double-clique sur SystemLook.exe pour le lancer.
  • Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

    :dir
    C:\Documents and Settings\didier\Application Data\dumbrect01
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One
    C:\DOCUME~1\c‚cile\APPLIC~1\setupopen
    C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy

  • Clique sur le bouton Look pour démarrer l'examen.
  • A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
    Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
    1 Octobre 2009 19:12:37

    SystemLook v1.0 by jpshortstuff (29.08.09)
    Log created at 19:11 on 01/10/2009 by didier (Administrator - Elevation successful)

    ========== dir ==========

    C:\Documents and Settings\didier\Application Data\dumbrect01 - Parameters: "(none)"

    ---Files---
    None found.

    ---Folders---
    None found.

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob - Parameters: "(none)"

    ---Files---
    beephidemeal --ahs- 535920 bytes [16:04 11/04/2006] [22:13 15/09/2006]
    CASHWIPE.exe --a--- 365959 bytes [16:51 10/04/2006] [16:51 10/04/2006]
    OnlineEncLove --ahs- 2128 bytes [16:51 10/04/2006] [21:58 07/08/2006]
    rect spam dog --ahs- 487224 bytes [17:26 11/04/2006] [21:00 06/08/2006]
    Sect Bags Creative --ahs- 8 bytes [16:05 11/04/2006] [11:51 25/05/2006]
    sect math.exe --a--- 368586 bytes [09:14 20/05/2006] [09:14 20/05/2006]
    webacidlive --ahs- 783848 bytes [17:24 11/04/2006] [16:41 14/09/2006]

    ---Folders---
    None found.

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast - Parameters: "(none)"

    ---Files---
    32 readme.exe --a--- 535552 bytes [14:19 17/06/2007] [14:19 17/06/2007]
    chic multi.exe --a--- 535552 bytes [17:15 26/06/2007] [17:15 26/06/2007]
    Copydead.exe --a--- 567808 bytes [08:47 04/06/2007] [08:47 04/06/2007]
    DRIVE SITE.exe --a--- 567808 bytes [14:17 14/06/2007] [14:17 14/06/2007]
    extra dead.exe --a--- 574464 bytes [09:52 13/02/2007] [09:52 13/02/2007]
    Film Dead Up --ahs- 1257960 bytes [17:50 27/11/2006] [16:53 05/04/2007]
    grampartlink --ahs- 5954712 bytes [18:10 16/09/2006] [14:27 27/04/2008]
    Hide Peak Store --ahs- 1049136 bytes [12:56 16/09/2006] [16:42 01/10/2009]
    hope mpeg.exe --a--- 535552 bytes [17:15 26/06/2007] [17:15 26/06/2007]
    ITCHRULE.exe --a--- 567808 bytes [14:18 14/06/2007] [14:18 14/06/2007]
    Mail about load --ahs- 8337840 bytes [16:19 06/08/2007] [19:55 04/12/2008]
    meal16.exe --a--- 368586 bytes [18:12 16/09/2006] [18:12 16/09/2006]
    meet cast.exe --a--- 535552 bytes [16:38 20/06/2007] [16:38 20/06/2007]
    mode internet.exe --a--- 554496 bytes [16:27 19/04/2007] [16:27 19/04/2007]
    Poke Tool.exe --a--- 574464 bytes [09:51 13/02/2007] [09:51 13/02/2007]
    TeamDupeBows --ahs- 2873512 bytes [10:17 17/09/2006] [16:35 12/03/2008]

    ---Folders---
    None found.

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One - Parameters: "(none)"

    ---Files---
    audio balm bows.exe --a--- 546304 bytes [17:09 15/08/2007] [17:09 15/08/2007]
    Blue Memo Stupid.exe --a--- 546304 bytes [13:24 09/08/2007] [13:24 09/08/2007]
    browse wait mapi.exe --a--- 546304 bytes [00:16 12/08/2007] [00:16 12/08/2007]
    debug tool axis.exe --a--- 546304 bytes [16:18 06/08/2007] [16:18 06/08/2007]
    Flap More Bin.exe --a--- 546304 bytes [14:23 13/08/2007] [14:23 13/08/2007]

    ---Folders---
    None found.

    C:\DOCUME~1\c‚cile\APPLIC~1\setupopen - Unable to find folder.

    C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy - Parameters: "(none)"

    ---Files---
    None found.

    ---Folders---
    None found.

    -=End Of File=-
    a c 267 8 Sécurité
    1 Octobre 2009 19:23:57

    1/

  • Lance ce fichier : C:\Documents and Settings\didier\Bureau\didier.exe
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ryvtfwfefqinmhhfrzzaqsx [...] GFf9B6.asp

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xruiyptfktbkqusnoe.uk/j [...] as_gU.html

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://as.starware.com/dp/search?x [...] Y4ouF9P1bf

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O4 - HKLM\..\Run: [jepsoevr] C:\WINDOWS\system32\yakpjmkj.exe

    O4 - HKLM\..\Run: [new knob remote book] C:\Documents and Settings\All Users\Application Data\Bleh Team New Knob\sect math.exe

    O4 - HKCU\..\Run: [jump pure] C:\DOCUME~1\didier\APPLIC~1\DUMBRE~1\Vga gram.exe

    O15 - Trusted Zone: http://*.billingnow.com

    O15 - Trusted Zone: http://*.reliablestats.com

    O15 - Trusted Zone: http://*.winantispyware.com

    O15 - Trusted Zone: http://*.winantivirus.com

    O15 - Trusted Zone: http://*.winantiviruspro.com

    O15 - Trusted Zone: http://*.winfixer.com

    O15 - Trusted Zone: http://*.winnanny.com

    O15 - Trusted Zone: http://*.winsoftware.com

    O16 - DPF: Win32 Classes -

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\WINDOWS\system32\yakpjmkj.exe
    C:\Documents and Settings\didier\Application Data\dumbrect01
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One
    C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    1 Octobre 2009 20:39:31

    Il m'a l'air pas mal ce logiciel pour virer les fichiers temporaires sur toutes les sessions d'un coup ! :p 

    Voilà le rapport :

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== FILES ==========
    C:\WINDOWS\system32\yakpjmkj.exe moved successfully.
    C:\Documents and Settings\didier\Application Data\dumbrect01 moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bleh Team New Knob moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bonebendbasecast moved successfully.
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\New Support Sect One moved successfully.
    C:\DOCUME~1\delphine\APPLIC~1\Bat Proxy moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: anthony
    ->Temp folder emptied: 15524785 bytes
    ->Java cache emptied: 957236 bytes
    ->FireFox cache emptied: 1526247 bytes

    User: cécile
    File delete failed. C:\Documents and Settings\cécile\Local Settings\Temp\hsperfdata_cécile\9416 scheduled to be deleted on reboot.
    ->Temp folder emptied: 226076442 bytes
    ->Java cache emptied: 2758301 bytes
    ->FireFox cache emptied: 1797009 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes

    User: delphine
    ->Temp folder emptied: 102157584 bytes
    ->Java cache emptied: 908172 bytes
    ->FireFox cache emptied: 21267489 bytes

    User: didier
    ->Temp folder emptied: 0 bytes
    ->FireFox cache emptied: 1742727 bytes

    User: LocalService
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    ->Temp folder emptied: 115348 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes

    User: yanti
    ->Temp folder emptied: 509188124 bytes
    ->Java cache emptied: 1038845 bytes
    ->FireFox cache emptied: 8132537 bytes

    %systemdrive% .tmp files removed: 0 bytes
    C:\WINDOWS\msdownld.tmp folder deleted successfully.
    %systemroot% .tmp files removed: 363 bytes
    %systemroot%\System32 .tmp files removed: 1331712 bytes
    Windows Temp folder emptied: 0 bytes
    Session Manager Temp folder emptied: 0 bytes
    Session Manager Tmp folder emptied: 0 bytes
    RecycleBin emptied: 17091362 bytes

    Total Files Cleaned = 869,38 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 10012009_203239

    Files moved on Reboot...
    File move failed. C:\Documents and Settings\cécile\Local Settings\Temp\hsperfdata_cécile\9416 scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    a c 267 8 Sécurité
    1 Octobre 2009 20:51:26

    256 Mo, c'est peu pour XP.
    1 Octobre 2009 20:55:21

    Ouais, je sais, mais j'ai plus de barrette compatible. En plus, avec un disque dur de 15 Go... :/ 

    L'autre PC aussi tournait avec 256Mo mais je lui ai rajouté une autre barrette de 256. Ça marche beaucoup mieux.

    Il est tout propre le PC là ? Je peux lui installer le SP3 et Antivir ?
    a c 267 8 Sécurité
    1 Octobre 2009 21:04:13

    Oui puis tu fais un scan.
    1 Octobre 2009 21:07:56

    Ok merci. Je m'en occupe demain pour Antivir (pas envie de couper ma connexion sur mon PC là :D ).

    Je te tiens au courant ;) .

    Encore une fois, merci beaucoup !
    a c 267 8 Sécurité
    1 Octobre 2009 21:09:57

    Ok, bonne soirée ;) 
    1 Octobre 2009 22:16:37

    Avec SpaceMonger, je viens de vérifier ce qui prend de la place sur le disque et j'ai toujours un dossier ShopperReports de 3.56 Go dans C:\Documents and Settings/yanti/Application data.

    Je peux le virer ?
    a c 267 8 Sécurité
    1 Octobre 2009 22:28:56

    Ok, je vais vérifier quelque chose :

  • Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci de Toolbar S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    1 Octobre 2009 23:12:58


    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Rev 2.00
    USER : didier ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:13 Go (Free:0 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1919 Mo (Free:0 Go)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [1] ( 01/10/2009|23:04 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\shprrprt.log
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\Config.xml
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\db
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\dwld
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\persist.dbs
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\report
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\res2
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\db\Aliases.dbs
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\db\Sites.dbs
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\dwld\WhiteList.xip
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\report\aggr_storage.xml
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\report\send_storage.xml
    C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs\res2\WhiteList.dbs
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\shprrprt.log
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\Config.xml
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\db
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\dwld
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\persist.dbs
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\report
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\res1
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\db\Aliases.dbs
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\db\Sites.dbs
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\dwld\WhiteList.xip
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\report\aggr_storage.xml
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\report\send_storage.xml
    C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs\res1\WhiteList.dbs
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt.log
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt_1164488360.log
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt_1164488691.log
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\Config.xml
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\db
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\dwld
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\persist.dbs
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\report
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\res2
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\db\Aliases.dbs
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\db\Sites.dbs
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\dwld\WhiteList.xip
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\report\aggr_storage.xml
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\report\send_storage.xml
    C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs\res2\WhiteList.dbs
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185360.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185421.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185482.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185545.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185606.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185671.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185736.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185797.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185859.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185920.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185981.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186042.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186103.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186164.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186225.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186286.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186347.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186408.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186469.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186530.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186591.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186652.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186713.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186774.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186835.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186896.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186957.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187018.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187079.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187140.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187201.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187262.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187323.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187384.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187445.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187506.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187567.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187628.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187689.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187750.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187811.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187872.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187933.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187994.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188055.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188116.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188179.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188240.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188301.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188362.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188423.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188484.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188545.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188606.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188667.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188728.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188789.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188850.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188911.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188972.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189033.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189096.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189157.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189218.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189279.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189340.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189401.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189462.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189523.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189584.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189645.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189706.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189767.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189828.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189889.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189950.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190011.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190072.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190133.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190194.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190255.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190316.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190377.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190438.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190499.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190560.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190621.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190682.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190743.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190804.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190867.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190928.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190989.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191050.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191111.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191172.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191233.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191294.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191355.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191416.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191477.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191538.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191599.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191660.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191728.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191789.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191850.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191911.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191972.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192033.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192094.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192155.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192216.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192277.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192338.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192400.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192461.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192522.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192583.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192644.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192705.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192766.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192831.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192895.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192957.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193019.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193082.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193143.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193204.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193265.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193326.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193387.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193448.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193509.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193570.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193631.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193692.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193753.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193814.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193879.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193940.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194001.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194062.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194123.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194184.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194245.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194306.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194367.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194428.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194489.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194550.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194611.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194672.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194733.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194794.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194855.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194916.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194977.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195038.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195099.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195160.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195221.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195282.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195343.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195407.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195470.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195533.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195594.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195655.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195718.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195780.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195841.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195902.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195963.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196024.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196085.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196146.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196207.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196268.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196329.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196390.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196451.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196512.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196573.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196634.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196695.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196757.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196818.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196883.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196944.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197005.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197073.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197135.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197196.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197268.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197329.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197390.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197451.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197512.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197573.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197636.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197697.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197758.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197819.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197880.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197941.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198002.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198063.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198124.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198185.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198246.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198309.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198370.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198431.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198493.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198554.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198615.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198676.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198739.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198803.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198865.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198938.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199081.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199142.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199205.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199266.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199333.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199394.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199455.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199516.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199577.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199638.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199699.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199761.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199822.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199883.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199944.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200005.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200066.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200127.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200189.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200250.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200311.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200378.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200439.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200500.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200561.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200622.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200683.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200744.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200805.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200866.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200927.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200988.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201049.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201110.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201171.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201232.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201293.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201354.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201415.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201476.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201537.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201598.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201659.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201720.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201781.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201842.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201903.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201969.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202030.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202091.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202152.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202213.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202274.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202335.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202396.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202457.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202518.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202581.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202642.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202719.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202780.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202843.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202904.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202965.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203026.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203087.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203148.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203209.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203270.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203331.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203393.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203454.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203515.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203576.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203639.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203700.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203763.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203824.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203885.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203946.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204007.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204068.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204129.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204190.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204251.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204312.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204373.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204434.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204495.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204556.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204617.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204678.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204739.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204800.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204861.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204922.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204983.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205044.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205105.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205168.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205230.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205291.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205352.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205415.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205476.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205537.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205602.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205663.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205724.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205785.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205846.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205907.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205968.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206029.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206090.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206151.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206212.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206273.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206334.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206395.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206462.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206523.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206584.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206645.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206707.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206768.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206829.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206890.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206951.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207012.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207073.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207134.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207195.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207256.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207317.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207378.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207439.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207500.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207561.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207622.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207683.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207744.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207805.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207866.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207927.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207990.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208051.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208112.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208173.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208234.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208295.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208356.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208417.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208478.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208541.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208602.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208663.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208724.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208785.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208847.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208908.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208969.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209030.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209091.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209152.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209215.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209276.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209337.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209398.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209459.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209520.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209581.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209642.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209703.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209764.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209825.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209886.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209947.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210008.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210072.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210133.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210197.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210258.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210319.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210381.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210442.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210504.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210565.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210626.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210687.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210748.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210809.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210870.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210931.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210992.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211053.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211114.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211175.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211236.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211297.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211358.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211419.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211485.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211549.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211610.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211671.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211733.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211794.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211855.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211916.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211977.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212039.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212100.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212161.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212222.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212283.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212344.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212405.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212466.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164268648.log
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\Config.xml
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\db
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\dwld
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\persist.dbs
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\report
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\res2
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\db\Aliases.dbs
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\db\Sites.dbs
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\dwld\WhiteList.xip
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\report\aggr_storage.xml
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\report\send_storage.xml
    C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs\res2\WhiteList.dbs
    C:\Program Files\MSN Messenger\riched20.dll

    -----------\\ Extensions

    (anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (c‚cile) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (delphine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (didier) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (yanti) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"
    "ChannelsURL"="http://www.iechannelguide.com/guide/en/en_us.asp"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 01/10/2009|23:05 - Option : [1]

    -----------\\ Fin du rapport a 23:05:52,70

    a c 267 8 Sécurité
    1 Octobre 2009 23:19:15

    Tu peux faire l'option 2 de ToolBar S&D.
    2 Octobre 2009 00:23:30

    1h de nettoyage quand même !

    Voilà le rapport :


    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
    BIOS : Rev 2.00
    USER : didier ( Administrator )
    BOOT : Normal boot
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:13 Go (Free:0 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1919 Mo (Free:0 Go)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( 01/10/2009|23:20 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\cs
    Supprime! - C:\DOCUME~1\anthony\APPLIC~1\ShopperReports\shprrprt.log
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\cs
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\ShopperReports\shprrprt.log
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\cs
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt.log
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt_1164488360.log
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\ShopperReports\shprrprt_1164488691.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\cs
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185360.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185421.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185482.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185545.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185606.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185671.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185736.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185797.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185859.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185920.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164185981.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186042.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186103.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186164.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186225.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186286.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186347.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186408.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186469.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186530.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186591.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186652.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186713.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186774.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186835.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186896.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164186957.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187018.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187079.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187140.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187201.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187262.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187323.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187384.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187445.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187506.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187567.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187628.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187689.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187750.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187811.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187872.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187933.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164187994.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188055.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188116.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188179.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188240.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188301.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188362.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188423.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188484.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188545.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188606.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188667.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188728.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188789.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188850.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188911.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164188972.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189033.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189096.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189157.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189218.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189279.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189340.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189401.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189462.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189523.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189584.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189645.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189706.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189767.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189828.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189889.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164189950.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190011.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190072.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190133.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190194.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190255.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190316.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190377.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190438.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190499.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190560.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190621.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190682.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190743.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190804.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190867.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190928.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164190989.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191050.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191111.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191172.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191233.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191294.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191355.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191416.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191477.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191538.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191599.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191660.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191728.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191789.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191850.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191911.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164191972.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192033.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192094.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192155.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192216.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192277.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192338.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192400.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192461.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192522.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192583.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192644.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192705.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192766.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192831.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192895.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164192957.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193019.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193082.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193143.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193204.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193265.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193326.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193387.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193448.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193509.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193570.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193631.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193692.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193753.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193814.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193879.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164193940.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194001.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194062.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194123.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194184.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194245.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194306.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194367.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194428.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194489.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194550.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194611.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194672.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194733.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194794.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194855.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194916.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164194977.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195038.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195099.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195160.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195221.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195282.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195343.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195407.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195470.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195533.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195594.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195655.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195718.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195780.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195841.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195902.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164195963.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196024.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196085.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196146.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196207.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196268.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196329.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196390.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196451.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196512.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196573.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196634.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196695.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196757.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196818.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196883.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164196944.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197005.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197073.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197135.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197196.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197268.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197329.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197390.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197451.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197512.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197573.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197636.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197697.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197758.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197819.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197880.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164197941.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198002.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198063.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198124.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198185.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198246.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198309.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198370.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198431.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198493.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198554.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198615.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198676.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198739.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198803.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198865.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164198938.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199081.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199142.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199205.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199266.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199333.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199394.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199455.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199516.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199577.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199638.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199699.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199761.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199822.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199883.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164199944.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200005.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200066.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200127.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200189.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200250.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200311.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200378.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200439.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200500.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200561.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200622.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200683.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200744.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200805.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200866.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200927.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164200988.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201049.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201110.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201171.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201232.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201293.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201354.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201415.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201476.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201537.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201598.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201659.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201720.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201781.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201842.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201903.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164201969.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202030.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202091.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202152.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202213.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202274.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202335.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202396.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202457.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202518.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202581.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202642.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202719.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202780.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202843.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202904.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164202965.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203026.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203087.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203148.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203209.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203270.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203331.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203393.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203454.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203515.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203576.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203639.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203700.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203763.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203824.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203885.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164203946.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204007.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204068.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204129.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204190.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204251.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204312.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204373.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204434.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204495.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204556.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204617.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204678.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204739.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204800.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204861.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204922.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164204983.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205044.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205105.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205168.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205230.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205291.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205352.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205415.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205476.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205537.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205602.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205663.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205724.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205785.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205846.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205907.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164205968.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206029.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206090.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206151.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206212.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206273.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206334.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206395.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206462.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206523.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206584.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206645.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206707.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206768.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206829.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206890.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164206951.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207012.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207073.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207134.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207195.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207256.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207317.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207378.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207439.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207500.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207561.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207622.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207683.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207744.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207805.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207866.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207927.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164207990.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208051.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208112.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208173.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208234.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208295.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208356.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208417.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208478.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208541.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208602.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208663.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208724.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208785.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208847.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208908.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164208969.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209030.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209091.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209152.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209215.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209276.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209337.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209398.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209459.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209520.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209581.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209642.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209703.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209764.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209825.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209886.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164209947.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210008.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210072.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210133.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210197.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210258.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210319.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210381.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210442.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210504.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210565.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210626.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210687.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210748.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210809.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210870.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210931.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164210992.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211053.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211114.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211175.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211236.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211297.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211358.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211419.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211485.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211549.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211610.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211671.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211733.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211794.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211855.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211916.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164211977.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212039.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212100.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212161.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212222.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212283.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212344.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212405.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164212466.log
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports\shprrprt_1164268648.log
    Supprime! - C:\Program Files\MSN Messenger\riched20.dll
    Supprime! - C:\DOCUME~1\anthony\APPLIC~1\ShopperReports
    Supprime! - C:\DOCUME~1\cécile\APPLIC~1\ShopperReports
    Supprime! - C:\DOCUME~1\delphine\APPLIC~1\ShopperReports
    Supprime! - C:\DOCUME~1\yanti\APPLIC~1\ShopperReports

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (anthony) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (c‚cile) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (delphine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (didier) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    (yanti) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Start Page"="http://www.msn.com/"
    "ChannelsURL"="http://www.iechannelguide.com/guide/en/en_us.asp"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !


    1 - "C:\ToolBar SD\TB_1.txt" - 01/10/2009|23:05 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 02/10/2009| 0:21 - Option : [2]

    -----------\\ Fin du rapport a 0:21:49,01

    a c 267 8 Sécurité
    2 Octobre 2009 01:10:55

    Le dossier ShopperReports que tu avais vu a été supprimé.
    2 Octobre 2009 01:17:30

    Ok, nickel. Je peux supprimer tous les logiciels de désinfection avec leurs sauvegardes ?
    a c 267 8 Sécurité
    2 Octobre 2009 01:29:28

    Oui. J'attends le rapport d'AntiVir ;) 
    a c 267 8 Sécurité
    2 Octobre 2009 14:37:36

    Citation :
    9.0.0.65

    --> AntiVir n'a pas l'air à jour.
    2 Octobre 2009 16:56:36

    Je l'ai téléchargé sur 01net et fais une MAJ manuelle car il me demandait de choisir une connexion sinon.. Il n'avait pas l'air de repérer la connexion ethernet...
    2 Octobre 2009 19:51:59

    Merci. Je ne poste pas le rapport car Résultat positifs : 0 ! \o/

    Edit : le voilà quand même :D 



    Avira AntiVir Personal
    Date de création du fichier de rapport : vendredi 2 octobre 2009 18:59

    La recherche porte sur 1767312 souches de virus.

    Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
    Numéro de série : 0000149996-ADJIE-0000001
    Plateforme : Windows XP
    Version de Windows : (Service Pack 3) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur : HPPAV

    Informations de version :
    BUILD.DAT : 9.0.0.67 17958 Bytes 04/08/2009 14:47:00
    AVSCAN.EXE : 9.0.3.7 466689 Bytes 21/07/2009 12:35:43
    AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
    LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 12:50:58
    ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 12:50:58
    ANTIVIR2.VDF : 7.1.6.50 4333568 Bytes 29/09/2009 07:16:20
    ANTIVIR3.VDF : 7.1.6.64 158208 Bytes 01/10/2009 14:03:10
    Version du moteur : 8.2.1.27
    AEVDF.DLL : 8.1.1.2 106867 Bytes 15/09/2009 14:58:02
    AESCRIPT.DLL : 8.1.2.33 479611 Bytes 21/09/2009 15:27:58
    AESCN.DLL : 8.1.2.5 127346 Bytes 03/09/2009 14:24:42
    AERDL.DLL : 8.1.2.4 430452 Bytes 14/07/2009 16:08:26
    AEPACK.DLL : 8.2.0.0 422261 Bytes 15/09/2009 14:58:00
    AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 13:32:46
    AEHEUR.DLL : 8.1.0.155 1921400 Bytes 18/08/2009 13:02:16
    AEHELP.DLL : 8.1.7.0 237940 Bytes 03/09/2009 14:24:42
    AEGEN.DLL : 8.1.1.66 364917 Bytes 25/09/2009 15:23:24
    AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 09:49:36
    AECORE.DLL : 8.1.8.1 184693 Bytes 15/09/2009 14:57:58
    AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 09:49:34
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
    AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
    AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
    NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
    RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26
    RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05

    Configuration pour la recherche actuelle :
    Nom de la tâche...............................: Contrôle intégral du système
    Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp
    Documentation.................................: bas
    Action principale.............................: interactif
    Action secondaire.............................: ignorer
    Recherche sur les secteurs d'amorçage maître..: marche
    Recherche sur les secteurs d'amorçage.........: marche
    Secteurs d'amorçage...........................: C:,
    Recherche dans les programmes actifs..........: marche
    Recherche en cours sur l'enregistrement.......: marche
    Recherche de Rootkits.........................: marche
    Contrôle d'intégrité de fichiers système......: arrêt
    Fichier mode de recherche.....................: Tous les fichiers
    Recherche sur les archives....................: marche
    Limiter la profondeur de récursivité..........: 20
    Archive Smart Extensions......................: marche
    Heuristique de macrovirus.....................: marche
    Heuristique fichier...........................: moyen

    Début de la recherche : vendredi 2 octobre 2009 18:59

    La recherche d'objets cachés commence.
    '52585' objets ont été contrôlés, '0' objets cachés ont été trouvés.

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'hpztsb04.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MsgPlus.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SMAgent.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '29' processus ont été contrôlés avec '29' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD1
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence :
    Le registre a été contrôlé ( '54' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\' <HP_PAVILION>
    C:\hiberfil.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.


    Fin de la recherche : vendredi 2 octobre 2009 19:49
    Temps nécessaire: 50:22 Minute(s)

    La recherche a été effectuée intégralement

    6460 Les répertoires ont été contrôlés
    219560 Des fichiers ont été contrôlés
    0 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    0 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    2 Impossible de contrôler des fichiers
    219558 Fichiers non infectés
    2089 Les archives ont été contrôlées
    2 Avertissements
    2 Consignes
    52585 Des objets ont été contrôlés lors du Rootkitscan
    0 Des objets cachés ont été trouvés

    a c 267 8 Sécurité
    2 Octobre 2009 20:02:41

  • Désinstalle J2SE Runtime Environment 5.0 Update 6.

  • Mets à jour Java.

    Plus de souci ?
    3 Octobre 2009 14:24:47

    C'est fait. A part le message des Hotbar au boot et l'espace disque bouffé par ShopperReports, je n'avais pas de souci (enfin, de son mais ça, c'est autre chose).

    Par contre, lorsque je fais Démarrer - Arrêter, ça met super longtemps pour m'afficher le "Mise en Veille - Arrêter - Redémarrer". C'est possible que ce soit encore une saloperie ou c'est juste que le PC est pourri ?
    a c 267 8 Sécurité
    3 Octobre 2009 16:25:25

    Tu as fait une défragmentation ?
    3 Octobre 2009 16:29:11

    Ouais. Un coup de CCleaner, Free Window Registry Repair et JkDefrag.
    a c 267 8 Sécurité
    3 Octobre 2009 16:45:39

    Citation :
    Par contre, lorsque je fais Démarrer - Arrêter, ça met super longtemps pour m'afficher le "Mise en Veille - Arrêter - Redémarrer". C'est possible que ce soit encore une saloperie ou c'est juste que le PC est pourri ?

    --> C'est depuis que tu as le PC ?
    3 Octobre 2009 16:48:00

    Je ne suis pas en contact avec le proprio du PC mais ça me le fait depuis que je l'ai récupéré.

    Je pense quand même que c'est normal vu le PC...
    a c 267 8 Sécurité
    3 Octobre 2009 16:53:46

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    3 Octobre 2009 17:30:45

    Destrio5 a dit :
    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


  • [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\cleannavi.txt: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\Program Files\Navilog1\catchme.exe: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Program Files\Navilog1\catchme.exe: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Program Files\Navilog1: supprimé !

    Corbeille vidée!
    Fichiers temporaires nettoyés !


    Destrio5 a dit :
    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


  • Alors là, j'ai une question. J'ai nettoyé (je l'avais déjà fait avec un Ccleaner portable depuis ma clé USB), tout est ok. Mais Si je vais dans Options - Cookies, j'ai une liste assez impressionnante de cookies. Ils viennent d'où ? (je suis allé dans le dossier Cookies de chaque utilisateur pour le vider manuellement, mais a priori, ceux là sont toujours présent).

    Edit2 : trouvé dans C:\Windows\Cookies\ :D 


    Edit : et bizarrement, je n'ai pas d'onglet Sécurité pour avnotify.exe sous XP Home.
    a c 267 8 Sécurité
    3 Octobre 2009 19:57:21

    Citation :
    et bizarrement, je n'ai pas d'onglet Sécurité pour avnotify.exe sous XP Home.

    --> Il faut être en mode sans échec.
    3 Octobre 2009 21:25:51

    Ah oops ! Je n'avais pas eu ce souci la dernière fois sur l'autre PC (sur XP Home aussi).

    Enfin, c'est bon. :p 

    Encore une fois, un grand grand merci Destrio !
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS