Se connecter / S'enregistrer
Votre question

Fenêtre intempestive et plantages du navigateur

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
29 Mars 2009 15:48:57

Bonjour à tous. Voici mon problème :

Voilà, j'ai une fenêtres intempestive qui s'affichent toutes les trois minutes environ et je n'arrive pas à savoir d'où vient le problème. J'ai fait des analyses grâce à mon Antivirus (Kaspersky Internet Security) mais en vain; la page s'affiche toujours toute seule. J'ai vu sur certains de vos tutoriels qu'il fallait vous faire parvenir un "Rapport Hijackthis". Bon pour ça j'attends bien sûr votre autorisation.

Sinon, je ne sais pas si ce problème relève du même domaine que le précédent mais lorsque je vais sur le moteur de recherche Google, que je tape par exemple "Forum tom's guide" et que je clique sur la première page proposée, l'on me redirige automatiquement vers une page de publicité (le plus souvent à caractère pornographique).
Et dernière précision; le navigateur FireFox plante sans arrêt.
Merci d'avance.

Cordialement Vince

Autres pages sur : fenetre intempestive plantages navigateur

a c 269 8 Sécurité
29 Mars 2009 16:14:38

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    29 Mars 2009 17:58:05

    Salut Destrio5. Lorsque je clique su "Continuer", un chargement à lieu et un message d'erreur s'affiche aussi tôt. Si cela vient de mon "pare-feu" je ne sais pas comment le configurer:



    Malgré les apparences je suis sous Windows XP.
    Contenus similaires
    a c 269 8 Sécurité
    29 Mars 2009 18:17:57

  • Télécharge OTViewIt sur ton Bureau.
  • Ferme toutes les fenêtres et applications.
  • Double-clique sur l'icône d'OTviewIT pour le lancer.
  • Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
  • Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton Bureau. Merci de me poster les deux rapports dans ta prochaine réponse.
    29 Mars 2009 19:56:39

    Voici le rapport OTView :

    OTViewIt logfile created on: 29/03/2009 19:53:17 - Run
    OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.5512)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,50 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 64,09% Memory free
    3,35 Gb Paging File | 2,88 Gb Available in Paging File | 86,02% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 115,03 Gb Total Space | 30,38 Gb Free Space | 26,41% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Unable to calculate disk information.
    Drive F: | 74,52 Gb Total Space | 26,39 Gb Free Space | 35,41% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    Drive I: | 1,92 Gb Total Space | 1,64 Gb Free Space | 85,29% Space Free | Partition Type: FAT

    Computer Name: BENJAMIN-O2LZEG
    Current User Name: Vince
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Whitelist: On
    File Age = 30 Days

    ========== Processes ==========

    [2008/04/17 15:14:00 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    [2008/11/24 21:25:52 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
    [2008/11/24 21:25:54 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    [2003/03/17 16:17:00 | 00,049,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\Bjmcmng.exe
    [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
    [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    [2007/12/11 21:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    [2008/12/14 14:29:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
    [2006/10/22 13:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
    [2008/05/02 00:41:38 | 00,136,488 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
    [2008/04/13 19:34:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
    [2004/01/26 11:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
    [2003/06/25 16:01:48 | 00,045,056 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\BJPV\TVMon.exe
    [2003/04/30 16:48:40 | 00,716,800 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\BJLaunch.exe
    [2002/06/03 11:38:12 | 00,049,152 | ---- | M] (ScanSoft, Inc) -- C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    [2003/06/25 11:24:48 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
    [2003/10/23 19:51:18 | 00,233,472 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    [2003/11/08 02:56:55 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    [2008/12/14 14:29:53 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
    [2008/11/01 16:55:30 | 00,472,912 | ---- | M] () -- C:\Program Files\EoRezo\EoEngine.exe
    [2008/04/23 03:08:13 | 00,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
    [2007/07/04 21:59:02 | 00,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
    [2008/04/13 19:34:22 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2009/02/06 19:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
    [2008/04/17 15:14:00 | 00,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    [2007/03/19 00:05:02 | 00,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    [2009/03/19 22:09:34 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
    [2009/03/25 18:39:56 | 00,299,008 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.exe
    [2007/12/11 21:17:42 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    [2007/12/11 21:46:12 | 00,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    [2007/12/11 21:22:32 | 00,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\corecom\CoreCom.exe
    [2007/12/11 21:22:38 | 00,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\corecom\OraConfigRecover.exe
    [2007/12/11 21:19:58 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    [2008/04/13 19:34:30 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
    [2009/03/29 19:51:52 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement\OTViewIt.exe

    ========== (O23) Win32 Services ==========

    [2008/04/17 15:14:00 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
    [2008/11/24 21:25:52 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService [Auto | Running])
    [2008/11/24 21:25:54 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade [Auto | Running])
    [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
    [2009/02/04 18:57:48 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running])
    [2003/03/17 16:17:00 | 00,049,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\Bjmcmng.exe -- (Bjmcmng [Auto | Running])
    [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
    [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
    [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
    [2007/12/11 21:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
    [2008/12/01 12:01:02 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
    [2008/12/14 14:29:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
    [2006/10/22 13:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
    [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
    [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

    ========== Driver Services ==========

    [2002/04/01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
    [2003/12/08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
    [2003/12/08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
    [2001/08/17 22:28:04 | 00,067,167 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2 [On_Demand | Stopped])
    File not found -- -- (EagleNT [On_Demand | Running])
    [2001/08/17 22:28:06 | 00,289,887 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback [Auto | Running])
    [2003/06/17 12:43:00 | 00,006,528 | ---- | M] (Canon.inc) -- C:\WINDOWS\system32\drivers\bjhid2.sys -- (FilterService2 [On_Demand | Stopped])
    [2001/08/17 22:28:06 | 00,115,807 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks [Auto | Running])
    [2008/12/08 18:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
    [2004/08/03 22:41:48 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys -- (HSFHWBS2 [On_Demand | Running])
    [2004/08/03 22:41:56 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys -- (HSF_DP [On_Demand | Running])
    [2001/08/17 22:28:10 | 00,542,879 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft [On_Demand | Stopped])
    [2008/05/24 22:09:10 | 00,073,728 | ---- | M] (EZB Systems, Inc.) -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive [System | Running])
    [2001/08/17 22:28:08 | 00,391,199 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56 [Auto | Running])
    [2008/04/13 20:05:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
    [2008/07/21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
    [2009/02/04 18:57:48 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [Boot | Running])
    [2008/03/13 19:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV [On_Demand | Running])
    [2009/02/04 18:57:48 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
    [2008/04/30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5 [On_Demand | Running])
    [2004/08/03 22:41:56 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
    [2006/10/22 13:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
    [2001/08/22 08:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [System | Running])
    [2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5 [On_Demand | Stopped])
    [2006/03/01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5 [On_Demand | Running])
    [2001/08/28 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
    [2001/08/17 22:28:10 | 00,057,471 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample [On_Demand | Stopped])
    [2008/04/13 10:35:40 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
    [2008/04/13 09:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
    [2006/03/26 14:22:14 | 00,051,200 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
    [2006/03/13 11:38:23 | 00,006,656 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
    [2006/03/24 18:27:01 | 00,050,176 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04 [Boot | Running])
    [2005/11/03 16:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running])
    [2002/05/28 15:18:46 | 00,500,568 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
    [2001/08/17 22:28:06 | 00,199,711 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax [Auto | Running])
    [2001/08/17 22:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
    [2008/11/29 22:16:43 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
    [2001/08/17 22:28:12 | 00,050,751 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones [Auto | Running])
    [2001/08/17 22:28:12 | 00,488,383 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124 [Auto | Running])
    [2008/03/17 22:14:52 | 00,015,144 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor [On_Demand | Stopped])
    [2007/02/16 21:12:36 | 00,011,312 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
    [2008/01/15 22:11:46 | 00,013,480 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
    [2007/02/16 02:11:28 | 00,011,440 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid [On_Demand | Running])
    [2004/08/03 22:41:50 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys -- (winachsf [On_Demand | Running])

    ========== (R ) Internet Explorer ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://www.yahoo.com
    "Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Local Page"=%SystemRoot%\system32\blank.htm
    "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    "Start Page"=http://www.yahoo.com

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Page_Transitions"=
    "Search Page"=http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
    ""=http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    "provider"=msn

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" (HKLM) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    ========== (O1) Hosts File ==========

    HOSTS File = (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost

    ========== (O2) BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    {201f27d4-3704-41d6-89c1-aa35e39143ed} (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
    {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (HKLM) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
    {5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
    {64F56FC1-1272-44CD-BA6E-39723696E350} (HKLM) -- C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (EoRezo)
    {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (HKLM) -- C:\Program Files\Zango\bin\10.3.75.0\HostIE.dll File not found
    {A057A204-BACC-4D26-8287-79A187E26987} (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )
    {AE7CD045-E861-484f-8273-0445EE161910} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    {CC59E0F9-7E43-44FA-9FAA-8377850BF205} (HKLM) -- C:\Program Files\Free Download Manager\iefdm2.dll ()
    {DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

    ========== (O3) Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{3041d03e-fd4b-44e0-b742-2d9b88305f98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" (HKLM) -- C:\Program Files\Zango\bin\10.3.75.0\HostIE.dll File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{A057A204-BACC-4D26-8287-79A187E26987}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    "{3041D03E-FD4B-44E0-B742-2D9B88305F98}" (HKLM) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    "{A057A204-BACC-4D26-8287-79A187E26987}" (HKLM) -- C:\Program Files\vmntoolbar\vmntoolbar.dll (Visicom Media Inc. )

    ========== (O4) Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ""= File not found
    "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
    "ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)
    "BJLaunchEXE"=C:\Program Files\Canon\BJCard\BJLaunch.exe (CANON INC.)
    "BJPD HID Control"=C:\Program Files\Canon\BJPV\TVMon.exe (Canon Inc.)
    "DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
    "EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" ()
    "fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" (Hewlett-Packard)
    "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
    "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
    "nwiz"=nwiz.exe /install ()
    "Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium)
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
    "ZangoOE"=C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe File not found
    "ZangoSA"="C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe" (Zango, Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
    "eyoai"="c:\documents and settings\vince\local settings\application data\eyoai.exe" eyoai ()
    "RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" ()

    ========== (O4) Startup Folders ==========

    File not found -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk =
    [2001/02/13 09:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    [2007/03/19 00:05:02 | 00,630,784 | ---- | M] () -- C:\Documents and Settings\Vince\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    File not found -- C:\Documents and Settings\Vince\Menu Démarrer\Programmes\Démarrage\WinFlip.lnk = C:\Program Files\WinFlip\WinFlip.exe

    ========== (O6 & O7) Current Version Policies ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    ========== (O8) IE Context Menu Extensions ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
    Ajouter à Kaspersky Anti-Bannière: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/11/11 20:47:00 | 00,001,411 | ---- | M] ()
    Convertir en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la cible du lien en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la cible du lien en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la sélection en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la sélection en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir les liens sélectionnés en fichier Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir les liens sélectionnés en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 17:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)
    Télécharger avec Free Download Manager: File not found
    Télécharger avec IDM: C:\Program Files\Internet Download Manager\IEExt.htm File not found
    Télécharger la sélection avec Free Download Manager: File not found
    Télécharger la vidéo avec Free Download Manager: File not found
    Télécharger le contenu de video FLV avec IDM: C:\Program Files\Internet Download Manager\IEGetVL.htm File not found
    Télécharger tous les liens avec IDM: C:\Program Files\Internet Download Manager\IEGetAll.htm File not found
    Tout télécharger avec Free Download Manager: File not found

    ========== (O9) IE Extensions ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
    {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}: Button: Statistiques de la protection du trafic Internet -- %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    {e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
    {F3FC5E6E-D4D2-4AA2-9696-15E072B551C6}: Button: Extract Flash Video with Bytescout... -- %ProgramFiles%\Bytescout Movies Extractor Scout\flashextract_ie.html File not found
    {FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messager Wanadoo -- %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)
    {FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Messager Wanadoo -- %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
    CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [Statistiques de la protection du trafic Internet] -> [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)
    CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    CmdMapping\\{97C8F444-6EA3-4985-BC29-B86A1D7FD5D8} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
    CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
    CmdMapping\\{F3FC5E6E-D4D2-4AA2-9696-15E072B551C6} [HKLM] -> [Extract Flash Video with Bytescout...] -> File not found
    CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [Messager Wanadoo] -> [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)

    ========== (O12) Internet Explorer Plugins ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
    PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&m...
    PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

    ========== (O13) Default Prefixes ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
    ""=http://

    ========== (O15) Trusted Sites ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    1 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    wikipedia.fr\www: https in Poste de travail
    1 domain(s) and sub-domain(s) not assigned to a zone.

    ========== (O16) DPF ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
    {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\Yinsthelper.dll -- Installation Support
    {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... -- Java Plug-in 1.6.0_07
    {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload.macromedia.com/pub/shockwave/cabs/fla... -- Shockwave Flash Object
    Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

    ========== (O17) DNS Name Servers ==========

    {8657F4CD-A6C5-46D5-9FC8-9FD09EE4CDA1} (Servers: | Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family)

    ========== (O20) AppInit_DLLs ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_Dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll
    >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll
    >[2008/11/11 20:59:38 | 00,083,208 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll
    >[2008/11/11 21:00:02 | 00,011,016 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll

    ========== (O20) Winlogon Notify Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
    klogon: "DllName" = C:\WINDOWS\system32\klogon.dll -- C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

    ========== Safeboot Options ==========

    "AlternateShell"=cmd.exe

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    AUTOEXEC.BAT []
    [2008/10/15 18:51:15 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

    ========== MountPoints2 ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell]
    ""=AutoRun


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\1\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\2\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\AutoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/06/17 21:02:15 | 08,517,632 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell]
    ""=AutoRun


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\1\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\2\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\AutoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/06/17 21:02:15 | 08,517,632 | ---- | M] (Microsoft Corporation)

    ========== Files/Folders - Created Within 30 Days ==========

    [6 C:\WINDOWS\*.tmp files]
    [2009/03/29 17:47:33 | 00,000,000 | ---D | C] -- C:\rsit
    [2009/03/29 17:45:18 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\RSIT.exe
    [2009/03/29 15:26:32 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\HijackThis.lnk
    [2009/03/29 15:26:32 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2009/03/29 12:13:26 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d1fef20.dll
    [2009/03/29 12:13:26 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\13ef50e9.dll
    [2009/03/29 12:10:25 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bcdfe1b.dll
    [2009/03/29 12:10:25 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\2e3b647.dll
    [2009/03/29 11:57:45 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\1c4e2e48.dll
    [2009/03/29 11:57:45 | 00,082,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\1645a888.dll
    [2009/03/28 21:56:36 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
    [2009/03/25 22:23:22 | 00,037,320 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\Mme MONNERET.pdf
    [2009/03/25 21:54:51 | 00,000,000 | ---D | C] -- C:\alaplaya
    [2009/03/25 20:13:22 | 02,004,480 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\Culture artistique.doc
    [2009/03/25 18:40:33 | 00,352,754 | ---- | C] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_nav.dat
    [2009/03/25 18:39:59 | 00,000,332 | ---- | C] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_navps.dat
    [2009/03/25 18:39:58 | 00,002,958 | ---- | C] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.dat
    [2009/03/25 18:39:56 | 00,299,008 | ---- | C] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.exe
    [2009/03/25 15:51:41 | 00,000,000 | ---D | C] -- C:\Program Files\alaplaya
    [2009/03/22 23:13:19 | 00,000,000 | ---D | C] -- C:\Program Files\iriverter
    [2009/03/22 18:53:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\FFOutput
    [2009/03/22 18:22:44 | 00,000,000 | ---D | C] -- C:\ConverterOutput
    [2009/03/22 18:21:32 | 00,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
    [2009/03/22 18:21:25 | 00,000,000 | ---D | C] -- C:\Program Files\Cucusoft
    [2009/03/21 00:25:02 | 00,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
    [2009/03/19 22:27:22 | 00,000,000 | ---D | C] -- C:\Program Files\Outspark
    [2009/03/19 22:03:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Local Settings\Application Data\DNA
    [2009/03/19 22:03:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\DNA
    [2009/03/17 23:12:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ROSE Online Evolution
    [2009/03/17 23:12:28 | 00,000,000 | ---D | C] -- C:\Program Files\Triggersoft
    [2009/03/17 22:05:36 | 00,000,000 | ---D | C] -- C:\Program Files\GameTribe
    [2009/03/15 22:34:09 | 00,623,024 | ---- | C] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr
    [2009/03/15 22:34:09 | 00,616,208 | ---- | C] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr.bak
    [2009/03/15 20:54:11 | 00,000,000 | ---D | C] -- C:\Program Files\Goa
    [2009/03/15 20:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Blizzard Entertainment
    [2009/03/15 20:16:57 | 00,000,000 | ---D | C] -- C:\Program Files\Games-Masters.com
    [2009/03/14 18:04:23 | 00,107,303 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\jeu.jpg
    [2009/03/12 23:53:55 | 00,014,555 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\espardalegion.gif
    [2009/03/12 23:40:56 | 00,030,341 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\36_19_7[1].gif
    [2009/03/12 23:36:56 | 00,013,256 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\smiley_cry_1.gif
    [2009/03/12 23:29:13 | 00,001,134 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn5.bmp
    [2009/03/12 23:28:36 | 00,004,086 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn4.bmp
    [2009/03/12 23:26:42 | 00,025,446 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn3.bmp
    [2009/03/12 23:25:47 | 00,002,238 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn2.bmp
    [2009/03/12 23:24:49 | 00,003,654 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn1.bmp
    [2009/03/12 23:19:32 | 00,026,374 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn.bmp
    [2009/03/12 00:32:43 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\géo dm 2.doc
    [2009/03/08 07:09:18 | 00,010,847 | -H-- | C] () -- C:\Tree4.GID
    [2009/03/06 14:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\NCH Software
    [2009/03/06 14:39:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
    [2009/03/06 14:39:04 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2009/03/06 01:51:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\clips
    [2009/03/06 01:47:44 | 00,000,000 | ---D | C] -- C:\Program Files\HyCam2
    [2009/03/06 01:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\ALLCapture
    [2009/03/06 01:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\1AVStor
    [2009/03/06 01:36:26 | 00,438,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
    [2009/03/06 01:36:26 | 00,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
    [2009/03/06 01:36:26 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX
    [2009/03/06 01:36:26 | 00,008,608 | ---- | C] () -- C:\WINDOWS\System32\mpeg4ax.cat
    [2009/03/06 01:36:26 | 00,008,587 | ---- | C] () -- C:\WINDOWS\System32\msaudio.cat
    [2009/03/06 01:36:20 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\géo dm.doc
    [2009/03/06 01:36:06 | 00,000,000 | ---D | C] -- C:\Program Files\1AVCenter

    ========== Files - Modified Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [6 C:\WINDOWS\*.tmp files]
    [2009/03/29 19:53:32 | 00,000,332 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_navps.dat
    [2009/03/29 19:52:51 | 00,002,958 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.dat
    [2009/03/29 19:52:23 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/03/29 19:02:16 | 00,000,815 | ---- | M] () -- C:\WINDOWS\win.ini
    [2009/03/29 17:45:18 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\RSIT.exe
    [2009/03/29 15:26:32 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\HijackThis.lnk
    [2009/03/29 15:19:07 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2009/03/29 13:18:48 | 04,673,568 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
    [2009/03/29 13:18:46 | 00,038,640 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
    [2009/03/29 12:13:24 | 00,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
    [2009/03/29 10:12:38 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2009/03/29 10:12:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2009/03/28 21:57:21 | 01,146,912 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
    [2009/03/28 21:57:10 | 00,006,048 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
    [2009/03/28 21:56:36 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
    [2009/03/28 10:45:03 | 00,352,754 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_nav.dat
    [2009/03/25 22:23:24 | 00,037,320 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\Mme MONNERET.pdf
    [2009/03/25 21:28:36 | 02,004,480 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\Culture artistique.doc
    [2009/03/25 18:39:56 | 00,299,008 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.exe
    [2009/03/24 22:49:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2009/03/24 20:55:20 | 00,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
    [2009/03/23 20:02:15 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
    [2009/03/21 00:25:02 | 00,041,808 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
    [2009/03/19 20:56:27 | 00,097,792 | -HS- | M] () -- C:\Documents and Settings\Vince\Mes documents\Thumbs.db
    @Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Vince\Mes documents\Thumbs.db:encryptable
    [2009/03/17 03:17:37 | 02,109,332 | -H-- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\IconCache.db
    [2009/03/16 00:23:02 | 00,623,024 | ---- | M] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr
    [2009/03/16 00:12:30 | 00,616,208 | ---- | M] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr.bak
    [2009/03/15 20:11:39 | 00,067,824 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2009/03/15 20:08:18 | 00,250,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2009/03/14 18:04:25 | 00,107,303 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\jeu.jpg
    [2009/03/13 01:00:49 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\géo dm 2.doc
    [2009/03/13 00:53:21 | 00,067,440 | ---- | M] () -- C:\Documents and Settings\Vince\Application Data\GDIPFONTCACHEV1.DAT
    [2009/03/13 00:04:01 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\géo dm.doc
    [2009/03/12 23:53:56 | 00,014,555 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\espardalegion.gif
    [2009/03/12 23:40:57 | 00,030,341 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\36_19_7[1].gif
    [2009/03/12 23:36:57 | 00,013,256 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\smiley_cry_1.gif
    [2009/03/12 23:29:13 | 00,001,134 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn5.bmp
    [2009/03/12 23:28:36 | 00,004,086 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn4.bmp
    [2009/03/12 23:26:42 | 00,025,446 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn3.bmp
    [2009/03/12 23:25:47 | 00,002,238 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn2.bmp
    [2009/03/12 23:24:49 | 00,003,654 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn1.bmp
    [2009/03/12 23:20:50 | 00,026,374 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn.bmp
    [2009/03/11 20:01:59 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2009/03/09 20:46:49 | 00,006,386 | ---- | M] () -- C:\WINDOWS\PARCOURS.INI
    [2009/03/08 07:09:31 | 00,010,847 | -H-- | M] () -- C:\Tree4.GID
    [2009/02/28 14:24:16 | 00,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
    < End of report >

    ______________________________________________________________________

    Et le rapport Extras :

    OTViewIt Extras logfile created on: 29/03/2009 19:53:17 - Run
    OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.5512)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,50 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 64,09% Memory free
    3,35 Gb Paging File | 2,88 Gb Available in Paging File | 86,02% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 115,03 Gb Total Space | 30,38 Gb Free Space | 26,41% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    Unable to calculate disk information.
    Drive F: | 74,52 Gb Total Space | 26,39 Gb Free Space | 35,41% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    Drive I: | 1,92 Gb Total Space | 1,64 Gb Free Space | 85,29% Space Free | Partition Type: FAT

    Computer Name: BENJAMIN-O2LZEG
    Current User Name: Vince
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Whitelist: On
    File Age = 30 Days

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify"=0
    "FirewallDisableNotify"=0
    "UpdatesDisableNotify"=0
    "AntiVirusOverride"=0
    "FirewallOverride"=0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=1
    ""=
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
    "EnableFirewall"=1
    "DoNotAllowExceptions"=0
    "DisableNotifications"=0
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    [2008/04/13 19:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    [2009/02/06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    [2008/04/13 19:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [2008/12/16 22:16:10 | 00,637,232 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
    [2009/03/19 22:09:34 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe:*:Enabled:D NA
    File not found -- C:\Program Files\Microsoft Games\Halo Trial\halo.exe:*:D isabled:Halo
    [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008/02/08 23:32:57 | 00,147,456 | ---- | M] (Lime Wire, LLC) -- F:\LimeWire\LimeWire.exe:*:Enabled:LimeWire
    [2003/09/05 02:16:56 | 02,793,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Halo\halo.exe:*:Enabled:Halo
    [2006/08/21 23:17:28 | 04,206,658 | ---- | M] (IGN Entertainment, Inc.) -- C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade
    File not found -- F:\Program Files\Jeux\Halo\halo.exe:*:Enabled:Halo
    [2009/03/10 22:10:51 | 00,139,776 | ---- | M] (Lime Wire, LLC) -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
    [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info) -- F:\Program Files\Emule Plus\eMule\eMule.exe:*:Enabled:eMule Plus
    [2004/05/06 03:18:00 | 02,404,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\haloce.exe:*:Enabled:Halo
    [2004/05/06 03:18:00 | 02,404,352 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Jeux\Halo ce\haloce.exe:*:Enabled:Halo
    File not found -- C:\Documents and Settings\Session\Bureau\Call of Duty\Call of Duty\The Call of Duty\CoDMP.exe:*:Enabled:CoDMP
    [2008/08/06 18:02:07 | 02,404,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Halo Custom Edition\haloce.exe:*:Enabled:Halo
    [2008/04/13 19:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\messenger\msmsgs.exe:*:Enabled:Windows Messenger
    File not found -- F:\Program Files\VLC\VLC\vlc.exe:*:Enabled:VLC media player
    [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
    [2009/03/29 15:10:43 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
    [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    [2009/02/06 19:23:32 | 01,170,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
    [2009/01/07 17:44:39 | 00,809,472 | ---- | M] () -- F:\Program Files\Jeux\Metin2\metin2.bin:*:Enabled:metin2
    [2007/12/11 21:23:38 | 00,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS
    File not found -- C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement\CabalTemp\ESTSetupLoader.exe:*:Enabled:EST! download engine
    [2009/03/15 17:07:15 | 00,036,864 | ---- | M] () -- F:\Program Files\Jeux\CABAL Online\CABAL ONLINE\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine
    File not found -- C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire
    [2009/03/15 20:33:34 | 00,036,864 | ---- | M] () -- C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine
    File not found -- C:\Program Files\Outspark\Project Powder\Run.exe:*:Enabled:p rojectPowder
    [2009/03/25 19:00:31 | 07,442,464 | ---- | M] () -- C:\Program Files\alaplaya\S4League\S4Client.exe:*:Enabled:p roject S4 Client.exe

    ========== (O10) Winsock2 Catalogs ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
    NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

    ========== (O18) Protocol Handlers ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
    [2003/10/23 19:51:20 | 00,081,920 | ---- | M] (Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (cetihpz:{CF184AD3-CDCB-4168-A3F7-8E447D129300} (HKLM) [CZipHandler Object])
    ipp: [HKLM - No CLSID value]
    [2004/01/29 16:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
    [2009/02/06 19:52:44 | 00,062,304 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
    msdaipp: [HKLM - No CLSID value]
    [2004/01/29 16:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
    [2004/01/29 16:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
    [2009/02/06 19:52:44 | 00,062,304 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
    [2008/01/24 16:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])
    [2009/02/06 19:53:40 | 00,791,392 | ---- | M] (Microsoft Corporation) C:\Program Files\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03F1CC67-5BD8-4C36-8394-76311B2AE69A}"=ArcSoft PhotoStudio 5
    "{059C042E-796A-4ACC-A81A-ECC2010BB78C}"=Windows Live Messenger
    "{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour
    "{15C165F1-1DAE-4476-AFB6-8723729B41E7}"=hp deskjet 5100
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}"=Outil de téléchargement Windows Live
    "{2231CE39-B963-4B9D-823A-F412ECA637B1}"=Windows Live Writer
    "{225A137C-F371-4246-B6FF-20320297DB75}"=Canon Photo Viewer
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}"=MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 11
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
    "{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
    "{3A2AF807-9F9F-43C9-A24A-17B617238B74}"=OpenOffice.org Installer 1.0
    "{3B4E636E-9D65-4D67-BA61-189800823F52}"=Windows Live Communications Platform
    "{3F2D541E-BF27-4591-B9F2-40AF4D31C0E7}_is1"=PangYa_Eu_Patch_v401-404_Final
    "{44E54A81-9D91-4AA1-9417-80AFF134F5FF}"=Galerie de photos Windows Live
    "{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}"=Junk Mail filter update
    "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}"=Microsoft Office Live Add-in 1.3
    "{6102D63A-9387-4FC8-98E4-181121F8C0BA}"=MPlugin
    "{6249C22D-E6A8-407B-BA8B-40298848ED94}"=OmniPage SE
    "{63DC2DA0-2A6C-4C38-9249-B75395458657}"=Windows Live Mail
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin
    "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}"=MSXML 4.0 SP2 Parser and SDK
    "{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
    "{7370DF47-B4F9-4279-BFC3-3F09919F720D}"=Installation Windows Live
    "{7915FC23-4DB3-4C23-BE74-443ACD13E4A2}_is1"=Archlord Episode 3
    "{7CDC26F7-D6BF-442A-B599-0075A48310F7}"=SA32xx Device Manager
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}"=Windows Live Call
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}"=Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009
    "{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}"=ArcSoft MediaConverter 2.5
    "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}"=Choice Guard
    "{9028040C-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional avec FrontPage
    "{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
    "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1"=IZArc 3.81
    "{9C4AD331-EECA-11D3-A7DA-00C04F5A3CE1}"=Tree Doctor
    "{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}"=Windows Live Sync
    "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}"=Microsoft Search Enhancement Pack
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}"=Segoe UI
    "{AC76BA86-1033-F400-BA7E-100000000002}"=Adobe Acrobat 7.0 Standard - English, Français, Deutsch
    "{AC76BA86-7AD7-1036-7B44-A81300000003}"=Adobe Reader 8.1.3 - Français
    "{B5560986-7A6A-4CCA-A808-853D2CED3796}"=Outspark Sharp Launcher
    "{BCE46757-7674-4416-BEDB-68205A60409E}"=CanoScan Toolbox 4.1
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}"=Microsoft Sync Framework Services Native v1.0 (x86)
    "{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}"=ArcSoft PhotoBase 3
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
    "{CBD8FD34-8559-4028-922B-50797D151E04}"=Utilitaire de carte mémoire
    "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}"=SpeedTouch USB Software
    "{D6A2DDE3-9D7C-412C-932A-756580D29919}"=Windows Live Contrôle parental
    "{D78653C3-A8FF-415F-92E6-D774E634FF2D}"=Dell ResourceCD
    "{D9261CAB-3E1D-423C-9DD6-2001056DA292}"=Manual CanoScan 5000,5000F,8000F
    "{D96021A9-B290-4783-B019-0E4000DA84CE}"=S4 League_EU
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}"=Assistant de connexion Windows Live
    "{EC65C327-5A0A-4B09-B8EB-8EDDB57EA60F}_is1"=Perfect World PW-MY-EN-13
    "{F0A37341-D692-11D4-A984-009027EC0A9C}"=SoundMAX
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}"=Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}"=Windows Live Toolbar
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}"=Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "{ORAHSS}.UninstallSuite"=Orange - Logiciels Internet
    "Acoustica Effects Pack"=Acoustica Effects Pack
    "Adobe Acrobat 7.0 Standard - EFG - V"=Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch
    "Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
    "Ask Toolbar_is1"=Vuze Toolbar
    "CA_VMN_antispyware"=CA VMN Anti-Spyware (remove only)
    "CANONBJ_Deinstall_CNMCP5o.DLL"=Canon i905D
    "dBpoweramp Music Converter"=dBpoweramp Music Converter
    "eoEngine_is1"=eoEngine 8.0
    "eyoai"=Favorit
    "FLVplayer"=FLV Player
    "Forestia"=Forestia
    "Fraps"=Fraps
    "GameSpy Arcade"=GameSpy Arcade
    "GMG 4"=Gif Movie Gear 4
    "Halo"=Microsoft Halo
    "Halo CE"=Microsoft Halo Custom Edition
    "HijackThis"=HijackThis 2.0.2
    "HyperCam 2"=HyperCam 2
    "InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}"=Kaspersky Internet Security 2009
    "KLiteCodecPack_is1"=K-Lite Codec Pack 4.1.7 (Full)
    "LimeWire"=LimeWire 5.1.2
    "Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
    "Mozilla Firefox (3.0.8)"=Mozilla Firefox (3.0.8)
    "MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
    "NVIDIA Drivers"=NVIDIA Drivers
    "Pack Vista Inspirat 2"=Pack Vista Inspirat 2 1.0
    "PangYa_Eu"=PangYa_Eu (Goa)
    "Pen Tablet Driver"=Pen Tablet
    "PhotoFiltre"=PhotoFiltre
    "Prism"=Prism Video Converter
    "ROSE Online Evolution182"=ROSE Online Evolution
    "ShockwaveFlash"=Adobe Flash Player 9 ActiveX
    "ShoppingReport"=ShopperReports
    "UltraISO_is1"=UltraISO Premium V9.31
    "VidGIF_is1"=VidGIF
    "Vista Drive Icon"=Vista Drive Icon 1.3
    "VLC media player"=VideoLAN VLC media player 0.8.6i
    "vmntoolbar"=VMN Toolbar
    "Wanadoo Messager"=Wanadoo Messager
    "WIC"=Windows Imaging Component
    "Windows Media Format Runtime"=Windows Media Format 11 runtime
    "Windows Media Player"=Lecteur Windows Media 11
    "Windows XP Service"=Windows XP Service Pack 3
    "WinGimp-2.0_is1"=GIMP 2.4.0
    "WinLiveSuite_Wave3"=Installation Windows Live
    "WMFDist11"=Windows Media Format 11 runtime
    "wmp11"=Windows Media Player 11
    "Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
    "Yahoo! Widget Engine"=Yahoo! Widgets
    "YInstHelper"=Yahoo! Install Manager
    "ZangoSA"=Zango

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "BitTorrent DNA"=DNA
    "TransBar"=TransBar
    "Vuze Launcher"=Vuze Launcher

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 28/03/2009 12:20:50 | Computer Name = BENJAMIN-O2LZEG | Source = Microsoft Office 10 | ID = 1000
    Description = Faulting application excel.exe, version 10.0.6850.0, faulting module
    mso.dll, version 10.0.6845.0, fault address 0x00027e20.

    Error - 28/03/2009 12:43:57 | Computer Name = BENJAMIN-O2LZEG | Source = Microsoft Office 10 | ID = 2001
    Description = Rejected Safe Mode action : Microsoft Excel.

    Error - 28/03/2009 19:23:06 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 28/03/2009 19:34:51 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 28/03/2009 19:39:40 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 28/03/2009 19:49:22 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 28/03/2009 19:51:25 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 28/03/2009 20:08:27 | Computer Name = BENJAMIN-O2LZEG | Source = Application Error | ID = 1000
    Description = Application défaillante ft_client.exe, version 1.546.0.0, module défaillant
    , version 0.0.0.0, adresse de défaillance 0x00000000.

    Error - 29/03/2009 05:47:17 | Computer Name = BENJAMIN-O2LZEG | So
    a c 269 8 Sécurité
    30 Mars 2009 00:09:20

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le Bureau.
    (Sous Vista, clique droit sur le raccourci de Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente jusqu'au message : *** Analyse terminée le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

    N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
    30 Mars 2009 19:24:10

    Lorsque je double-clique sur le raccourcis, toutes les icônes de mon bureau disparaissent avec la barre du menu démarrer durant 2 secondes. Et rien ne se passe.
    a c 269 8 Sécurité
    30 Mars 2009 19:27:25

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    30 Mars 2009 19:43:15

    Le logiciel Malwarebyte's s'ouvre sans problème. En revanche la recherche de mises à jour pose problème. Le message d'erreur suivant s'affiche :



    a c 269 8 Sécurité
    30 Mars 2009 19:56:52

    Alors lance l'examen sans faire la mise à jour.
    31 Mars 2009 22:21:54

    Voici le rapport que vous m'avez demandé :

    Malwarebytes' Anti-Malware 1.35
    Version de la base de données: 1904
    Windows 5.1.2600 Service Pack 3

    31/03/2009 22:19:31
    mbam-log-2009-03-31 (22-19-27).txt

    Type de recherche: Examen rapide
    Eléments examinés: 96679
    Temps écoulé: 15 minute(s), 21 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 34
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 8
    Fichier(s) infecté(s): 18

    Processus mémoire infecté(s):
    C:\documents and settings\Vince\local settings\application data\eyoai.exe (Adware.Navipromo.H) -> No action taken.

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{89085678-632d-4deb-bda0-cd912c63203e} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788e535-897b-463d-b6d6-fee5b86ec144} (Adware.180Solutions) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d3f940ea-4e87-423b-9091-934e1e4fceae} (Adware.180Solutions) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZangoSA (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> No action taken.
    HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\zango (Adware.180Solutions) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.BHO) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.BHO) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eyoai (Adware.Navipromo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zangosa (Adware.180Solutions) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Zango (Adware.180Solutions) -> No action taken.
    C:\Program Files\Zango\bin (Adware.180Solutions) -> No action taken.
    C:\Program Files\Zango\bin\10.3.75.0 (Adware.180Solutions) -> No action taken.
    C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> No action taken.
    C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> No action taken.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Session\Local Settings\Application Data\iayky_navps.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Session\Local Settings\Application Data\iayky_nav.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Session\Local Settings\Application Data\iayky.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Session\Local Settings\Application Data\iayky.exe (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_navps.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai_nav.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.dat (Adware.Navipromo.H) -> No action taken.
    C:\Documents and Settings\Vince\Local Settings\Application Data\eyoai.exe (Adware.Navipromo.H) -> No action taken.
    C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe (Adware.180Solutions) -> No action taken.
    C:\Program Files\Zango\bin\10.3.75.0\ZangoSAAX.dll (Adware.180Solutions) -> No action taken.
    C:\Program Files\Zango\bin\10.3.75.0\ZangoSAHook.dll (Adware.180Solutions) -> No action taken.
    C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> No action taken.
    C:\Program Files\EoRezo (Rogue.Eorezo) -> No action taken.
    a c 269 8 Sécurité
    31 Mars 2009 22:27:37

    Tu as cliqué sur "Supprimer la sélection" ?
    31 Mars 2009 23:01:40

    Non. Je recommence et je reposte un vrai rapport. Désolé ^^"
    31 Mars 2009 23:22:34

    Finalement oui je l'avais fait. Il me semblait que non mais maintenant que je refais l'analyse, seulement 1 élément infecté n'est trouvé, alors que dans le rapport précédent il y en avait une soixantaine...
    a c 269 8 Sécurité
    31 Mars 2009 23:32:28

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Au menu principal, choisis l'option A.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-Scan-(date).log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    1 Avril 2009 00:20:21

    Même symptôme qu'avec Navilog.
    Autrement dit, lorsque je double-clique sur le raccourcis, toutes les icônes de mon bureau ainsi que la barre du menu démarrer disparaissent, et ce durant 2 secondes environ. Et rien ne se passe...
    a c 269 8 Sécurité
    1 Avril 2009 00:32:22

  • Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci de Toolbar S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)
    1 Avril 2009 00:39:56

    Voici le rapport généré :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.00GHz )
    BIOS : BIOS Date: 07/18/02 13:31:28 Ver: 08.00.00
    USER : Vince ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Internet Security 8.0.0.506 (Activated)
    Firewall : Kaspersky Internet Security 8.0.0.506 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:30 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (Local Disk) - NTFS - Total:74 Go (Free:26 Go)
    G:\ (CD or DVD)
    H:\ (CD or DVD)
    I:\ (USB) - FAT32 - Total:3760 Mo (Free:1 Go)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [1] ( 01/04/2009| 0:36 )

    -----------\\ Recherche de Fichiers / Dossiers ...

    [Service] ASKService
    [Service] ASKUpgrade
    C:\Program Files\AskBarDis
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe
    C:\Program Files\AskBarDis\bar\bin
    C:\Program Files\AskBarDis\bar\Cache
    C:\Program Files\AskBarDis\bar\History
    C:\Program Files\AskBarDis\bar\Settings
    C:\Program Files\AskBarDis\bar\bin\askBar.dll
    C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
    C:\Program Files\AskBarDis\bar\bin\AskService.exe
    C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
    C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
    C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
    C:\Program Files\AskBarDis\bar\bin\psvince.dll
    C:\Program Files\AskBarDis\bar\Cache\0003E2A1
    C:\Program Files\AskBarDis\bar\Cache\000F047B
    C:\Program Files\AskBarDis\bar\Cache\000F1728
    C:\Program Files\AskBarDis\bar\Cache\007B9A65
    C:\Program Files\AskBarDis\bar\Cache\0163E928
    C:\Program Files\AskBarDis\bar\Cache\02A1C903.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1CB64.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1CD1A.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1CEC0.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1D066.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1D22B.bin
    C:\Program Files\AskBarDis\bar\Cache\02A1D40F.bin
    C:\Program Files\AskBarDis\bar\Cache\files.ini
    C:\Program Files\AskBarDis\bar\History\search
    C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
    C:\Program Files\AskBarDis\bar\Settings\config.dat
    C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
    C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
    C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
    C:\Program Files\DAEMON Tools Toolbar
    C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    C:\DOCUME~1\INVIT~1\APPLIC~1\VMNToolbar
    C:\DOCUME~1\INVIT~1\APPLIC~1\VMNToolbar\NewCfg
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\0
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\a.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\amazon.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\an.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrowB.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrowT.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow_down.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow_up.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\autofill.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\b.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bg_pub.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bg_ttl.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom_left.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom_right.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\c.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\CAlogo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\canalblog.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\cn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\COMBOSEARCH.list
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\d.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dictionary2.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dropdown.css
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\email_b.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_loading.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_off.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorLog.txt
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\f.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\fn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\g.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\gaming.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\gn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred0.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred0_5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred1.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred1_5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred2.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred2_5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred3.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred3_5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred4.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred4_5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\help.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hideremove.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\highlight.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hororank.xml
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\horoscope.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_aquarius.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_aries.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_cancer.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_capricorn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_gemini.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_leo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_libra.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_pisces.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_scorpio.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_taurus.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_virgo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\i.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\IEtab2_1.zip
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\images01.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\in.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\j.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\jn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\k.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\kn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\l.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\left.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ln.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\loading.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\logo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\logo_facebook.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\minus.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\minus_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\music2.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\n.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt15187203
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt346046
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36217531
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36394718
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36702265
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt38502015
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\NewCfg
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\news.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\news.html
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\newsb.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\nn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\o.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\pixsy.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\play.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\play_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\plus.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\plus_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\pn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_off.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_ona.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p_yahoo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\q.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\qn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\r.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\relatedlinks.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\report.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\right.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rss.xsl
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rss1.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rsslib.js
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\s.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search_fr.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\settings.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\shop2.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1043171
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt11734937
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt11895218
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt12047921
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1256781
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13179156
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1335609
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13944359
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13944640
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1487156
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1574953
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1621968
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1624609
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1722015
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1993671
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt241671
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2540140
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2564140
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2649750
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2814328
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2898484
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2932609
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt295562
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3141750
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3186687
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3303093
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt343187
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt346046
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3594984
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36217531
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36226921
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36394718
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36510906
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36684000
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3870171
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt39401609
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt4258437
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt4595640
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt5253218
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt5701859
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt6208453
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt699125
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt742609
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8465359
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8779968
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8790687
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8791281
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt903265
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt9566296
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\siteinfo.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\slider.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\spacer.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red1.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red2.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red3.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red4.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red5.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stop.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stop_on.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\t.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tabwelcome_en.html
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tab_icon.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\technorati.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tools.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top_left.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top_right.png
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\translate.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\u.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\un.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\utf8.js
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\v.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vmlib.js
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\w.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\web_en.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\wikipedia.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\wn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\x.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\xp_close_small.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\yahoo_search.gif
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\YouTube.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\z.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\zn.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\zoom.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\__slider.bmp
    C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\0\_lastfeeds.xml
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\1
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\a.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\amazon.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\an.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\arrow.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\arrowB.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\arrowT.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\arrow_down.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\arrow_up.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\autofill.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\b.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bg_pub.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bg_ttl.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bottom.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bottom_left.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\bottom_right.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\btn_addstations.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\btn_delete.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\c.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\CAlogo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\canalblog.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\cn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\COMBOSEARCH.list
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\d.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\dictionary2.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\dn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\dropdown.css
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\email_b.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\equalizer_loading.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\equalizer_off.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\equalizer_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\f.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\fn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\g.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\gaming.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\gn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred0.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred0_5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred1.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred1_5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred2.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred2_5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred3.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred3_5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred4.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred4_5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\graphred5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\help.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\hideremove.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\highlight.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\hn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\horoscope.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_aquarius.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_aries.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_cancer.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_capricorn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_gemini.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_leo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_libra.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_pisces.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_scorpio.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_taurus.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\h_virgo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\i.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\IEtab2_1.zip
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\images01.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\in.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\j.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\jn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\k.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\kn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\l.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\left.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\ln.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\loading.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\logo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\logo_facebook.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\minus.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\minus_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\music2.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\n.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt14119734
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt15637296
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt16691140
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt2513937
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt27229640
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt2764296
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt29240046
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt33289187
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt49658578
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\New York_NY_weather.txt9393640
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\NewCfg
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\news.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\news.html
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\newsb.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\nn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\o.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\p.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\pixsy.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\play.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\play_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\plus.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\plus_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\pn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\popup_off.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\popup_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\popup_ona.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\p_yahoo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\q.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\qn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\r.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\radiocfgdlg.html
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\RadioStations.list
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\radio_bg.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\relatedlinks.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\report.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\right.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\rn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\rss.xsl
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\rss1.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\rsslib.js
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\s.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\search.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\search.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\search_fr.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\settings.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\shop2.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt13515078
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt13534562
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt13666359
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt14119531
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt15637296
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt16691140
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt20500562
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt2513890
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt2690765
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt27229625
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt2762875
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt29240015
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt33289187
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt4321843
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt49658578
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sinfo.txt9393625
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\siteinfo.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\slider.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\sn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\spacer.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stars-red1.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stars-red2.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stars-red3.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stars-red4.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stars-red5.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stop.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\stop_on.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\t.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tabdataV3.js
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tabwelcome_en.html
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tab_icon.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\technorati.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\tools.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\top.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\top_left.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\top_right.png
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\translate.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\ttl_add.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\u.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\un.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\UserStations.list
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\utf8.js
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\v.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\vmlib.js
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\vn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\w.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\web_en.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\web_fr.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\wikipedia.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\wn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\x.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\xp_close_small.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\yahoo_search.gif
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\YouTube.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\z.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\zn.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\zoom.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\__slider.bmp
    C:\DOCUME~1\Vince\APPLIC~1\VMNToolbar\1\_lastfeeds.xml
    C:\Program Files\VMNToolbar
    C:\Program Files\VMNToolbar\install.ico
    C:\Program Files\VMNToolbar\tbuninstall.exe
    C:\Program Files\VMNToolbar\toolbar.ini
    C:\Program Files\VMNToolbar\uninstall.exe
    C:\Program Files\VMNToolbar\vmntoolbar.dll
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\SearchWeather.xml
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherStartup.xml
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\Weather_XML
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Links
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\radar-big.jpg
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\radar-small
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\satellite-big.jpg
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\satellite-small
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\WeatherPreferences
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Weather_XML
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Weather_XML\Display
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Weather_XML\Loading
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Weather_XML\screen2
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\WeatherDPA\Weather_XML\Version
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\Weather_XML\Default
    C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather\Weather_XML\General
    C:\DOCUME~1\Session\APPLIC~1\Zango
    C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf

    -----------\\ Extensions

    (Session) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
    (Session) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame

    (Vince) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
    (Vince) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com"
    "Search Bar"="http://www.wanadoo.fr/go/page_recherche/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.yahoo.com"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.yahoo.com"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\CoDMP.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\CoDSP.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\ToeD.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\Vistro.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\Halo Serial.txt
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\halo.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\HaloPC107.exe
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-.rar
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-\Halo Combat Evolved.ISO
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-\Halo Install Info -{bozy}-.txt
    C:\DOCUME~1\Vince\Mes documents\Downloads\HaloCEnodisc\Halo - KeyGen.exe



    1 - "C:\ToolBar SD\TB_1.txt" - 01/04/2009| 0:39 - Option : [1]

    -----------\\ Fin du rapport a 0:39:27,93

    a c 269 8 Sécurité
    1 Avril 2009 00:59:27

  • Exécute ce fichier : C:\Program Files\AskBarDis\unins000.exe

  • Idem pour : C:\Program Files\VMNToolbar\uninstall.exe

  • Relance Toolbar S&D, fais l'option 2 et poste le rapport.
    1 Avril 2009 09:27:33

    Voilà le rapport Tooblar S&D après "suppression" :


    -----------\\ ToolBar S&D 1.2.8 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.00GHz )
    BIOS : BIOS Date: 07/18/02 13:31:28 Ver: 08.00.00
    USER : Vince ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Internet Security 8.0.0.506 (Activated)
    Firewall : Kaspersky Internet Security 8.0.0.506 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:115 Go (Free:30 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (Local Disk) - NTFS - Total:74 Go (Free:26 Go)
    G:\ (CD or DVD)
    H:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
    Option : [2] ( 01/04/2009| 9:21 )

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    Supprime! - C:\DOCUME~1\INVIT~1\APPLIC~1\VMNToolbar\NewCfg
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\0
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\a.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\amazon.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\an.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrowB.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrowT.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow_down.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\arrow_up.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\autofill.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\b.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bg_pub.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bg_ttl.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom_left.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\bottom_right.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\c.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\CAlogo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\canalblog.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\cn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\COMBOSEARCH.list
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\d.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dictionary2.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\DownloadCOM.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\dropdown.css
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\email_b.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_loading.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_off.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\equalizer_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorLog.txt
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ErrorPageTemplate_search.css
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\f.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\fn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\g.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\gaming.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\gn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred0.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred0_5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred1.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred1_5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred2.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred2_5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred3.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred3_5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred4.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred4_5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\graphred5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\help.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hideremove.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\highlight.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\hororank.xml
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\horoscope.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_aquarius.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_aries.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_cancer.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_capricorn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_gemini.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_leo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_libra.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_pisces.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_sagittarius.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_scorpio.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_taurus.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\h_virgo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\i.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\IEtab2_1.zip
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\images01.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\in.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\j.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\jn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\k.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\kn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\l.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\left.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\ln.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\loading.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\logo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\logo_facebook.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\minus.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\minus_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\music2.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\n.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt15187203
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt346046
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36217531
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36394718
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt36702265
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\New York_NY_weather.txt38502015
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\NewCfg
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\news.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\news.html
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\newsb.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\nn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\o.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\pixsy.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\play.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\play_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\plus.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\plus_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\pn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_off.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\popup_ona.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p_yahoo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\q.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\qn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\r.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\relatedlinks.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\report.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\right.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rss.xsl
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rss1.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rsslib.js
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\s.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\search_fr.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\settings.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\shop2.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1043171
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt11734937
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt11895218
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt12047921
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1256781
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13179156
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1335609
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13944359
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt13944640
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1487156
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1574953
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1621968
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1624609
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1722015
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt1993671
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt241671
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2540140
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2564140
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2649750
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2814328
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2898484
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt2932609
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt295562
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3141750
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3186687
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3303093
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt343187
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt346046
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3594984
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36217531
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36226921
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36394718
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36510906
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt36684000
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt3870171
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt39401609
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt4258437
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt4595640
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt5253218
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt5701859
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt6208453
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt699125
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt742609
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8465359
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8779968
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8790687
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt8791281
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt903265
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sinfo.txt9566296
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\siteinfo.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\slider.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\sn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\spacer.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red1.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red2.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red3.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red4.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stars-red5.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stop.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\stop_on.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\t.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tabwelcome_en.html
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tabwelcome_fr.html
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tab_icon.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\technorati.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\tools.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top_left.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\top_right.png
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\translate.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\u.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\un.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\utf8.js
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\v.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vmlib.js
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vmntoolbartb0501.cfg
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\vn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\w.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\web_en.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\wikipedia.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\wn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\x.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\xp_close_small.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\yahoo_search.gif
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\YouTube.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\z.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\zn.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\zoom.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar\__slider.bmp
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\WeatherDPA\Weather
    Supprime! - C:\WINDOWS\Prefetch\ZANGOSA.EXE-34449957.pf
    Supprime! - C:\Program Files\DAEMON Tools Toolbar
    Supprime! - C:\DOCUME~1\INVIT~1\APPLIC~1\VMNToolbar
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\VMNToolbar
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\WeatherDPA
    Supprime! - C:\DOCUME~1\Session\APPLIC~1\Zango

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ Extensions

    (Session) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
    (Session) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame

    (Vince) - {b66bc4c3-6d25-4a10-8c59-01daa9063051} => foxgame
    (Vince) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com"
    "Search Bar"="http://www.wanadoo.fr/go/page_recherche/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://www.yahoo.com"
    "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
    "Start Page"="http://www.msn.com/"


    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\CoDMP.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\CoDSP.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\ToeD.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Call of Duty\Call of Duty\The Call of Duty\Crack\Vistro.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\Halo Serial.txt
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\halo.exe
    C:\DOCUME~1\Vince\Bureau\Bureau\Jeux\Halo\HALO CE\CRACK\HaloPC107.exe
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-.rar
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-\Halo Combat Evolved.ISO
    C:\DOCUME~1\Vince\Mes documents\BitTorrent Downloads\Jeux\Halo Combat Evolved (with No-Cd Cracks & Cd-Keys) -{bozy}-\Halo Combat Evolved -{bozy}-\Halo Install Info -{bozy}-.txt
    C:\DOCUME~1\Vince\Mes documents\Downloads\HaloCEnodisc\Halo - KeyGen.exe



    1 - "C:\ToolBar SD\TB_1.txt" - 01/04/2009| 0:39 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 01/04/2009| 9:26 - Option : [2]

    -----------\\ Fin du rapport a 9:26:39,14

    a c 269 8 Sécurité
    1 Avril 2009 15:42:52

    Essaie de faire la manip' avec Ad-Remover en mode sans échec.
    1 Avril 2009 16:24:53

    Comment démarrer Ad-Remover en mode sans échec ?
    a c 269 8 Sécurité
    1 Avril 2009 16:30:48

    Pour redémarrer en mode sans échec :
  • Redémarre ton PC.
  • Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
  • Dans le menu d'options avancées, choisis Mode sans échec.
  • Choisis ta session.
    1 Avril 2009 16:54:01

    Ad-Remover ne marche toujours pas. Même en mode sans échec.
    2 Avril 2009 18:33:18

    Euh... Navré pour le double poste mais, est-ce résolue ?
    Parce que mon navigateur plante toujours autant. En revanche la fenêtre intempestive ne vient plus me déranger. Du moins j'espère...
    a c 269 8 Sécurité
    2 Avril 2009 18:37:21

    Je suis justement en train de répondre aux sujets que j'avais mis un peu "en pause", le tien en fait partie.

    Je ne sais pas d'où vient le problème pour Navilog1 et Ad-Remover.

  • Mets à jour Internet Explorer.

  • Refais un scan OtViewIt et poste le rapport.
    2 Avril 2009 20:21:24

    Voici le rapport OtViewIt après la mise à jour d'Internet Explorer (bien que je ne l'utilise presque pas...) :

    OTViewIt logfile created on: 02/04/2009 20:16:14 - Run 2
    OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,50 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 60,47% Memory free
    3,35 Gb Paging File | 2,90 Gb Available in Paging File | 86,66% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 115,03 Gb Total Space | 27,32 Gb Free Space | 23,75% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    Drive F: | 74,52 Gb Total Space | 26,38 Gb Free Space | 35,39% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: BENJAMIN-O2LZEG
    Current User Name: Vince
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Whitelist: On
    File Age = 30 Days

    ========== Processes ==========

    [2008/04/17 15:14:00 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    [2003/03/17 16:17:00 | 00,049,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\Bjmcmng.exe
    [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
    [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    [2007/12/11 21:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    [2008/12/14 14:29:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
    [2006/10/22 13:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
    [2008/05/02 00:41:38 | 00,136,488 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
    [2008/04/13 19:34:30 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
    [2008/10/16 15:09:44 | 00,066,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
    [2004/01/26 11:38:38 | 00,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
    [2003/06/25 16:01:48 | 00,045,056 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\BJPV\TVMon.exe
    [2003/04/30 16:48:40 | 00,716,800 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\BJLaunch.exe
    [2002/06/03 11:38:12 | 00,049,152 | ---- | M] (ScanSoft, Inc) -- C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    [2003/06/25 11:24:48 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
    [2003/10/23 19:51:18 | 00,233,472 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    [2003/11/08 02:56:55 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    [2008/12/14 14:29:53 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
    [2008/10/15 02:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    [2007/07/04 21:59:02 | 00,045,056 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
    [2008/04/13 19:34:22 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2009/02/06 19:08:58 | 00,454,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
    [2008/04/17 15:14:00 | 00,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    [2007/03/19 00:05:02 | 00,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    [2009/03/19 22:09:34 | 00,342,848 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
    [2007/12/11 21:39:22 | 00,598,016 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    [2007/12/11 21:17:42 | 00,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    [2007/12/11 21:46:12 | 00,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    [2007/12/11 21:33:34 | 01,040,384 | ---- | M] () -- C:\Program Files\OrangeHSS\Deskboard\Deskboard.exe
    [2007/12/11 21:23:38 | 00,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe
    [2007/12/11 21:22:32 | 00,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\corecom\CoreCom.exe
    [2007/12/11 21:22:38 | 00,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\OrangeHSS\Connectivity\corecom\OraConfigRecover.exe
    [2007/12/11 21:19:58 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    [2009/03/29 15:10:43 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    [2009/04/02 20:16:00 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vince\Bureau\Bureau\Firefox\Téléchargement\OTViewIt(2).exe

    ========== (O23) Win32 Services ==========

    [2008/04/17 15:14:00 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
    [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
    [2009/02/04 18:57:48 | 00,206,088 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running])
    [2003/03/17 16:17:00 | 00,049,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\BJCard\Bjmcmng.exe -- (Bjmcmng [Auto | Running])
    [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
    [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
    [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [Auto | Running])
    [2007/12/11 21:19:44 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC [Auto | Running])
    [2008/12/01 12:01:02 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
    [2008/12/14 14:29:53 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
    [2006/10/22 13:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
    [2009/01/14 18:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
    [2008/05/02 00:40:44 | 03,032,360 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen [Auto | Running])
    [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

    ========== Driver Services ==========

    [2002/04/01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio [On_Demand | Running])
    [2003/12/08 11:53:48 | 00,053,600 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn [On_Demand | Stopped])
    [2003/12/08 11:53:46 | 00,070,688 | ---- | M] (THOMSON) -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl [On_Demand | Stopped])
    [2001/08/17 22:28:04 | 00,067,167 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2 [On_Demand | Stopped])
    [2001/08/17 22:28:06 | 00,289,887 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback [Auto | Running])
    [2003/06/17 12:43:00 | 00,006,528 | ---- | M] (Canon.inc) -- C:\WINDOWS\system32\drivers\bjhid2.sys -- (FilterService2 [On_Demand | Stopped])
    [2001/08/17 22:28:06 | 00,115,807 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks [Auto | Running])
    [2008/12/08 18:01:56 | 00,055,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr [Auto | Running])
    [2004/08/03 22:41:48 | 00,220,032 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys -- (HSFHWBS2 [On_Demand | Running])
    [2004/08/03 22:41:56 | 01,041,536 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys -- (HSF_DP [On_Demand | Running])
    [2001/08/17 22:28:10 | 00,542,879 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft [On_Demand | Stopped])
    [2008/05/24 22:09:10 | 00,073,728 | ---- | M] (EZB Systems, Inc.) -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive [System | Running])
    [2001/08/17 22:28:08 | 00,391,199 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56 [Auto | Running])
    [2008/04/13 20:05:16 | 00,014,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
    [2008/07/21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running])
    [2009/02/04 18:57:48 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [Boot | Running])
    [2008/03/13 19:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV [On_Demand | Running])
    [2009/02/04 18:57:48 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
    [2008/04/30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5 [On_Demand | Running])
    [2004/08/03 22:41:56 | 00,011,868 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
    [2006/10/22 13:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
    [2001/08/22 08:42:58 | 00,013,632 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [System | Running])
    [2003/09/23 11:38:34 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5 [On_Demand | Stopped])
    [2006/03/01 19:53:54 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5 [On_Demand | Running])
    [2001/08/28 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
    [2001/08/17 22:28:10 | 00,057,471 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample [On_Demand | Stopped])
    [2008/04/13 10:35:40 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139 [On_Demand | Running])
    [2008/04/13 09:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
    [2006/03/26 14:22:14 | 00,051,200 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
    [2006/03/13 11:38:23 | 00,006,656 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
    [2006/03/24 18:27:01 | 00,050,176 | ---- | M] (Protection Technology (StarForce)) -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04 [Boot | Running])
    [2005/11/03 16:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02 [Boot | Running])
    [2002/05/28 15:18:46 | 00,500,568 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm [On_Demand | Running])
    [2001/08/17 22:28:06 | 00,199,711 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax [Auto | Running])
    [2001/08/17 22:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
    [2008/11/29 22:16:43 | 00,717,296 | ---- | M] () -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd [Boot | Running])
    [2001/08/17 22:28:12 | 00,050,751 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones [Auto | Running])
    [2001/08/17 22:28:12 | 00,488,383 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124 [Auto | Running])
    [2008/03/17 22:14:52 | 00,015,144 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor [On_Demand | Stopped])
    [2007/02/16 21:12:36 | 00,011,312 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter [On_Demand | Running])
    [2008/01/15 22:11:46 | 00,013,480 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid [On_Demand | Running])
    [2007/02/16 02:11:28 | 00,011,440 | ---- | M] (Wacom Technology) -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid [On_Demand | Running])
    [2004/08/03 22:41:50 | 00,685,056 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys -- (winachsf [On_Demand | Running])

    ========== (R ) Internet Explorer ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
    "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Default_Secondary_Page_URL"=
    "Extensions Off Page"=about:NoAdd-ons
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Security Risk Page"=about:SecurityRisk
    "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Page_Transitions"=
    "Search Page"=http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
    ""=http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    "provider"=msn

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{08C06D61-F1F3-4799-86F8-BE1A89362C85}" (HKLM) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll ()
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    ========== (O1) Hosts File ==========

    HOSTS File = (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost

    ========== (O2) BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} (HKLM) -- C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} (HKLM) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
    {5C255C8A-E604-49b4-9D64-90988571CECB} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
    {64F56FC1-1272-44CD-BA6E-39723696E350} (HKLM) -- C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (EoRezo)
    {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (HKLM) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    {AE7CD045-E861-484f-8273-0445EE161910} (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    {CC59E0F9-7E43-44FA-9FAA-8377850BF205} (HKLM) -- C:\Program Files\Free Download Manager\iefdm2.dll ()
    {DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

    ========== (O3) Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" (HKLM) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    "{A057A204-BACC-4D26-8287-79A187E26987}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

    ========== (O4) Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ""= File not found
    "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (Adobe Systems Inc.)
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
    "ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" (Kaspersky Lab)
    "BJLaunchEXE"=C:\Program Files\Canon\BJCard\BJLaunch.exe (CANON INC.)
    "BJPD HID Control"=C:\Program Files\Canon\BJPV\TVMon.exe (Canon Inc.)
    "DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
    "EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" ()
    "fssui"="C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun (Microsoft Corporation)
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" (Hewlett-Packard Company)
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" (Hewlett-Packard)
    "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
    "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
    "nwiz"=nwiz.exe /install ()
    "Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (France Telecom SA)
    "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon (THOMSON Telecom Belgium)
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
    "ZangoOE"=C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe File not found

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
    "RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" ()

    ========== (O4) Startup Folders ==========

    File not found -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk =
    [2001/02/13 09:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

    ========== (O6 & O7) Current Version Policies ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    ========== (O8) IE Context Menu Extensions ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
    Ajouter à Kaspersky Anti-Bannière: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm [2008/11/11 20:47:00 | 00,001,411 | ---- | M] ()
    Convertir en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la cible du lien en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la cible du lien en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la sélection en Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir la sélection en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir les liens sélectionnés en fichier Adobe PDF: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    Convertir les liens sélectionnés en un fichier PDF existant: C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006/12/18 05:18:14 | 00,231,160 | ---- | M] (Adobe Systems Incorporated)
    E&xporter vers Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 17:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)
    Télécharger avec Free Download Manager: File not found
    Télécharger avec IDM: C:\Program Files\Internet Download Manager\IEExt.htm File not found
    Télécharger la sélection avec Free Download Manager: File not found
    Télécharger la vidéo avec Free Download Manager: File not found
    Télécharger le contenu de video FLV avec IDM: C:\Program Files\Internet Download Manager\IEGetVL.htm File not found
    Télécharger tous les liens avec IDM: C:\Program Files\Internet Download Manager\IEGetAll.htm File not found
    Tout télécharger avec Free Download Manager: File not found

    ========== (O9) IE Extensions ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
    {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}: Button: Statistiques de la protection du trafic Internet -- %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Button: Ajout Direct -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Menu: &Ajout Direct dans Windows Live Writer -- %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    {e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
    {F3FC5E6E-D4D2-4AA2-9696-15E072B551C6}: Button: Extract Flash Video with Bytescout... -- %ProgramFiles%\Bytescout Movies Extractor Scout\flashextract_ie.html File not found
    {FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messager Wanadoo -- %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)
    {FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Messager Wanadoo -- %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
    CmdMapping\\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll [Statistiques de la protection du trafic Internet] -> [2008/11/11 21:00:38 | 00,222,472 | ---- | M] (Kaspersky Lab)
    CmdMapping\\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [HKLM] -> %ProgramFiles%\Windows Live\Writer\WriterBrowserExtension.dll [Ajout Direct] -> [2008/12/02 23:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
    CmdMapping\\{97C8F444-6EA3-4985-BC29-B86A1D7FD5D8} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
    CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 11:53:34 | 00,558,080 | ---- | M] (Microsoft Corporation)
    CmdMapping\\{F3FC5E6E-D4D2-4AA2-9696-15E072B551C6} [HKLM] -> [Extract Flash Video with Bytescout...] -> File not found
    CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Wanadoo Messager\Wanadoo Messager.exe [Messager Wanadoo] -> [2003/12/16 17:51:32 | 02,187,264 | ---- | M] (France Telecom)

    ========== (O12) Internet Explorer Plugins ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
    PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&m...
    PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

    ========== (O13) Default Prefixes ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
    ""=http://

    ========== (O15) Trusted Sites ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    1 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    mappy.com: http in Trusted sites
    orange.fr: http in Trusted sites
    voila.fr\rw.search.ke: http in My Computer
    weborama.fr\orange: http in My Computer
    wikipedia.fr\www: https in My Computer
    3 domain(s) and sub-domain(s) not assigned to a zone.

    ========== (O16) DPF ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
    {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\Yinsthelper.dll -- Installation Support
    {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... -- Java Plug-in 1.6.0_07
    {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-wind... -- Java Plug-in 1.6.0_11
    {D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload.macromedia.com/pub/shockwave/cabs/fla... -- Shockwave Flash Object
    Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

    ========== (O17) DNS Name Servers ==========

    {8657F4CD-A6C5-46D5-9FC8-9FD09EE4CDA1} (Servers: | Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family)

    ========== (O20) AppInit_DLLs ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_Dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll
    >[2008/11/11 21:00:26 | 00,079,112 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll
    >[2008/11/11 20:59:38 | 00,083,208 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll
    >[2008/11/11 21:00:02 | 00,011,016 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll

    ========== (O20) Winlogon Notify Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
    klogon: "DllName" = C:\WINDOWS\system32\klogon.dll -- C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

    ========== Safeboot Options ==========

    "AlternateShell"=cmd.exe

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    AUTOEXEC.BAT []
    [2008/10/15 18:51:15 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

    ========== MountPoints2 ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell]
    ""=AutoRun


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\1\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\2\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b760e66-afbf-11dd-98b0-000e504ad2fb}\Shell\AutoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/06/17 21:02:15 | 08,517,632 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell]
    ""=AutoRun


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\1\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\2\Command]
    ""=RECYCLER\RECYCLER\autorun.exe


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7a6de39-e079-11dd-9922-000e504ad2fb}\Shell\AutoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/06/17 21:02:15 | 08,517,632 | ---- | M] (Microsoft Corporation)

    ========== Files/Folders - Created Within 30 Days ==========

    [6 C:\WINDOWS\*.tmp files]
    [2009/04/02 19:11:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
    [2009/04/02 19:07:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
    [2009/04/01 13:07:32 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\Silkroad.lnk
    [2009/04/01 12:57:54 | 00,000,000 | ---D | C] -- C:\Program Files\Silkroad
    [2009/04/01 00:34:42 | 00,000,000 | ---D | C] -- C:\ToolBar SD
    [2009/04/01 00:16:57 | 00,001,570 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\Ad-remover.lnk
    [2009/04/01 00:16:57 | 00,000,000 | ---D | C] -- C:\Program Files\Ad-remover
    [2009/03/31 09:35:33 | 05,961,728 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\contrat location Audrey.doc
    [2009/03/30 19:35:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\Malwarebytes
    [2009/03/30 19:35:27 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2009/03/30 19:35:27 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2009/03/30 19:35:25 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2009/03/30 19:35:23 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2009/03/30 19:35:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2009/03/30 19:21:32 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
    [2009/03/30 19:21:31 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
    [2009/03/29 22:38:15 | 00,000,000 | ---D | C] -- C:\Program Files\MSECache
    [2009/03/29 17:47:33 | 00,000,000 | ---D | C] -- C:\rsit
    [2009/03/29 17:45:18 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\RSIT.exe
    [2009/03/29 15:26:32 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Vince\Bureau\HijackThis.lnk
    [2009/03/29 15:26:32 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2009/03/25 22:23:22 | 00,037,320 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\Mme MONNERET.pdf
    [2009/03/25 21:54:51 | 00,000,000 | ---D | C] -- C:\alaplaya
    [2009/03/25 20:13:22 | 02,004,480 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\Culture artistique.doc
    [2009/03/25 15:51:41 | 00,000,000 | ---D | C] -- C:\Program Files\alaplaya
    [2009/03/22 23:13:19 | 00,000,000 | ---D | C] -- C:\Program Files\iriverter
    [2009/03/22 18:53:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\FFOutput
    [2009/03/22 18:22:44 | 00,000,000 | ---D | C] -- C:\ConverterOutput
    [2009/03/22 18:21:32 | 00,372,736 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
    [2009/03/22 18:21:25 | 00,000,000 | ---D | C] -- C:\Program Files\Cucusoft
    [2009/03/21 00:25:02 | 00,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
    [2009/03/19 22:27:22 | 00,000,000 | ---D | C] -- C:\Program Files\Outspark
    [2009/03/19 22:03:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Local Settings\Application Data\DNA
    [2009/03/19 22:03:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\DNA
    [2009/03/17 23:12:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ROSE Online Evolution
    [2009/03/17 23:12:28 | 00,000,000 | ---D | C] -- C:\Program Files\Triggersoft
    [2009/03/17 22:05:36 | 00,000,000 | ---D | C] -- C:\Program Files\GameTribe
    [2009/03/15 22:34:09 | 00,623,024 | ---- | C] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr
    [2009/03/15 22:34:09 | 00,616,208 | ---- | C] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr.bak
    [2009/03/15 20:54:11 | 00,000,000 | ---D | C] -- C:\Program Files\Goa
    [2009/03/15 20:45:13 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Blizzard Entertainment
    [2009/03/15 20:16:57 | 00,000,000 | ---D | C] -- C:\Program Files\Games-Masters.com
    [2009/03/14 18:04:23 | 00,107,303 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\jeu.jpg
    [2009/03/12 23:53:55 | 00,014,555 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\espardalegion.gif
    [2009/03/12 23:40:56 | 00,030,341 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\36_19_7[1].gif
    [2009/03/12 23:36:56 | 00,013,256 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\smiley_cry_1.gif
    [2009/03/12 23:29:13 | 00,001,134 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn5.bmp
    [2009/03/12 23:28:36 | 00,004,086 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn4.bmp
    [2009/03/12 23:26:42 | 00,025,446 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn3.bmp
    [2009/03/12 23:25:47 | 00,002,238 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn2.bmp
    [2009/03/12 23:24:49 | 00,003,654 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn1.bmp
    [2009/03/12 23:19:32 | 00,026,374 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\msn.bmp
    [2009/03/12 00:32:43 | 00,021,504 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\géo dm 2.doc
    [2009/03/08 14:18:02 | 01,310,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
    [2009/03/08 14:17:46 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
    [2009/03/08 14:17:30 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe.mui
    [2009/03/08 14:16:06 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
    [2009/03/08 14:16:06 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
    [2009/03/08 14:15:48 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
    [2009/03/08 14:09:26 | 00,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
    [2009/03/08 14:09:26 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
    [2009/03/08 07:09:18 | 00,010,847 | -H-- | C] () -- C:\Tree4.GID
    [2009/03/08 04:41:16 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
    [2009/03/08 04:39:48 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
    [2009/03/08 04:34:58 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
    [2009/03/08 04:34:56 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
    [2009/03/08 04:34:52 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
    [2009/03/08 04:34:48 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
    [2009/03/08 04:34:48 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
    [2009/03/08 04:34:30 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
    [2009/03/08 04:34:28 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
    [2009/03/08 04:34:18 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
    [2009/03/08 04:34:18 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
    [2009/03/08 04:33:48 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
    [2009/03/08 04:33:40 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
    [2009/03/08 04:33:26 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
    [2009/03/08 04:33:16 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
    [2009/03/08 04:33:08 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
    [2009/03/08 04:33:06 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
    [2009/03/08 04:33:02 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
    [2009/03/08 04:32:56 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
    [2009/03/08 04:32:54 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
    [2009/03/08 04:32:52 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
    [2009/03/08 04:32:52 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
    [2009/03/08 04:32:50 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
    [2009/03/08 04:32:50 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
    [2009/03/08 04:32:48 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
    [2009/03/08 04:32:46 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
    [2009/03/08 04:32:26 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
    [2009/03/08 04:32:22 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
    [2009/03/08 04:32:04 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
    [2009/03/08 04:31:56 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
    [2009/03/08 04:31:54 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
    [2009/03/08 04:31:52 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
    [2009/03/08 04:31:52 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
    [2009/03/08 04:31:44 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
    [2009/03/08 04:31:38 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
    [2009/03/08 04:31:38 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
    [2009/03/08 04:31:36 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
    [2009/03/08 04:31:26 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
    [2009/03/08 04:31:18 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
    [2009/03/08 04:31:02 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
    [2009/03/08 04:31:02 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
    [2009/03/08 04:30:56 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
    [2009/03/08 04:24:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
    [2009/03/08 04:22:46 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
    [2009/03/08 04:22:38 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
    [2009/03/08 04:11:12 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
    [2009/03/06 14:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\NCH Software
    [2009/03/06 14:39:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
    [2009/03/06 14:39:04 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
    [2009/03/06 01:51:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\clips
    [2009/03/06 01:47:44 | 00,000,000 | ---D | C] -- C:\Program Files\HyCam2
    [2009/03/06 01:46:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Application Data\ALLCapture
    [2009/03/06 01:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Vince\Mes documents\1AVStor
    [2009/03/06 01:36:26 | 00,438,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSHFLXGD.OCX
    [2009/03/06 01:36:26 | 00,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
    [2009/03/06 01:36:26 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX
    [2009/03/06 01:36:26 | 00,008,608 | ---- | C] () -- C:\WINDOWS\System32\mpeg4ax.cat
    [2009/03/06 01:36:26 | 00,008,587 | ---- | C] () -- C:\WINDOWS\System32\msaudio.cat
    [2009/03/06 01:36:20 | 00,028,160 | ---- | C] () -- C:\Documents and Settings\Vince\Mes documents\géo dm.doc
    [2009/03/06 01:36:06 | 00,000,000 | ---D | C] -- C:\Program Files\1AVCenter

    ========== Files - Modified Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [6 C:\WINDOWS\*.tmp files]
    [2009/04/02 20:11:36 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2009/04/02 20:11:14 | 00,000,077 | -HS- | M] () -- C:\Documents and Settings\Vince\Mes documents\desktop.ini
    [2009/04/02 20:10:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2009/04/02 20:10:09 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2009/04/02 20:08:47 | 06,100,000 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
    [2009/04/02 20:08:47 | 01,179,680 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
    [2009/04/02 20:08:47 | 00,049,784 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
    [2009/04/02 20:08:47 | 00,006,160 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
    [2009/04/02 00:00:10 | 00,035,328 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/04/01 16:43:23 | 04,240,656 | -H-- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\IconCache.db
    [2009/04/01 13:07:32 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\Silkroad.lnk
    [2009/04/01 00:16:57 | 00,001,570 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\Ad-remover.lnk
    [2009/03/31 21:49:24 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2009/03/31 09:47:17 | 05,961,728 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\contrat location Audrey.doc
    [2009/03/31 09:44:46 | 00,000,815 | ---- | M] () -- C:\WINDOWS\win.ini
    [2009/03/30 19:35:27 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [2009/03/30 19:21:32 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
    [2009/03/30 18:25:21 | 00,071,128 | ---- | M] () -- C:\Documents and Settings\Vince\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [2009/03/30 18:23:41 | 00,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2009/03/30 15:54:19 | 00,468,370 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2009/03/30 15:54:19 | 00,401,074 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2009/03/30 15:54:19 | 00,076,284 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2009/03/30 15:54:19 | 00,062,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2009/03/30 15:54:16 | 01,018,608 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2009/03/29 17:45:18 | 00,781,909 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\RSIT.exe
    [2009/03/29 15:26:32 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Vince\Bureau\HijackThis.lnk
    [2009/03/29 12:13:24 | 00,000,096 | -H-- | M] () -- C:\WINDOWS\System32\HsInfo.dat
    [2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2009/03/25 22:23:24 | 00,037,320 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\Mme MONNERET.pdf
    [2009/03/25 21:28:36 | 02,004,480 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\Culture artistique.doc
    [2009/03/24 20:55:20 | 00,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
    [2009/03/23 20:02:15 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
    [2009/03/21 00:25:02 | 00,041,808 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
    [2009/03/19 20:56:27 | 00,097,792 | -HS- | M] () -- C:\Documents and Settings\Vince\Mes documents\Thumbs.db
    @Alternate Data Stream - 0 bytes -> C:\Documents and Settings\Vince\Mes documents\Thumbs.db:encryptable
    [2009/03/16 00:23:02 | 00,623,024 | ---- | M] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr
    [2009/03/16 00:12:30 | 00,616,208 | ---- | M] () -- C:\BENJAMIN ADELINE - 2008+2009 trimestre 2 - 06.npr.bak
    [2009/03/14 18:04:25 | 00,107,303 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\jeu.jpg
    [2009/03/13 01:00:49 | 00,021,504 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\géo dm 2.doc
    [2009/03/13 00:53:21 | 00,067,440 | ---- | M] () -- C:\Documents and Settings\Vince\Application Data\GDIPFONTCACHEV1.DAT
    [2009/03/13 00:04:01 | 00,028,160 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\géo dm.doc
    [2009/03/12 23:53:56 | 00,014,555 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\espardalegion.gif
    [2009/03/12 23:40:57 | 00,030,341 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\36_19_7[1].gif
    [2009/03/12 23:36:57 | 00,013,256 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\smiley_cry_1.gif
    [2009/03/12 23:29:13 | 00,001,134 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn5.bmp
    [2009/03/12 23:28:36 | 00,004,086 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn4.bmp
    [2009/03/12 23:26:42 | 00,025,446 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn3.bmp
    [2009/03/12 23:25:47 | 00,002,238 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn2.bmp
    [2009/03/12 23:24:49 | 00,003,654 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn1.bmp
    [2009/03/12 23:20:50 | 00,026,374 | ---- | M] () -- C:\Documents and Settings\Vince\Mes documents\msn.bmp
    [2009/03/11 20:02:07 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2009/03/09 20:46:49 | 00,006,386 | ---- | M] () -- C:\WINDOWS\PARCOURS.INI
    [2009/03/08 14:18:02 | 01,310,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll.mui
    [2009/03/08 14:17:46 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll.mui
    [2009/03/08 14:17:30 | 00,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe.mui
    [2009/03/08 14:16:06 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll.mui
    [2009/03/08 14:16:06 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe.mui
    [2009/03/08 14:15:48 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll.mui
    [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
    [2009/03/08 14:09:26 | 00,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
    [2009/03/08 14:09:26 | 00,391,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
    [2009/03/08 07:09:31 | 00,010,847 | -H-- | M] () -- C:\Tree4.GID
    [2009/03/08 04:41:16 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
    [2009/03/08 04:41:16 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
    [2009/03/08 04:39:48 | 11,063,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
    [2009/03/08 04:35:10 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
    [2009/03/08 04:34:58 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll
    [2009/03/08 04:34:58 | 00,914,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
    [2009/03/08 04:34:56 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll
    [2009/03/08 04:34:56 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
    [2009/03/08 04:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
    [2009/03/08 04:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
    [2009/03/08 04:34:48 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\webcheck.dll
    [2009/03/08 04:34:48 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll
    [2009/03/08 04:34:48 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WinFXDocObj.exe
    [2009/03/08 04:34:30 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
    [2009/03/08 04:34:30 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
    [2009/03/08 04:34:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
    [2009/03/08 04:34:28 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
    [2009/03/08 04:34:18 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
    [2009/03/08 04:34:18 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
    [2009/03/08 04:34:18 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\occache.dll
    [2009/03/08 04:34:18 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
    [2009/03/08 04:33:48 | 00,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
    [2009/03/08 04:33:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
    [2009/03/08 04:33:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
    [2009/03/08 04:33:26 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
    [2009/03/08 04:33:26 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
    [2009/03/08 04:33:16 | 00,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
    [2009/03/08 04:33:16 | 00,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
    [2009/03/08 04:33:08 | 00,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
    [2009/03/08 04:33:08 | 00,229,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll
    [2009/03/08 04:33:06 | 00,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
    [2009/03/08 04:33:06 | 00,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
    [2009/03/08 04:33:02 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
    [2009/03/08 04:33:02 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll
    [2009/03/08 04:32:56 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admparse.dll
    [2009/03/08 04:32:56 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\admparse.dll
    [2009/03/08 04:32:54 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
    [2009/03/08 04:32:54 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
    [2009/03/08 04:32:52 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
    [2009/03/08 04:32:52 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
    [2009/03/08 04:32:52 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieudinit.exe
    [2009/03/08 04:32:50 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
    [2009/03/08 04:32:50 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iesetup.dll
    [2009/03/08 04:32:50 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll
    [2009/03/08 04:32:50 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll
    [2009/03/08 04:32:48 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
    [2009/03/08 04:32:48 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\advpack.dll
    [2009/03/08 04:32:46 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
    [2009/03/08 04:32:46 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
    [2009/03/08 04:32:26 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
    [2009/03/08 04:32:22 | 01,985,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iertutil.dll
    [2009/03/08 04:32:04 | 00,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
    [2009/03/08 04:32:04 | 00,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
    [2009/03/08 04:31:56 | 00,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
    [2009/03/08 04:31:56 | 00,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
    [2009/03/08 04:31:54 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedssync.exe
    [2009/03/08 04:31:52 | 00,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\icardie.dll
    [2009/03/08 04:31:52 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
    [2009/03/08 04:31:44 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
    [2009/03/08 04:31:44 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
    [2009/03/08 04:31:38 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
    [2009/03/08 04:31:38 | 00,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
    [2009/03/08 04:31:38 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
    [2009/03/08 04:31:38 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imgutil.dll
    [2009/03/08 04:31:36 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
    [2009/03/08 04:31:36 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
    [2009/03/08 04:31:26 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmled.dll
    [2009/03/08 04:31:26 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
    [2009/03/08 04:31:18 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
    [2009/03/08 04:31:18 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmler.dll
    [2009/03/08 04:31:02 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
    [2009/03/08 04:31:02 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.tlb
    [2009/03/08 04:31:02 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshta.exe
    [2009/03/08 04:31:02 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshta.exe
    [2009/03/08 04:30:56 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdc.ocx
    [2009/03/08 04:30:56 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
    [2009/03/08 04:24:28 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
    [2009/03/08 04:22:46 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieui.dll
    [2009/03/08 04:22:38 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
    [2009/03/08 04:22:38 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
    [2009/03/08 04:15:06 | 00,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
    [2009/03/08 04:11:12 | 00,445,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll
    < End of report >
    a c 269 8 Sécurité
    2 Avril 2009 20:33:35

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Double-clique sur OTMoveIt3.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Program Files\EoRezo

    :reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    "{64F56FC1-1272-44CD-BA6E-39723696E350}"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{A057A204-BACC-4D26-8287-79A187E26987}"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "EoEngine"=-
    "ZangoOE"=-

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    2 Avril 2009 20:57:02

    Voici le rapport OTMoveIt3 :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    C:\Program Files\EoRezo\lang moved successfully.
    C:\Program Files\EoRezo\EoAdv moved successfully.
    C:\Program Files\EoRezo moved successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\\{64F56FC1-1272-44CD-BA6E-39723696E350} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-8287-79A187E26987}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\EoEngine deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ZangoOE deleted successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Vince\LOCALS~1\Temp\etilqs_XUwbPyHAfEbDcZU2Af2b scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Vince\LOCALS~1\Temp\fla89.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Vince\LOCALS~1\Temp\fla8B.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Vince\LOCALS~1\Temp\~DFE83B.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\cch~1d351869f.htp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\cch~1d351f7bd.htp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\cch~1d3a20482.htp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\cch~1d3a22798.htp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7a0.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04022009_204817

    Files moved on Reboot...
    File C:\DOCUME~1\Vince\LOCALS~1\Temp\etilqs_XUwbPyHAfEbDcZU2Af2b not found!
    File C:\DOCUME~1\Vince\LOCALS~1\Temp\fla89.tmp not found!
    File C:\DOCUME~1\Vince\LOCALS~1\Temp\fla8B.tmp not found!
    C:\DOCUME~1\Vince\LOCALS~1\Temp\~DFE83B.tmp moved successfully.
    File C:\WINDOWS\temp\cch~1d351869f.htp not found!
    File C:\WINDOWS\temp\cch~1d351f7bd.htp not found!
    File C:\WINDOWS\temp\cch~1d3a20482.htp not found!
    File C:\WINDOWS\temp\cch~1d3a22798.htp not found!
    File C:\WINDOWS\temp\Perflib_Perfdata_7a0.dat not found!
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Vince\Local Settings\Application Data\Mozilla\Firefox\Profiles\70sbg4rt.default\XUL.mfl moved successfully.
    a c 269 8 Sécurité
    2 Avril 2009 21:08:32

    L'auteur d'UsbFix ayant retiré son programme (UsbFix), je prends la responsabilité de te le faire utiliser. Merci aux autres de ne pas utiliser le lien de téléchargement donné.

  • Télécharge UsbFix sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix sur ton Bureau.
  • Choisis l'option 1 (Nettoyage).
  • Le PC va redémarrer.
  • Après redémarrage, poste le rapport UsbFix.txt

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
    2 Avril 2009 21:26:26

    UsbFix présente les mêmes symptômes que Malwarebytes' Anti-Malware (MBAM) et Ad-Remover. Autrement dit "lorsque je double-clique sur le raccourcis, toutes les icônes de mon bureau disparaissent avec la barre du menu démarrer durant 2 secondes [environ]. Et rien ne se passe."
    a c 269 8 Sécurité
    2 Avril 2009 21:27:49

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    3 Avril 2009 19:13:59

    A la fin du téléchargement le message d'erreur suivant s'affiche :



    J'hésite de plus en plus à réinstaller le système d'exploitation (ou du moins tenter une réparation). Je poste rapports sur rapports et aucun changement depuis, hormis la page de pub. En revanche un nombre considérable de programmes on disparues et de nouveaux problèmes surviennent à leur tour, et sans compter que FireFox plante de plus en plus fréquemment. J'avoue que je commence à perdre patience :??: 
    a c 269 8 Sécurité
    3 Avril 2009 19:24:10

    ComboFix(3).exe.part.

    Le fichier n'a pas été téléchargé entièrement.
    3 Avril 2009 19:31:24

    Justement, il ne le télécharge pas entièrement. J'ai essayé à plusieurs reprise mais non ça ne marche pas. J'arrive cependant à télécharger tous les autres programmes.
    3 Avril 2009 19:49:51

    Lorsque j'exécute le programme après téléchargement (autant pour moi), un chargement apparait, et plus rien...
    a c 269 8 Sécurité
    3 Avril 2009 20:38:47

    Renomme ComboFix en IDN puis essaie de le lancer.

    Si ça ne fonctionne pas, essaie en mode sans échec.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS