Rapport hijakthis
Résolu
suzytouns
Messages postés
51
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour, kk'un peux m'expliker ce ke je dois faire???
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:29, on 15/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Thomson\Auto Updater\Auto Updater.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\Ext\Sizer\sizer.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/sea rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/sea rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Dme&x Toolbar - {3F756BC4-26CB-497E-9409-8F09C1850C80} - C:\WINDOWS\system32\Ext\DmexBar\dmexbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKLM\..\Run: [LyraUpdates] "C:\Program Files\Thomson\Auto Updater\Auto Updater.exe"
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ugac] "C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [985ddd5c] rundll32.exe "C:\WINDOWS\system32\ogxmfmpt.dll",b
O4 - HKCU\..\Run: [RestoreDesktop] C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Anas] "C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Zxnhni] "C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: AllSnap.lnk = C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
O4 - Startup: ClipTray.lnk = C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
O4 - Startup: ClocX.lnk = C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
O4 - Startup: DialogBoxAssistant.lnk = C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
O4 - Startup: RestoreDesktop.lnk = C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - Startup: Sizer.lnk = C:\WINDOWS\system32\Ext\Sizer\sizer.exe
O4 - Startup: StatBar.lnk = C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
O4 - Startup: SWFLivePreview.lnk = C:\WINDOWS\system32\Ext\SWFLivePreview\swf_lp.exe
O4 - Startup: TaskSwitchXP.lnk = C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
O4 - Startup: Winroll.lnk = C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Get File Size - res://C:\WINDOWS\System32\Ext\GetFileSize\GetFileSize.exe/130
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Diminuer la taille de la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\WINDOWS\system32\Ext\EasyRead\ZoomOut.js
O9 - Extra button: Agrandir la taille de la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\WINDOWS\system32\Ext\EasyRead\ZoomIn.js
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:29, on 15/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Thomson\Auto Updater\Auto Updater.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\Ext\Sizer\sizer.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/sea rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*https://fr.yahoo.com/?p=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/sea rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Dme&x Toolbar - {3F756BC4-26CB-497E-9409-8F09C1850C80} - C:\WINDOWS\system32\Ext\DmexBar\dmexbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKLM\..\Run: [LyraUpdates] "C:\Program Files\Thomson\Auto Updater\Auto Updater.exe"
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ugac] "C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [985ddd5c] rundll32.exe "C:\WINDOWS\system32\ogxmfmpt.dll",b
O4 - HKCU\..\Run: [RestoreDesktop] C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Anas] "C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Zxnhni] "C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: AllSnap.lnk = C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
O4 - Startup: ClipTray.lnk = C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
O4 - Startup: ClocX.lnk = C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
O4 - Startup: DialogBoxAssistant.lnk = C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
O4 - Startup: RestoreDesktop.lnk = C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - Startup: Sizer.lnk = C:\WINDOWS\system32\Ext\Sizer\sizer.exe
O4 - Startup: StatBar.lnk = C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
O4 - Startup: SWFLivePreview.lnk = C:\WINDOWS\system32\Ext\SWFLivePreview\swf_lp.exe
O4 - Startup: TaskSwitchXP.lnk = C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
O4 - Startup: Winroll.lnk = C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Get File Size - res://C:\WINDOWS\System32\Ext\GetFileSize\GetFileSize.exe/130
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Diminuer la taille de la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\WINDOWS\system32\Ext\EasyRead\ZoomOut.js
O9 - Extra button: Agrandir la taille de la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\WINDOWS\system32\Ext\EasyRead\ZoomIn.js
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
A voir également:
- Rapport hijakthis
- Plan rapport de stage - Guide
- Rapport erreur windows - Guide
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant - Forum Excel
- Thème rapport de stage comptabilité - Forum Word
- Rapport sur le dark web - Accueil - Protection
101 réponses
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:00:33, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Thomson\Auto Updater\Auto Updater.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\Ext\Sizer\sizer.exe
C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {2F8730D0-0BBE-4EF3-8086-8BA7B72C4266} - C:\WINDOWS\system32\qopqn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B2B30B77-9699-47B4-B927-DA22C0627C5E} - C:\WINDOWS\system32\tuvtq.dll (file missing)
O2 - BHO: (no name) - {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - C:\WINDOWS\system32\ssqropp.dll (file missing)
O2 - BHO: {18c234aa-8230-c078-a124-f42731c6a46f} - {f64a6c13-724f-421a-870c-0328aa432c81} - C:\WINDOWS\system32\ppbwlfbo.dll (file missing)
O2 - BHO: (no name) - {FC1437ED-CCAF-4616-98F8-3EE834971251} - C:\WINDOWS\system32\xxyyv.dll (file missing)
O3 - Toolbar: Dme&x Toolbar - {3F756BC4-26CB-497E-9409-8F09C1850C80} - C:\WINDOWS\system32\Ext\DmexBar\dmexbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LyraUpdates] "C:\Program Files\Thomson\Auto Updater\Auto Updater.exe"
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ugac] "C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [RestoreDesktop] C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Anas] "C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Zxnhni] "C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: AllSnap.lnk = C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
O4 - Startup: ClipTray.lnk = C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
O4 - Startup: ClocX.lnk = C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
O4 - Startup: DialogBoxAssistant.lnk = C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
O4 - Startup: RestoreDesktop.lnk = C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - Startup: Sizer.lnk = C:\WINDOWS\system32\Ext\Sizer\sizer.exe
O4 - Startup: StatBar.lnk = C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
O4 - Startup: SWFLivePreview.lnk = C:\WINDOWS\system32\Ext\SWFLivePreview\swf_lp.exe
O4 - Startup: TaskSwitchXP.lnk = C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
O4 - Startup: Winroll.lnk = C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Get File Size - res://C:\WINDOWS\System32\Ext\GetFileSize\GetFileSize.exe/130
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Diminuer la taille de la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\WINDOWS\system32\Ext\EasyRead\ZoomOut.js
O9 - Extra button: Agrandir la taille de la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\WINDOWS\system32\Ext\EasyRead\ZoomIn.js
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 22:00:33, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Thomson\Auto Updater\Auto Updater.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
C:\WINDOWS\system32\Ext\Sizer\sizer.exe
C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {2F8730D0-0BBE-4EF3-8086-8BA7B72C4266} - C:\WINDOWS\system32\qopqn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B2B30B77-9699-47B4-B927-DA22C0627C5E} - C:\WINDOWS\system32\tuvtq.dll (file missing)
O2 - BHO: (no name) - {E180F496-8A4B-44E2-9FE0-0364E345DB7F} - C:\WINDOWS\system32\ssqropp.dll (file missing)
O2 - BHO: {18c234aa-8230-c078-a124-f42731c6a46f} - {f64a6c13-724f-421a-870c-0328aa432c81} - C:\WINDOWS\system32\ppbwlfbo.dll (file missing)
O2 - BHO: (no name) - {FC1437ED-CCAF-4616-98F8-3EE834971251} - C:\WINDOWS\system32\xxyyv.dll (file missing)
O3 - Toolbar: Dme&x Toolbar - {3F756BC4-26CB-497E-9409-8F09C1850C80} - C:\WINDOWS\system32\Ext\DmexBar\dmexbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LyraUpdates] "C:\Program Files\Thomson\Auto Updater\Auto Updater.exe"
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ugac] "C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [RestoreDesktop] C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Anas] "C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" -vt ndrv
O4 - HKCU\..\Run: [Zxnhni] "C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: AllSnap.lnk = C:\WINDOWS\system32\Ext\AllSnap\allSnap.exe
O4 - Startup: ClipTray.lnk = C:\WINDOWS\system32\Ext\ClipTray\ClipTray.exe
O4 - Startup: ClocX.lnk = C:\WINDOWS\system32\Ext\ClocX\ClocX.exe
O4 - Startup: DialogBoxAssistant.lnk = C:\WINDOWS\system32\Ext\DialogBoxAssistant\OSDEx.exe
O4 - Startup: RestoreDesktop.lnk = C:\WINDOWS\system32\Ext\Restoredesktop\RestoreDesktop.exe
O4 - Startup: Sizer.lnk = C:\WINDOWS\system32\Ext\Sizer\sizer.exe
O4 - Startup: StatBar.lnk = C:\WINDOWS\system32\Ext\Statbar\StatBar.exe
O4 - Startup: SWFLivePreview.lnk = C:\WINDOWS\system32\Ext\SWFLivePreview\swf_lp.exe
O4 - Startup: TaskSwitchXP.lnk = C:\WINDOWS\system32\Ext\TaskSwitchXP\TaskSwitchXP.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\system32\Ext\UberIcon\UberIconManager.exe
O4 - Startup: Winroll.lnk = C:\WINDOWS\system32\Ext\WinRoll\winroll.exe
O4 - Global Startup: svchost.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Get File Size - res://C:\WINDOWS\System32\Ext\GetFileSize\GetFileSize.exe/130
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Diminuer la taille de la page - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\WINDOWS\system32\Ext\EasyRead\ZoomOut.js
O9 - Extra button: Agrandir la taille de la page - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\WINDOWS\system32\Ext\EasyRead\ZoomIn.js
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MySql - Unknown owner - C:\mysql\bin\mysqld-nt.exe
O23 - Service: PanelSvc - Unknown owner - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Re , ça resiste :
Désactive ta restauration système
Clic sur « Démarrer »
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu y coches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]
Télécharge ComboFix ici → http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Et enregistre le sur le bureau >>> /!\ IMPORTANT /!\
Regardes ici, si tu souhaites te familiariser avec son utilisation: https://www.google.fr/?gws_rd=ssl
AVANT d'utiliser ComboFix :
→ Déconnecte ton PC d'Internet et referme les fenêtres de tous les programmes en cours. /!\
→ Désactive provisoirement (et seulement le temps de l'utilisation de ComboFix), la protection en temps réel de ton Antivirus et de tes Antispywares et de TOUT tes logiciels de protection !!!, (activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil). /!\
Sur ton bureau double clic sur Combofix.exe.
Appuies sur la touche 1, pour que le programme commence à s'exécuter et suis les instructions à l'écran.
/!\ PENDANT TOUTE la durée (ça peut être assez long si le pc est très infecté) du scan de ComboFix, n'ouvres aucun programme, ne touche pas à ta souris et ne surfe pas sur le net /!\
Soit patient (même si tu penses que le PC est arrêté) ; les temps « d'arrêt apparent » sont parfois de plusieurs minutes (il y a ± 40 étapes d’analyse).
En cours de nettoyage il est possible, que tu reçoives un avertissement te disant que le pc va redémarrer, laisse le faire.
Après le redemarrage du pc, un rapport s'ouvrira dans le Bloc notes en fin d'analyse, copie et colle tout son contenu dans ton prochain message.
(Le fichier rapport Combofix.txt , est ensuite automatiquement sauvegardé dans C:\Combofix.txt)
Ensuite réactive ta restauration système
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu décoches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]
A+
Bien suivre la procédure !!
Désactive ta restauration système
Clic sur « Démarrer »
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu y coches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]
Télécharge ComboFix ici → http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Et enregistre le sur le bureau >>> /!\ IMPORTANT /!\
Regardes ici, si tu souhaites te familiariser avec son utilisation: https://www.google.fr/?gws_rd=ssl
AVANT d'utiliser ComboFix :
→ Déconnecte ton PC d'Internet et referme les fenêtres de tous les programmes en cours. /!\
→ Désactive provisoirement (et seulement le temps de l'utilisation de ComboFix), la protection en temps réel de ton Antivirus et de tes Antispywares et de TOUT tes logiciels de protection !!!, (activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil). /!\
Sur ton bureau double clic sur Combofix.exe.
Appuies sur la touche 1, pour que le programme commence à s'exécuter et suis les instructions à l'écran.
/!\ PENDANT TOUTE la durée (ça peut être assez long si le pc est très infecté) du scan de ComboFix, n'ouvres aucun programme, ne touche pas à ta souris et ne surfe pas sur le net /!\
Soit patient (même si tu penses que le PC est arrêté) ; les temps « d'arrêt apparent » sont parfois de plusieurs minutes (il y a ± 40 étapes d’analyse).
En cours de nettoyage il est possible, que tu reçoives un avertissement te disant que le pc va redémarrer, laisse le faire.
Après le redemarrage du pc, un rapport s'ouvrira dans le Bloc notes en fin d'analyse, copie et colle tout son contenu dans ton prochain message.
(Le fichier rapport Combofix.txt , est ensuite automatiquement sauvegardé dans C:\Combofix.txt)
Ensuite réactive ta restauration système
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu décoches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]
A+
Bien suivre la procédure !!
bon ok je suis la procédure scrupuleusement ...je vais bientot pouvoir pirater une banque avec tot ce ke j'apprend lol
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ComboFix 08-02-17.2 - suzy 2008-02-17 22:20:40.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.176 [GMT 1:00]
Endroit: C:\Documents and Settings\suzy.AL\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVSystemCare
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\svchost.exe
C:\Documents and Settings\suzy.AL\Application Data\CROSOF~1.NET
C:\Documents and Settings\suzy.AL\Application Data\CROSOF~1.NET\??crosoft.NET\
C:\Documents and Settings\suzy.AL\Application Data\SEMBLY~1
C:\Documents and Settings\suzy.AL\Application Data\SEMBLY~1\?xplorer.exe
C:\Documents and Settings\suzy.AL\Menu Démarrer\Programmes\Outerinfo
C:\Program Files\Fichiers communs\AVSystemCare
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Temp\isgTi19
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\esmypdhb.ini
C:\WINDOWS\system32\ewqgwwgg.dll
C:\WINDOWS\system32\ext
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\Aut2Exe.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\AutoItSC.bin
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\Exe2Aut.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\AutoIt.chm
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\AutoIt.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\_Run_Me_First.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\_ReadMe_.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Adlib.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Calc.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Comspec.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\CPanel.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\DialUpNetworking.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Gosub.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\IfEqual.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Notepad.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Shutdown98.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Snapshot.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\BKRenamer\bkren.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\BKRenamer\bkren.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\choice.com
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\choice.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\deltree.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\KILL.EXE
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\kill.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\NirCmd - Freeware command-line tool for Windows.mht
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmd.chm
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmd.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmdc.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\readme.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\regcmd.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\regcmd.ini
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\sleep.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\sleep.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\TLIST.EXE
C:\WINDOWS\system32\ext\+BONUS\BONUS_Lisez.moi.txt
C:\WINDOWS\system32\ext\+BONUS\CustomStart\CustomStart.exe
C:\WINDOWS\system32\ext\+BONUS\DeskProjection\DProj.exe
C:\WINDOWS\system32\ext\+BONUS\DeskProjection\Readme.txt
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\dd.exe
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\DoubleDesktop.url
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\Readme.txt
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\v2.0
C:\WINDOWS\system32\ext\+BONUS\FileCHK\FileCHK.exe
C:\WINDOWS\system32\ext\+BONUS\FileCHK\readme.txt
C:\WINDOWS\system32\ext\+BONUS\FileCHK\Recover CHK Files.url
C:\WINDOWS\system32\ext\+BONUS\FileCHK\source.zip
C:\WINDOWS\system32\ext\+BONUS\FileCHK\v1.1.03
C:\WINDOWS\system32\ext\+BONUS\MatroskaShellExtension\Matroska.url
C:\WINDOWS\system32\ext\+BONUS\MatroskaShellExtension\MatroskaShellExtension_2.8.exe
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.chm
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.exe
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.url
C:\WINDOWS\system32\ext\+BONUS\MIMEView\v1.10
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\about.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\about1.PNG
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\compatibilityissues.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings3.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings4.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\features.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\frequentlyaskedquestions.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\generalsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\generalsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\gettingsupport.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\hotkeys.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\hotkeys1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\icon1.gif
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\icon2.gif
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\index.html
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\introduction.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\introduction1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\knownissues.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\left.html
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\settings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thanks.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize3.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize4.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thumbnailsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thumbnailsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\what'snew.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Images\about.png
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Images\splash.png
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.dll
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.exe
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.url
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Minimize_Settings.reg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\v1.0.34
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\buy.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\copyright.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\failed.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\faq.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\getplus.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\header.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\InTray.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\MemUsage.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\MmmCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\NoMmmBar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj103title20shd2pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj104geo247shd19pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj105geo248pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj107geo260shd20pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj10geo29pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj110geo267shd21pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj112geo105pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj113geo272shd22pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj114geo273pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj115geo114pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj116geo77pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj117geo107pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj124geo109shd27pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj127geo159shd26pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj139geo126shd28pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj143geo139shd29pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj190geo163pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj198geo172shd36pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj205geo187pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj206geo188shd35pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj209geo190pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj210geo168shd52pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj212geo165shd46pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj216geo171pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj217geo177pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj218geo178pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj219geo180shd38pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj220geo184pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj222geo185shd56pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj223geo183shd56pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj224geo182shd53pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj225geo197shd37pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj22geo56shd7pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj231geo203shd39pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj232geo194pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj236geo205shd54pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj243geo303shd40pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj247geo308shd41pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj258geo232pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj259geo235pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj261geo237pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj262geo249shd48pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj263geo236shd44pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj265geo238pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj269geo202shd45pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj274geo227shd47pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj278geo246pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj281geo252shd58pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj314geo230pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj315geo231shd59pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj316geo287pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj319geo292shd50pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj321geo289shd60pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj322geo290pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj324geo233shd51pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj325geo234pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj327geo296pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj330geo298pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj331geo299shd61pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj332geo241pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj367title279pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj375title70pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj37geo72shd9pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj39geo73shd10pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj3geo19shd4pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj410geo264shd64pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj431title126pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj521geo433shd6pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj61geo62shd8pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj63geo33shd12pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj64geo34pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj66geo82shd13pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj73geo104pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj75geo127pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj76geo128pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj77geo129pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj7geo24pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj80geo80shd11pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj82geo57pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj83geo61shd24pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj84geo63pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj85title92pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj88geo103shd25pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj91title91pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj92geo216shd15pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj93geo226pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj94geo229shd16pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj95title96pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj9geo28shd5pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\pluscfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PlusOptions'.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PlusOptions.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_BarColor.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_BeforeWildMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_Folders.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_iecontext.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_iemenubar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_IntroCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_IntroMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_MmmTaskbar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_StartMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_WildCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_WildMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\top.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\topleft.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\verify.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\x-click-but23.gif
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\index.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\licenses.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\mmmplus.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\new.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\screenshots.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\sending.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\success.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\whatsmmmplus.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\LANCER AU DEMARRAGE.cmd
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.dll
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.exe
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.url
C:\WINDOWS\system32\ext\+BONUS\Mmm\SUPPRIMER DU DEMARRAGE.cmd
C:\WINDOWS\system32\ext\+BONUS\Mmm\v2.02
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\Concept originel Fold n' Drop.url
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\foldndrop2.jar
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\foldndrop2.txt
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\background.png
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado - kMonos.NET.url
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.dll
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.exe
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.ini
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\ReadMe.txt
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\data.clp
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\data.qrp
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.cnt
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.exe
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\MCLIP.HLP
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.url
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.chm
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.exe
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.url
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey_lng.ini
C:\WINDOWS\system32\ext\+BONUS\ProduKey\readme.txt
C:\WINDOWS\system32\ext\+BONUS\ProduKey\v1.03fr
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\INSTALLER.cmd
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\Registry Explorer.url
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\regxplor.dll
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\v1.4.4
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\Resize Enable.url
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnable.dll
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnable.txt
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnableRunner.exe
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\v1.4
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\actions.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\actions2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\index.html
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menu.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menu2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menuc.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\options.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\sdesk.html
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\task.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\toolwin1.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\toolwin2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.dll
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.exe
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.ini
C:\WINDOWS\system32\ext\+BONUS\SDesk\v1.66s
C:\WINDOWS\system32\ext\+BONUS\SDesk\WINDOWS (copier sdesk.ini ici).lnk
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\frReadme.txt
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Language\English.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Language\French.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\SkinTrash.exe
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\SkinTrash.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\Lisez_moi.txt
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrab.dll
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrabber.exe
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrabber.hlp
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\v1.0
C:\WINDOWS\system32\ext\+BONUS\xCap\README.txt
C:\WINDOWS\system32\ext\+BONUS\xCap\settings.ini
C:\WINDOWS\system32\ext\+BONUS\xCap\xCapV109.exe
C:\WINDOWS\system32\ext\A43\a43.dat
C:\WINDOWS\system32\ext\A43\A43.exe
C:\WINDOWS\system32\ext\A43\A43.ini
C:\WINDOWS\system32\ext\A43\A43.url
C:\WINDOWS\system32\ext\A43\language.ini
C:\WINDOWS\system32\ext\A43\ReadMe.txt
C:\WINDOWS\system32\ext\A43\unrar.dll
C:\WINDOWS\system32\ext\A43\v2.45fr
C:\WINDOWS\system32\ext\AllSnap\allSnap.chm
C:\WINDOWS\system32\ext\AllSnap\allSnap.exe
C:\WINDOWS\system32\ext\AllSnap\auto_lineup.dll
C:\WINDOWS\system32\ext\AllSnap\snap_libW.dll
C:\WINDOWS\system32\ext\AllSnap\v1.31.5
C:\WINDOWS\system32\ext\Applications.htm
C:\WINDOWS\system32\ext\Applications\A43.gif
C:\WINDOWS\system32\ext\Applications\allsnap01.gif
C:\WINDOWS\system32\ext\Applications\allsnap02.gif
C:\WINDOWS\system32\ext\Applications\allsnap03.gif
C:\WINDOWS\system32\ext\Applications\allsnap04.gif
C:\WINDOWS\system32\ext\Applications\applications.gif
C:\WINDOWS\system32\ext\Applications\AsteriskLogger.gif
C:\WINDOWS\system32\ext\Applications\audio01.gif
C:\WINDOWS\system32\ext\Applications\audio02.gif
C:\WINDOWS\system32\ext\Applications\Autoruns.gif
C:\WINDOWS\system32\ext\Applications\CatAutres.gif
C:\WINDOWS\system32\ext\Applications\CatDemarrage.gif
C:\WINDOWS\system32\ext\Applications\CatMenuDemarrer.gif
C:\WINDOWS\system32\ext\Applications\CatMenuFichiersDossiers.gif
C:\WINDOWS\system32\ext\Applications\CatMenuPosteTravail.gif
C:\WINDOWS\system32\ext\Applications\CatProprietesFichiersDossiers.gif
C:\WINDOWS\system32\ext\Applications\cdbfshell.gif
C:\WINDOWS\system32\ext\Applications\cliptray01.gif
C:\WINDOWS\system32\ext\Applications\cliptray02.gif
C:\WINDOWS\system32\ext\Applications\cliptray03.gif
C:\WINDOWS\system32\ext\Applications\cliptray04.gif
C:\WINDOWS\system32\ext\Applications\cliptray05.gif
C:\WINDOWS\system32\ext\Applications\clocx01.gif
C:\WINDOWS\system32\ext\Applications\clocx02.gif
C:\WINDOWS\system32\ext\Applications\clocx03.gif
C:\WINDOWS\system32\ext\Applications\clocx04.gif
C:\WINDOWS\system32\ext\Applications\coccinelle.gif
C:\WINDOWS\system32\ext\Applications\contextviewer1.gif
C:\WINDOWS\system32\ext\Applications\contextviewer2.gif
C:\WINDOWS\system32\ext\Applications\CopyURL.gif
C:\WINDOWS\system32\ext\Applications\CRHexact.gif
C:\WINDOWS\system32\ext\Applications\CurrentPorts.gif
C:\WINDOWS\system32\ext\Applications\demineur.gif
C:\WINDOWS\system32\ext\Applications\dialog01.gif
C:\WINDOWS\system32\ext\Applications\dialog02.gif
C:\WINDOWS\system32\ext\Applications\dialog03.gif
C:\WINDOWS\system32\ext\Applications\disasteroids.gif
C:\WINDOWS\system32\ext\Applications\divx.gif
C:\WINDOWS\system32\ext\Applications\dmex01.gif
C:\WINDOWS\system32\ext\Applications\dmex02.gif
C:\WINDOWS\system32\ext\Applications\dmexcol.gif
C:\WINDOWS\system32\ext\Applications\doubledriver.gif
C:\WINDOWS\system32\ext\Applications\edithexa.gif
C:\WINDOWS\system32\ext\Applications\everest.gif
C:\WINDOWS\system32\ext\Applications\exif.gif
C:\WINDOWS\system32\ext\Applications\favoritesview.gif
C:\WINDOWS\system32\ext\Applications\febooticase.gif
C:\WINDOWS\system32\ext\Applications\febootihex.gif
C:\WINDOWS\system32\ext\Applications\filenote01.gif
C:\WINDOWS\system32\ext\Applications\filenote02.gif
C:\WINDOWS\system32\ext\Applications\filenote03.gif
C:\WINDOWS\system32\ext\Applications\flexiblerenamer.gif
C:\WINDOWS\system32\ext\Applications\foldersize.gif
C:\WINDOWS\system32\ext\Applications\fond.jpg
C:\WINDOWS\system32\ext\Applications\getfilesize1.gif
C:\WINDOWS\system32\ext\Applications\getfilesize2.gif
C:\WINDOWS\system32\ext\Applications\gmail01.gif
C:\WINDOWS\system32\ext\Applications\gmail02.gif
C:\WINDOWS\system32\ext\Applications\gmail03.gif
C:\WINDOWS\system32\ext\Applications\gmail04.gif
C:\WINDOWS\system32\ext\Applications\gotoshared.gif
C:\WINDOWS\system32\ext\Applications\hash.gif
C:\WINDOWS\system32\ext\Applications\IECookiesView.gif
C:\WINDOWS\system32\ext\Applications\IEHistoryView.gif
C:\WINDOWS\system32\ext\Applications\IEPrivacyKeeper1.gif
C:\WINDOWS\system32\ext\Applications\IEPrivacyKeeper2.gif
C:\WINDOWS\system32\ext\Applications\invaders1.gif
C:\WINDOWS\system32\ext\Applications\invaders2.gif
C:\WINDOWS\system32\ext\Applications\LabelFonctions.gif
C:\WINDOWS\system32\ext\Applications\LabelRepertoire.gif
C:\WINDOWS\system32\ext\Applications\LabelType.gif
C:\WINDOWS\system32\ext\Applications\menupostetravail.gif
C:\WINDOWS\system32\ext\Applications\messenpass.gif
C:\WINDOWS\system32\ext\Applications\mitecexec01.gif
C:\WINDOWS\system32\ext\Applications\mitecexec02.gif
C:\WINDOWS\system32\ext\Applications\mitecexec03.gif
C:\WINDOWS\system32\ext\Applications\mitecexec04.gif
C:\WINDOWS\system32\ext\Applications\mitecimage01.gif
C:\WINDOWS\system32\ext\Applications\mitecimage02.gif
C:\WINDOWS\system32\ext\Applications\mmm01.gif
C:\WINDOWS\system32\ext\Applications\mmm02.gif
C:\WINDOWS\system32\ext\Applications\mpv.gif
C:\WINDOWS\system32\ext\Applications\netpass.gif
C:\WINDOWS\system32\ext\Applications\notepad++.gif
C:\WINDOWS\system32\ext\Applications\Othello.gif
C:\WINDOWS\system32\ext\Applications\pathcopy.gif
C:\WINDOWS\system32\ext\Applications\phmBootLogo.dll..gif
C:\WINDOWS\system32\ext\Applications\phmFilesystemCustomize.dll.gif
C:\WINDOWS\system32\ext\Applications\phmFolderAppearance.dll.gif
C:\WINDOWS\system32\ext\Applications\phmFolderAppearance02.dll.gif
C:\WINDOWS\system32\ext\Applications\ProcessViewer.gif
C:\WINDOWS\system32\ext\Applications\propplus01.gif
C:\WINDOWS\system32\ext\Applications\propplus02.gif
C:\WINDOWS\system32\ext\Applications\pspv.gif
C:\WINDOWS\system32\ext\Applications\regalyzer.gif
C:\WINDOWS\system32\ext\Applications\regcompact.gif
C:\WINDOWS\system32\ext\Applications\regseeker.gif
C:\WINDOWS\system32\ext\Applications\Regshot.gif
C:\WINDOWS\system32\ext\Applications\restoredesktop.gif
C:\WINDOWS\system32\ext\Applications\runwithparameters.gif
C:\WINDOWS\system32\ext\Applications\shellmenuview.gif
C:\WINDOWS\system32\ext\Applications\shortcutsman.gif
C:\WINDOWS\system32\ext\Applications\sizer1.gif
C:\WINDOWS\system32\ext\Applications\sizer2.gif
C:\WINDOWS\system32\ext\Applications\sizer3.gif
C:\WINDOWS\system32\ext\Applications\starter.gif
C:\WINDOWS\system32\ext\Applications\statbar01.gif
C:\WINDOWS\system32\ext\Applications\statbar02.gif
C:\WINDOWS\system32\ext\Applications\swf1.gif
C:\WINDOWS\system32\ext\Applications\swf2.gif
C:\WINDOWS\system32\ext\Applications\swf3.gif
C:\WINDOWS\system32\ext\Applications\swf4.gif
C:\WINDOWS\system32\ext\Applications\taskswitch01.gif
C:\WINDOWS\system32\ext\Applications\taskswitch02.gif
C:\WINDOWS\system32\ext\Applications\taskswitch03.gif
C:\WINDOWS\system32\ext\Applications\thumbview.gif
C:\WINDOWS\system32\ext\Applications\tri.gif
C:\WINDOWS\system32\ext\Applications\tugzip.gif
C:\WINDOWS\system32\ext\Applications\TypeDLL.gif
C:\WINDOWS\system32\ext\Applications\TypeEXE.gif
C:\WINDOWS\system32\ext\Applications\ubericon.gif
C:\WINDOWS\system32\ext\Applications\unlocker01.gif
C:\WINDOWS\system32\ext\Applications\unlocker02.gif
C:\WINDOWS\system32\ext\Applications\unlocker03.gif
C:\WINDOWS\system32\ext\Applications\wholockme01.gif
C:\WINDOWS\system32\ext\Applications\wholockme02.gif
C:\WINDOWS\system32\ext\Applications\whyreboot.gif
C:\WINDOWS\system32\ext\Applications\winroll.gif
C:\WINDOWS\system32\ext\Applications\winservices.gif
C:\WINDOWS\system32\ext\Applications\xnstop.gif
C:\WINDOWS\system32\ext\Applications\XPSP2+_Chrysalide_Widescreen.jpg
C:\WINDOWS\system32\ext\Applications\xvid.gif
C:\WINDOWS\system32\ext\Applications\yz01.gif
C:\WINDOWS\system32\ext\Applications\yz02.gif
C:\WINDOWS\system32\ext\Applications\yz02b.gif
C:\WINDOWS\system32\ext\Applications\yz03.gif
C:\WINDOWS\system32\ext\AsteriskLogger\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\AsteriskLogger\Asterisk Logger.url
C:\WINDOWS\system32\ext\AsteriskLogger\astlog.chm
C:\WINDOWS\system32\ext\AsteriskLogger\astlog.exe
C:\WINDOWS\system32\ext\AsteriskLogger\astlog_lng.ini
C:\WINDOWS\system32\ext\AsteriskLogger\ReadMe.txt
C:\WINDOWS\system32\ext\AsteriskLogger\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\AsteriskLogger\v1.02fr
C:\WINDOWS\system32\ext\Audioshellext\AudioShell.url
C:\WINDOWS\system32\ext\Audioshellext\AudioShellExt.dll
C:\WINDOWS\system32\ext\Audioshellext\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Audioshellext\INSTALLER.cmd
C:\WINDOWS\system32\ext\Audioshellext\v1.0.1
C:\WINDOWS\system32\ext\Autoruns\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Autoruns\autoruns.chm
C:\WINDOWS\system32\ext\Autoruns\autoruns.exe
C:\WINDOWS\system32\ext\Autoruns\Autoruns.url
C:\WINDOWS\system32\ext\Autoruns\autorunsc.exe
C:\WINDOWS\system32\ext\Autoruns\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Autoruns\v8.42
C:\WINDOWS\system32\ext\CDBFShellExt\CDBF Shell Extension.url
C:\WINDOWS\system32\ext\CDBFShellExt\cdbfshell.dll
C:\WINDOWS\system32\ext\CDBFShellExt\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\CDBFShellExt\exemple.dbf
C:\WINDOWS\system32\ext\CDBFShellExt\INSTALLER.cmd
C:\WINDOWS\system32\ext\CDBFShellExt\readme.txt
C:\WINDOWS\system32\ext\CDBFShellExt\v1.0
C:\WINDOWS\system32\ext\ClipTray\ClipTray.chm
C:\WINDOWS\system32\ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\ext\ClipTray\ClipTray.ini
C:\WINDOWS\system32\ext\ClipTray\ClipTray.url
C:\WINDOWS\system32\ext\ClipTray\Personal.dat
C:\WINDOWS\system32\ext\ClipTray\v1.61fr
C:\WINDOWS\system32\ext\ClocX\ClocX.exe
C:\WINDOWS\system32\ext\ClocX\ClocX.url
C:\WINDOWS\system32\ext\ClocX\Lang\French.lng
C:\WINDOWS\system32\ext\ClocX\Presets\BlueSphere2.png
C:\WINDOWS\system32\ext\ClocX\Presets\CloQ.ini
C:\WINDOWS\system32\ext\ClocX\Presets\CloQ.png
C:\WINDOWS\system32\ext\ClocX\Presets\default.bmp
C:\WINDOWS\system32\ext\ClocX\Presets\default.ini
C:\WINDOWS\system32\ext\ClocX\Presets\GlowMarvilla.png
C:\WINDOWS\system32\ext\ClocX\Presets\Snowball Clock.png
C:\WINDOWS\system32\ext\ClocX\Presets\street.ini
C:\WINDOWS\system32\ext\ClocX\Presets\street.png
C:\WINDOWS\system32\ext\ClocX\Presets\streethour.hpng
C:\WINDOWS\system32\ext\ClocX\Presets\streetmin.hpng
C:\WINDOWS\system32\ext\ClocX\ReadMe.txt
C:\WINDOWS\system32\ext\ClocX\v1.5.1fr
C:\WINDOWS\system32\ext\ContextViewer\Context Viewer.url
C:\WINDOWS\system32\ext\ContextViewer\ContView.exe
C:\WINDOWS\system32\ext\ContextViewer\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\ContextViewer\INSTALLER.cmd
C:\WINDOWS\system32\ext\ContextViewer\plugins\AXZIP.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\AXZIP.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifDIB.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFGIF.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifgif.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFJPEG.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifjpeg.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFMAG.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFMAG.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPI.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPI.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC2.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC2.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifpict.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifSunRAS.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifTGA.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFTIFF.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\iftiff.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifTIFF6.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifWMF.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFXLD4.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFXLD4.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\LHASAD.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\LHASAD.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\LZR.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\LZRP.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.clw
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.dsp
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.dsw
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.rc
C:\WINDOWS\system32\ext\ContextViewer\ReadMe.txt
C:\WINDOWS\system32\ext\ContextViewer\v1.41fr
C:\WINDOWS\system32\ext\CopyURL\CopyURL.dll
C:\WINDOWS\system32\ext\CopyURL\CopyURL.txt
C:\WINDOWS\system32\ext\CopyURL\CopyURL.url
C:\WINDOWS\system32\ext\CopyURL\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\CopyURL\INSTALLER.cmd
C:\WINDOWS\system32\ext\CopyURL\ReadMe.txt
C:\WINDOWS\system32\ext\CopyURL\v2.31fr
C:\WINDOWS\system32\ext\CRHexact\aide.chm
C:\WINDOWS\system32\ext\CRHexact\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.diz
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.exe
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.url
C:\WINDOWS\system32\ext\CRHexact\enregistrement_fr.txt
C:\WINDOWS\system32\ext\CRHexact\francais.lng
C:\WINDOWS\system32\ext\CRHexact\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CRHexact\v2.3fr
C:\WINDOWS\system32\ext\CurrentPorts\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CurrentPorts\cports.chm
C:\WINDOWS\system32\ext\CurrentPorts\cports.exe
C:\WINDOWS\system32\ext\CurrentPorts\cports_lng.ini
C:\WINDOWS\system32\ext\CurrentPorts\CurrPorts.url
C:\WINDOWS\system32\ext\CurrentPorts\readme.txt
C:\WINDOWS\system32\ext\CurrentPorts\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CurrentPorts\v1.07fr
C:\WINDOWS\system32\ext\DialogBoxAssistant\Dialog Box Assistant.url
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDEx.chm
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDExLib.dll
C:\WINDOWS\system32\ext\DialogBoxAssistant\ReadMe.txt
C:\WINDOWS\system32\ext\DialogBoxAssistant\v1.1
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids 3D.url
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids3D.cfg
C:\WINDOWS\system32\ext\Disasteroids3D\disasteroids3d.dat
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids3D.exe
C:\WINDOWS\system32\ext\Divx\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Divx\DivX.url
C:\WINDOWS\system32\ext\Divx\Divxconfig.exe
C:\WINDOWS\system32\ext\Divx\divxdec.ax
C:\WINDOWS\system32\ext\Divx\INSTALLER.cmd
C:\WINDOWS\system32\ext\Divx\v5.0.5 (dernière compatible VirtualDub)
C:\WINDOWS\system32\ext\DmexBar\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\DmexBar\dmexalign.exe
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange all horizontal.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange all vertical.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange two horizontal.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange two vertical.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Restore positions.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Save position and minimize.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Save position.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexbar.dll
C:\WINDOWS\system32\ext\DmexBar\dmexbar.dll.manifest
C:\WINDOWS\system32\ext\DmexBar\DMEXBAR.HLP
C:\WINDOWS\system32\ext\DmexBar\dmexbar.ini
C:\WINDOWS\system32\ext\DmexBar\DmexBar.url
C:\WINDOWS\system32\ext\DmexBar\francais.lng
C:\WINDOWS\system32\ext\DmexBar\INSTALLER.cmd
C:\WINDOWS\system32\ext\DmexBar\unsplit.exe
C:\WINDOWS\system32\ext\DmexBar\UnzDll.dll
C:\WINDOWS\system32\ext\DmexBar\v10
C:\WINDOWS\system32\ext\DmexBar\viewer.exe
C:\WINDOWS\system32\ext\DmexBar\viewer.ini
C:\WINDOWS\system32\ext\DmexBar\ZipDll.dll
C:\WINDOWS\system32\ext\DmexCol\DESINSTALLER.reg
C:\WINDOWS\system32\ext\DmexCol\DmexBar.url
C:\WINDOWS\system32\ext\DmexCol\dmexcol.dll
C:\WINDOWS\system32\ext\DmexCol\dmexcol.hlp
C:\WINDOWS\system32\ext\DmexCol\INSTALLER.cmd
C:\WINDOWS\system32\ext\DmexCol\v10fr
C:\WINDOWS\system32\ext\DoubleDriver\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\DoubleDriver\dd.chm
C:\WINDOWS\system32\ext\DoubleDriver\dd.exe
C:\WINDOWS\system32\ext\DoubleDriver\dd.ini
C:\WINDOWS\system32\ext\DoubleDriver\Double Driver.url
C:\WINDOWS\system32\ext\DoubleDriver\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\DoubleDriver\v1.0
C:\WINDOWS\system32\ext\EasyRead\AJOUTER A LA BARRE DE BOUTONS.cmd
C:\WINDOWS\system32\ext\EasyRead\EasyRead.cmd
C:\WINDOWS\system32\ext\EasyRead\EasyRead.gif
C:\WINDOWS\system32\ext\EasyRead\EasyRead.url
C:\WINDOWS\system32\ext\EasyRead\Iconico.ico
C:\WINDOWS\system32\ext\EasyRead\ShellExec.exe
C:\WINDOWS\system32\ext\EasyRead\SUPPRIMER DE LA BARRE DE BOUTONS.cmd
C:\WINDOWS\system32\ext\EasyRead\ZoomIn.ico
C:\WINDOWS\system32\ext\EasyRead\ZoomIn.js
C:\WINDOWS\system32\ext\EasyRead\ZoomOut.ico
C:\WINDOWS\system32\ext\EasyRead\ZoomOut.js
C:\WINDOWS\system32\ext\Everest\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Everest\everest.bin
C:\WINDOWS\system32\ext\Everest\everest.chm
C:\WINDOWS\system32\ext\Everest\everest.dat
C:\WINDOWS\system32\ext\Everest\everest.exe
C:\WINDOWS\system32\ext\Everest\everest.mem
C:\WINDOWS\system32\ext\Everest\everest.web
C:\WINDOWS\system32\ext\Everest\everest_cpl.cpl
C:\WINDOWS\system32\ext\Everest\everest_icons.dll
C:\WINDOWS\system32\ext\Everest\everest_memlat.dll
C:\WINDOWS\system32\ext\Everest\everest_xpicons.dll
C:\WINDOWS\system32\ext\Everest\everest_zipdll.dll
C:\WINDOWS\system32\ext\Everest\kerneld.amd64
C:\WINDOWS\system32\ext\Everest\kerneld.ia64
C:\WINDOWS\system32\ext\Everest\kerneld.w9x
C:\WINDOWS\system32\ext\Everest\kerneld.wnt
C:\WINDOWS\system32\ext\Everest\Language\lang_fr.txt
C:\WINDOWS\system32\ext\Everest\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Everest\v2.20fr
C:\WINDOWS\system32\ext\Exif\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Exif\Exif Shell Extension.url
C:\WINDOWS\system32\ext\Exif\exif.dll
C:\WINDOWS\system32\ext\Exif\INSTALLER.cmd
C:\WINDOWS\system32\ext\Exif\v1.02
C:\WINDOWS\system32\ext\FavoritesView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FavoritesView\faview.chm
C:\WINDOWS\system32\ext\FavoritesView\faview.exe
C:\WINDOWS\system32\ext\FavoritesView\faview_lng.ini
C:\WINDOWS\system32\ext\FavoritesView\FavoritesView.url
C:\WINDOWS\system32\ext\FavoritesView\ReadMe.txt
C:\WINDOWS\system32\ext\FavoritesView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FavoritesView\v1.0fr
C:\WINDOWS\system32\ext\FebootiCase\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiCase\fCase.dll
C:\WINDOWS\system32\ext\FebootiCase\Febooti.url
C:\WINDOWS\system32\ext\FebootiCase\INSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiCase\Traduction française par club83 du forum xpcoccinelle.free.fr
C:\WINDOWS\system32\ext\FebootiCase\V1.1
C:\WINDOWS\system32\ext\FebootiHex\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiHex\Febooti.url
C:\WINDOWS\system32\ext\FebootiHex\fHex.dll
C:\WINDOWS\system32\ext\FebootiHex\INSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiHex\Traduction française par club83 du forum xpcoccinelle.free.fr
C:\WINDOWS\system32\ext\FebootiHex\V1.0
C:\WINDOWS\system32\ext\Filenote\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Filenote\FileNote.dll
C:\WINDOWS\system32\ext\Filenote\FileNote.url
C:\WINDOWS\system32\ext\Filenote\INSTALLER.cmd
C:\WINDOWS\system32\ext\Filenote\ReadMe.txt
C:\WINDOWS\system32\ext\Filenote\v1.0
C:\WINDOWS\system32\ext\FlexibleRenamer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.exe
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.exe.manifest
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.ini
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.url
C:\WINDOWS\system32\ext\FlexibleRenamer\HistoryEN.txt
C:\WINDOWS\system32\ext\FlexibleRenamer\PresetEN.ini
C:\WINDOWS\system32\ext\FlexibleRenamer\ReadMeEN.txt
C:\WINDOWS\system32\ext\FlexibleRenamer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FlexibleRenamer\v7.3
C:\WINDOWS\system32\ext\FolderSize\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FolderSize\Folder Size.url
C:\WINDOWS\system32\ext\FolderSize\FolderSize.msi
C:\WINDOWS\system32\ext\FolderSize\fr\FolderSizeColumn.dll
C:\WINDOWS\system32\ext\FolderSize\INSTALLER.cmd
C:\WINDOWS\system32\ext\FolderSize\v2.1fr
C:\WINDOWS\system32\ext\GetFileSize\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\GetFileSize\Get File Size.url
C:\WINDOWS\system32\ext\GetFileSize\GetFileSize.exe
C:\WINDOWS\system32\ext\GetFileSize\gfs.chm
C:\WINDOWS\system32\ext\GetFileSize\INSTALLER.cmd
C:\WINDOWS\system32\ext\GetFileSize\v2.2
C:\WINDOWS\system32\ext\Gmail\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Gmail\Gmail Drive en francais.url
C:\WINDOWS\system32\ext\Gmail\GMail Drive shell extension.url
C:\WINDOWS\system32\ext\Gmail\GMailFS.dll
C:\WINDOWS\system32\ext\Gmail\INSTALLER.cmd
C:\WINDOWS\system32\ext\Gmail\v1.0.8
C:\WINDOWS\system32\ext\GotoShared\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\GotoShared\GoTo Shared.url
C:\WINDOWS\system32\ext\GotoShared\GotoShared.exe
C:\WINDOWS\system32\ext\GotoShared\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\GotoShared\v1.0fr
C:\WINDOWS\system32\ext\HashTab\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\HashTab\HashTab Shell Extension.url
C:\WINDOWS\system32\ext\HashTab\HashTab.dll
C:\WINDOWS\system32\ext\HashTab\INSTALLER.cmd
C:\WINDOWS\system32\ext\HashTab\v1.7fr
C:\WINDOWS\system32\ext\IECookiesView\ads.txt
C:\WINDOWS\system32\ext\IECookiesView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IECookiesView\IECookiesView.url
C:\WINDOWS\system32\ext\IECookiesView\iecv.chm
C:\WINDOWS\system32\ext\IECookiesView\iecv.exe
C:\WINDOWS\system32\ext\IECookiesView\iecv_lng.ini
C:\WINDOWS\system32\ext\IECookiesView\ReadMe.txt
C:\WINDOWS\system32\ext\IECookiesView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IECookiesView\v1.70fr
C:\WINDOWS\system32\ext\IEHistoryView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEHistoryView\IEHistoryView.url
C:\WINDOWS\system32\ext\IEHistoryView\iehv.chm
C:\WINDOWS\system32\ext\IEHistoryView\iehv.exe
C:\WINDOWS\system32\ext\IEHistoryView\iehv_lng.ini
C:\WINDOWS\system32\ext\IEHistoryView\ReadMe.txt
C:\WINDOWS\system32\ext\IEHistoryView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEHistoryView\v1.30fr
C:\WINDOWS\system32\ext\IEPrivacyKeeper\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEPrivacyKeeper\dbghelp.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\hgc.ani
C:\WINDOWS\system32\ext\IEPrivacyKeeper\IE Privacy Keeper.url
C:\WINDOWS\system32\ext\IEPrivacyKeeper\iepk.ico
C:\WINDOWS\system32\ext\IEPrivacyKeeper\iepk.wav
C:\WINDOWS\system32\ext\IEPrivacyKeeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ext\IEPrivacyKeeper\Lang\French.lng
C:\WINDOWS\system32\ext\IEPrivacyKeeper\license_fr.txt
C:\WINDOWS\system32\ext\IEPrivacyKeeper\ntqsi.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\SecureDelete.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEPrivacyKeeper\UnHCrashReport.exe
C:\WINDOWS\system32\ext\IEPrivacyKeeper\v2.7.2fr
C:\WINDOWS\system32\ext\MailPassView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MailPassView\Lisez-moi.txt
C:\WINDOWS\system32\ext\MailPassView\mailpv.chm
C:\WINDOWS\system32\ext\MailPassView\mailpv_lng.ini
C:\WINDOWS\system32\ext\MailPassView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MailPassView\v1.32fr
C:\WINDOWS\system32\ext\MessenPass\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MessenPass\mspass.chm
C:\WINDOWS\system32\ext\MessenPass\mspass_lng.ini
C:\WINDOWS\system32\ext\MessenPass\ReadMe.txt
C:\WINDOWS\system32\ext\MessenPass\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MessenPass\v1.04fr
C:\WINDOWS\system32\ext\Minesweeper3D\docs\cubes-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\dodeca-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\index.html
C:\WINDOWS\system32\ext\Minesweeper3D\docs\mail.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\sprites-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper 3D.url
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper3D.exe
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper3D.ico
C:\WINDOWS\system32\ext\Minesweeper3D\mingwm10.dll
C:\WINDOWS\system32\ext\Minesweeper3D\saves\screenshot
C:\WINDOWS\system32\ext\Minesweeper3D\settings\default
C:\WINDOWS\system32\ext\Minesweeper3D\skins\default\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\default\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\sprites\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\sprites\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\transolid\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\transolid\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\v2005-01-10
C:\WINDOWS\system32\ext\MitecExec\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MitecExec\INSTALLER.cmd
C:\WINDOWS\system32\ext\MitecExec\MiTeC Shell Extension Pack.url
C:\WINDOWS\system32\ext\MitecExec\MPEISE.dll
C:\WINDOWS\system32\ext\MitecExec\ReadMe.txt
C:\WINDOWS\system32\ext\MitecExec\v3.2
C:\WINDOWS\system32\ext\MitecImage\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MitecImage\INSTALLER.cmd
C:\WINDOWS\system32\ext\MitecImage\MIPSE.dll
C:\WINDOWS\system32\ext\MitecImage\MiTeC Shell Extension Pack.url
C:\WINDOWS\system32\ext\MitecImage\ReadMe.txt
C:\WINDOWS\system32\ext\MitecImage\v3.2
C:\WINDOWS\system32\ext\MP3Lame\ACM codec version of Lame MP3 encoder.url
C:\WINDOWS\system32\ext\MP3Lame\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MP3Lame\INSTALLER.cmd
C:\WINDOWS\system32\ext\MP3Lame\lame.exe
C:\WINDOWS\system32\ext\MP3Lame\lame_acm.xml
C:\WINDOWS\system32\ext\MP3Lame\lame_enc.dll
C:\WINDOWS\system32\ext\MP3Lame\lameACM.acm
C:\WINDOWS\system32\ext\MP3Lame\LameACM.inf
C:\WINDOWS\system32\ext\MP3Lame\v3.96
C:\WINDOWS\system32\ext\NetPass\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\NetPass\netpass.chm
C:\WINDOWS\system32\ext\NetPass\netpass_lng.ini
C:\WINDOWS\system32\ext\NetPass\Network Password Recovery.url
C:\WINDOWS\system32\ext\NetPass\ReadMe.txt
C:\WINDOWS\system32\ext\NetPass\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\NetPass\v1.02fr
C:\WINDOWS\system32\ext\Notepad++\config.xml
C:\WINDOWS\system32\ext\Notepad++\contextMenu.xml
C:\WINDOWS\system32\ext\Notepad++\doLocalConf.xml
C:\WINDOWS\system32\ext\Notepad++\Icons\blank.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\fileopen_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\fileopen_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\find_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\find_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\indent_guideline_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\indent_guideline_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\invisible_char_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\invisible_char_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\new_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\new_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\playback_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\playback_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\print_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\print_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\record_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\stop_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\stop_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\viewDlg_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\viewDlg_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\wrap_text_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\wrap_text_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomIn_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomIn_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomOut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomOut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\fileopen_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\fileopen_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\find_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\find_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\new_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\new_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\print_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\print_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\readme.txt
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\toolbarIcons.xml
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\viewDlg_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\viewDlg_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomIn_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomIn_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomOut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomOut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\insertExt.ini
C:\WINDOWS\system32\ext\Notepad++\langs.xml
C:\WINDOWS\system32\ext\Notepad++\license.txt
C:\WINDOWS\system32\ext\Notepad++\LINEDRAW.TTF
C:\WINDOWS\system32\ext\Notepad++\nativeLang.xml
C:\WINDOWS\system32\ext\Notepad++\notepad++.exe
C:\WINDOWS\system32\ext\Notepad++\Notepad++.url
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\1 - dllcache.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\2 - system32.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\3 - WINDOWS.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\notepad.exe
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\readme.txt
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\c.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\cpp.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\css.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\flash.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\java.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\javascript.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\lisp.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\perl.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\php.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\python.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\vb.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\vhdl.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\winbatch.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\xml.api
C:\WINDOWS\system32\ext\Notepad++\plugins\NppInsertPlugin.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX.ini
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\AsciiToEBCDIC.bin
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\libTidy.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\NPPTextFXdemo.TXT
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\TIDYCFG.INI
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\W3C-CSSValidator.htm
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\W3C-HTMLValidator.htm
C:\WINDOWS\system32\ext\Notepad++\plugins\XMLCheck.dll
C:\WINDOWS\system32\ext\Notepad++\ReadMe.txt
C:\WINDOWS\system32\ext\Notepad++\SciLexer.dll
C:\WINDOWS\system32\ext\Notepad++\shortcuts.xml
C:\WINDOWS\system32\ext\Notepad++\stylers.xml
C:\WINDOWS\system32\ext\Notepad++\toolbarIcons.xml
C:\WINDOWS\system32\ext\Notepad++\userDefineLang_ruby.xml
C:\WINDOWS\system32\ext\Notepad++\userDefineLang_winbatch.xml
C:\WINDOWS\system32\ext\Notepad++\v3.3fr
C:\WINDOWS\system32\ext\OGGVorbis\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\OGGVorbis\INSTALLER.cmd
C:\WINDOWS\system32\ext\OGGVorbis\ReadMe.txt
C:\WINDOWS\system32\ext\OGGVorbis\uninstall.inf
C:\WINDOWS\system32\ext\OGGVorbis\v1.0
C:\WINDOWS\system32\ext\OGGVorbis\Vorbis Ogg ACM Codec.url
C:\WINDOWS\system32\ext\OGGVorbis\vorbis.acm
C:\WINDOWS\system32\ext\OGGVorbis\vorbisacm.inf
C:\WINDOWS\system32\ext\Othello\Othello.exe
C:\WINDOWS\system32\ext\Othello\ReadMe.txt
C:\WINDOWS\system32\ext\Othello\v2.0
C:\WINDOWS\system32\ext\PathCopy\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PathCopy\INSTALLER.cmd
C:\WINDOWS\system32\ext\PathCopy\PATHCO32.DLL
C:\WINDOWS\system32\ext\PathCopy\PATHCO64.DLL
C:\WINDOWS\system32\ext\PathCopy\PATHCOPY.HLP
C:\WINDOWS\system32\ext\PathCopy\PATHCOPY.INF
C:\WINDOWS\system32\ext\PathCopy\ReadMe.txt
C:\WINDOWS\system32\ext\PathCopy\v4.0fr
C:\WINDOWS\system32\ext\PHMPlusBoot\BootLogo.dll
C:\WINDOWS\system32\ext\PHMPlusBoot\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusBoot\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusBoot\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusBoot\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusBoot\v1.0
C:\WINDOWS\system32\ext\PHMPlusFile\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFile\FilesystemCustomize.dll
C:\WINDOWS\system32\ext\PHMPlusFile\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFile\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusFile\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusFile\v1.0
C:\WINDOWS\system32\ext\PHMPlusFolder\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFolder\FolderAppearance.dll
C:\WINDOWS\system32\ext\PHMPlusFolder\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFolder\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusFolder\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusFolder\v1.0
C:\WINDOWS\system32\ext\ProcessViewer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\ProcessViewer\GraphControl.dll
C:\WINDOWS\system32\ext\ProcessViewer\PrcMon.dll
C:\WINDOWS\system32\ext\ProcessViewer\PrcView.exe
C:\WINDOWS\system32\ext\ProcessViewer\PRCVIEW.HLP
C:\WINDOWS\system32\ext\ProcessViewer\Process Viewer.url
C:\WINDOWS\system32\ext\ProcessViewer\pv.exe
C:\WINDOWS\system32\ext\ProcessViewer\ReadMe.txt
C:\WINDOWS\system32\ext\ProcessViewer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\ProcessViewer\v5.2
C:\WINDOWS\system32\ext\Propplus\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Propplus\INSTALLER.cmd
C:\WINDOWS\system32\ext\Propplus\ppsetup.exe
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.DLL
C:\WINDOWS\system32\ext\Propplus\Ppshlext.exe
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.INF
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.TXT
C:\WINDOWS\system32\ext\Propplus\v1.65fr
C:\WINDOWS\system32\ext\PSPassView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\PSPassView\Lisez-moi !.txt
C:\WINDOWS\system32\ext\PSPassView\Protected Storage PassView.url
C:\WINDOWS\system32\ext\PSPassView\pspv.chm
C:\WINDOWS\system32\ext\PSPassView\pspv_lng.ini
C:\WINDOWS\system32\ext\PSPassView\rawdata.html
C:\WINDOWS\system32\ext\PSPassView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\PSPassView\v1.62fr
C:\WINDOWS\system32\ext\RegAlyzer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\RegAlyzer\Bookmarks.txt
C:\WINDOWS\system32\ext\RegAlyzer\Help\Francais.chm
C:\WINDOWS\system32\ext\RegAlyzer\Languages\English.ral
C:\WINDOWS\system32\ext\RegAlyzer\Languages\Francais.ral
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.exe
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.rdb
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.url
C:\WINDOWS\system32\ext\RegAlyzer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\RegAlyzer\v1.2fr
C:\WINDOWS\system32\ext\RegCompact\AJOUTER AU MENU CONTEXTUEL.c
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.176 [GMT 1:00]
Endroit: C:\Documents and Settings\suzy.AL\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVSystemCare
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\svchost.exe
C:\Documents and Settings\suzy.AL\Application Data\CROSOF~1.NET
C:\Documents and Settings\suzy.AL\Application Data\CROSOF~1.NET\??crosoft.NET\
C:\Documents and Settings\suzy.AL\Application Data\SEMBLY~1
C:\Documents and Settings\suzy.AL\Application Data\SEMBLY~1\?xplorer.exe
C:\Documents and Settings\suzy.AL\Menu Démarrer\Programmes\Outerinfo
C:\Program Files\Fichiers communs\AVSystemCare
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Temp\isgTi19
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\esmypdhb.ini
C:\WINDOWS\system32\ewqgwwgg.dll
C:\WINDOWS\system32\ext
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\Aut2Exe.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\AutoItSC.bin
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Aut2Exe\Exe2Aut.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\AutoIt.chm
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\AutoIt.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\_Run_Me_First.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\_ReadMe_.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Adlib.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Calc.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Comspec.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\CPanel.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\DialUpNetworking.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Gosub.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\IfEqual.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Notepad.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Shutdown98.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\AutoIt_2.64\Examples\English\Snapshot.aut
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\BKRenamer\bkren.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\BKRenamer\bkren.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\choice.com
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\choice.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\deltree.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\KILL.EXE
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\kill.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\NirCmd - Freeware command-line tool for Windows.mht
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmd.chm
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmd.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\NirCmd v1.80 - Freeware command-line tool\nircmdc.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\readme.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\regcmd.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\RegCmd\regcmd.ini
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\sleep.exe
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\sleep.txt
C:\WINDOWS\system32\ext\+BONUS\+ UTILS EN LIGNE DE COMMANDE\TLIST.EXE
C:\WINDOWS\system32\ext\+BONUS\BONUS_Lisez.moi.txt
C:\WINDOWS\system32\ext\+BONUS\CustomStart\CustomStart.exe
C:\WINDOWS\system32\ext\+BONUS\DeskProjection\DProj.exe
C:\WINDOWS\system32\ext\+BONUS\DeskProjection\Readme.txt
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\dd.exe
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\DoubleDesktop.url
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\Readme.txt
C:\WINDOWS\system32\ext\+BONUS\DoubleDesktop\v2.0
C:\WINDOWS\system32\ext\+BONUS\FileCHK\FileCHK.exe
C:\WINDOWS\system32\ext\+BONUS\FileCHK\readme.txt
C:\WINDOWS\system32\ext\+BONUS\FileCHK\Recover CHK Files.url
C:\WINDOWS\system32\ext\+BONUS\FileCHK\source.zip
C:\WINDOWS\system32\ext\+BONUS\FileCHK\v1.1.03
C:\WINDOWS\system32\ext\+BONUS\MatroskaShellExtension\Matroska.url
C:\WINDOWS\system32\ext\+BONUS\MatroskaShellExtension\MatroskaShellExtension_2.8.exe
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.chm
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.exe
C:\WINDOWS\system32\ext\+BONUS\MIMEView\MIMEView.url
C:\WINDOWS\system32\ext\+BONUS\MIMEView\v1.10
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\about.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\about1.PNG
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\compatibilityissues.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusions2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings3.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\exclusionsettings4.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\features.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\frequentlyaskedquestions.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\generalsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\generalsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\gettingsupport.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\hotkeys.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\hotkeys1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\icon1.gif
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\icon2.gif
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\index.html
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\introduction.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\introduction1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\knownissues.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\left.html
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\settings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thanks.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize2.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize3.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thepartsofminimize4.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thumbnailsettings.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\thumbnailsettings1.jpg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Help\what'snew.htm
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Images\about.png
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Images\splash.png
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.dll
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.exe
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\miniMIZE.url
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\Minimize_Settings.reg
C:\WINDOWS\system32\ext\+BONUS\miniMIZE\v1.0.34
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\buy.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\copyright.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\failed.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\faq.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\getplus.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\header.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\InTray.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\MemUsage.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\MmmCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\NoMmmBar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj103title20shd2pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj104geo247shd19pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj105geo248pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj107geo260shd20pg5p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj10geo29pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj110geo267shd21pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj112geo105pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj113geo272shd22pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj114geo273pg6p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj115geo114pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj116geo77pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj117geo107pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj124geo109shd27pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj127geo159shd26pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj139geo126shd28pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj143geo139shd29pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj190geo163pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj198geo172shd36pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj205geo187pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj206geo188shd35pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj208geo189pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj209geo190pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj210geo168shd52pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj212geo165shd46pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj216geo171pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj217geo177pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj218geo178pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj219geo180shd38pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj220geo184pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj222geo185shd56pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj223geo183shd56pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj224geo182shd53pg10p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj225geo197shd37pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj22geo56shd7pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj231geo203shd39pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj232geo194pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj236geo205shd54pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj243geo303shd40pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj247geo308shd41pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj258geo232pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj259geo235pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj261geo237pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj262geo249shd48pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj263geo236shd44pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj265geo238pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj269geo202shd45pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj274geo227shd47pg9p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj278geo246pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj281geo252shd58pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj314geo230pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj315geo231shd59pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj316geo287pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj319geo292shd50pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj321geo289shd60pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj322geo290pg12p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj324geo233shd51pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj325geo234pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj327geo296pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj330geo298pg13p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj331geo299shd61pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj332geo241pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj367title279pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj375title70pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj37geo72shd9pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj39geo73shd10pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj3geo19shd4pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj410geo264shd64pg11p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj431title126pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj521geo433shd6pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj61geo62shd8pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj63geo33shd12pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj64geo34pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj66geo82shd13pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj73geo104pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj75geo127pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj76geo128pg3p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj77geo129pg1p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj7geo24pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj80geo80shd11pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj82geo57pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj83geo61shd24pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj84geo63pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj85title92pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj88geo103shd25pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj91title91pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj92geo216shd15pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj93geo226pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj94geo229shd16pg4p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj95title96pg7p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\obj9geo28shd5pg2p13.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\pluscfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PlusOptions'.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PlusOptions.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_BarColor.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_BeforeWildMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_Folders.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_iecontext.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_iemenubar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_IntroCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_IntroMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_MmmTaskbar.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_StartMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_WildCfg.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\PNG_WildMenu.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\top.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\topleft.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\verify.png
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\Images\x-click-but23.gif
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\index.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\licenses.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\mmmplus.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\new.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\screenshots.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\sending.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\success.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\Help\whatsmmmplus.html
C:\WINDOWS\system32\ext\+BONUS\Mmm\LANCER AU DEMARRAGE.cmd
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.dll
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.exe
C:\WINDOWS\system32\ext\+BONUS\Mmm\Mmm.url
C:\WINDOWS\system32\ext\+BONUS\Mmm\SUPPRIMER DU DEMARRAGE.cmd
C:\WINDOWS\system32\ext\+BONUS\Mmm\v2.02
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\Concept originel Fold n' Drop.url
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\foldndrop2.jar
C:\WINDOWS\system32\ext\+BONUS\OriMado\Demo JAVA\foldndrop2.txt
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\background.png
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado - kMonos.NET.url
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.dll
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.exe
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\OriMado.ini
C:\WINDOWS\system32\ext\+BONUS\OriMado\Executable Windows\ReadMe.txt
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\data.clp
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\data.qrp
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.cnt
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.exe
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\MCLIP.HLP
C:\WINDOWS\system32\ext\+BONUS\Oscar's MiniCLIP\mclip.url
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.chm
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.exe
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey.url
C:\WINDOWS\system32\ext\+BONUS\ProduKey\ProduKey_lng.ini
C:\WINDOWS\system32\ext\+BONUS\ProduKey\readme.txt
C:\WINDOWS\system32\ext\+BONUS\ProduKey\v1.03fr
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\INSTALLER.cmd
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\Registry Explorer.url
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\regxplor.dll
C:\WINDOWS\system32\ext\+BONUS\RegistryExplorer\v1.4.4
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\Resize Enable.url
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnable.dll
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnable.txt
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\ResizeEnableRunner.exe
C:\WINDOWS\system32\ext\+BONUS\ResizeEnable\v1.4
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\actions.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\actions2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\index.html
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menu.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menu2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\menuc.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\options.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\sdesk.html
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\task.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\toolwin1.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\Doc\toolwin2.png
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.dll
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.exe
C:\WINDOWS\system32\ext\+BONUS\SDesk\sdesk.ini
C:\WINDOWS\system32\ext\+BONUS\SDesk\v1.66s
C:\WINDOWS\system32\ext\+BONUS\SDesk\WINDOWS (copier sdesk.ini ici).lnk
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Default\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Digital\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\frReadme.txt
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Language\English.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\Language\French.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\NeXT\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\SkinTrash.exe
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\SkinTrash.ini
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Empty.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Full.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Full2.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\led.bmp
C:\WINDOWS\system32\ext\+BONUS\SkinTrash\XP\Skin.ini
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\Lisez_moi.txt
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrab.dll
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrabber.exe
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\TextGrabber.hlp
C:\WINDOWS\system32\ext\+BONUS\TextGrabber\v1.0
C:\WINDOWS\system32\ext\+BONUS\xCap\README.txt
C:\WINDOWS\system32\ext\+BONUS\xCap\settings.ini
C:\WINDOWS\system32\ext\+BONUS\xCap\xCapV109.exe
C:\WINDOWS\system32\ext\A43\a43.dat
C:\WINDOWS\system32\ext\A43\A43.exe
C:\WINDOWS\system32\ext\A43\A43.ini
C:\WINDOWS\system32\ext\A43\A43.url
C:\WINDOWS\system32\ext\A43\language.ini
C:\WINDOWS\system32\ext\A43\ReadMe.txt
C:\WINDOWS\system32\ext\A43\unrar.dll
C:\WINDOWS\system32\ext\A43\v2.45fr
C:\WINDOWS\system32\ext\AllSnap\allSnap.chm
C:\WINDOWS\system32\ext\AllSnap\allSnap.exe
C:\WINDOWS\system32\ext\AllSnap\auto_lineup.dll
C:\WINDOWS\system32\ext\AllSnap\snap_libW.dll
C:\WINDOWS\system32\ext\AllSnap\v1.31.5
C:\WINDOWS\system32\ext\Applications.htm
C:\WINDOWS\system32\ext\Applications\A43.gif
C:\WINDOWS\system32\ext\Applications\allsnap01.gif
C:\WINDOWS\system32\ext\Applications\allsnap02.gif
C:\WINDOWS\system32\ext\Applications\allsnap03.gif
C:\WINDOWS\system32\ext\Applications\allsnap04.gif
C:\WINDOWS\system32\ext\Applications\applications.gif
C:\WINDOWS\system32\ext\Applications\AsteriskLogger.gif
C:\WINDOWS\system32\ext\Applications\audio01.gif
C:\WINDOWS\system32\ext\Applications\audio02.gif
C:\WINDOWS\system32\ext\Applications\Autoruns.gif
C:\WINDOWS\system32\ext\Applications\CatAutres.gif
C:\WINDOWS\system32\ext\Applications\CatDemarrage.gif
C:\WINDOWS\system32\ext\Applications\CatMenuDemarrer.gif
C:\WINDOWS\system32\ext\Applications\CatMenuFichiersDossiers.gif
C:\WINDOWS\system32\ext\Applications\CatMenuPosteTravail.gif
C:\WINDOWS\system32\ext\Applications\CatProprietesFichiersDossiers.gif
C:\WINDOWS\system32\ext\Applications\cdbfshell.gif
C:\WINDOWS\system32\ext\Applications\cliptray01.gif
C:\WINDOWS\system32\ext\Applications\cliptray02.gif
C:\WINDOWS\system32\ext\Applications\cliptray03.gif
C:\WINDOWS\system32\ext\Applications\cliptray04.gif
C:\WINDOWS\system32\ext\Applications\cliptray05.gif
C:\WINDOWS\system32\ext\Applications\clocx01.gif
C:\WINDOWS\system32\ext\Applications\clocx02.gif
C:\WINDOWS\system32\ext\Applications\clocx03.gif
C:\WINDOWS\system32\ext\Applications\clocx04.gif
C:\WINDOWS\system32\ext\Applications\coccinelle.gif
C:\WINDOWS\system32\ext\Applications\contextviewer1.gif
C:\WINDOWS\system32\ext\Applications\contextviewer2.gif
C:\WINDOWS\system32\ext\Applications\CopyURL.gif
C:\WINDOWS\system32\ext\Applications\CRHexact.gif
C:\WINDOWS\system32\ext\Applications\CurrentPorts.gif
C:\WINDOWS\system32\ext\Applications\demineur.gif
C:\WINDOWS\system32\ext\Applications\dialog01.gif
C:\WINDOWS\system32\ext\Applications\dialog02.gif
C:\WINDOWS\system32\ext\Applications\dialog03.gif
C:\WINDOWS\system32\ext\Applications\disasteroids.gif
C:\WINDOWS\system32\ext\Applications\divx.gif
C:\WINDOWS\system32\ext\Applications\dmex01.gif
C:\WINDOWS\system32\ext\Applications\dmex02.gif
C:\WINDOWS\system32\ext\Applications\dmexcol.gif
C:\WINDOWS\system32\ext\Applications\doubledriver.gif
C:\WINDOWS\system32\ext\Applications\edithexa.gif
C:\WINDOWS\system32\ext\Applications\everest.gif
C:\WINDOWS\system32\ext\Applications\exif.gif
C:\WINDOWS\system32\ext\Applications\favoritesview.gif
C:\WINDOWS\system32\ext\Applications\febooticase.gif
C:\WINDOWS\system32\ext\Applications\febootihex.gif
C:\WINDOWS\system32\ext\Applications\filenote01.gif
C:\WINDOWS\system32\ext\Applications\filenote02.gif
C:\WINDOWS\system32\ext\Applications\filenote03.gif
C:\WINDOWS\system32\ext\Applications\flexiblerenamer.gif
C:\WINDOWS\system32\ext\Applications\foldersize.gif
C:\WINDOWS\system32\ext\Applications\fond.jpg
C:\WINDOWS\system32\ext\Applications\getfilesize1.gif
C:\WINDOWS\system32\ext\Applications\getfilesize2.gif
C:\WINDOWS\system32\ext\Applications\gmail01.gif
C:\WINDOWS\system32\ext\Applications\gmail02.gif
C:\WINDOWS\system32\ext\Applications\gmail03.gif
C:\WINDOWS\system32\ext\Applications\gmail04.gif
C:\WINDOWS\system32\ext\Applications\gotoshared.gif
C:\WINDOWS\system32\ext\Applications\hash.gif
C:\WINDOWS\system32\ext\Applications\IECookiesView.gif
C:\WINDOWS\system32\ext\Applications\IEHistoryView.gif
C:\WINDOWS\system32\ext\Applications\IEPrivacyKeeper1.gif
C:\WINDOWS\system32\ext\Applications\IEPrivacyKeeper2.gif
C:\WINDOWS\system32\ext\Applications\invaders1.gif
C:\WINDOWS\system32\ext\Applications\invaders2.gif
C:\WINDOWS\system32\ext\Applications\LabelFonctions.gif
C:\WINDOWS\system32\ext\Applications\LabelRepertoire.gif
C:\WINDOWS\system32\ext\Applications\LabelType.gif
C:\WINDOWS\system32\ext\Applications\menupostetravail.gif
C:\WINDOWS\system32\ext\Applications\messenpass.gif
C:\WINDOWS\system32\ext\Applications\mitecexec01.gif
C:\WINDOWS\system32\ext\Applications\mitecexec02.gif
C:\WINDOWS\system32\ext\Applications\mitecexec03.gif
C:\WINDOWS\system32\ext\Applications\mitecexec04.gif
C:\WINDOWS\system32\ext\Applications\mitecimage01.gif
C:\WINDOWS\system32\ext\Applications\mitecimage02.gif
C:\WINDOWS\system32\ext\Applications\mmm01.gif
C:\WINDOWS\system32\ext\Applications\mmm02.gif
C:\WINDOWS\system32\ext\Applications\mpv.gif
C:\WINDOWS\system32\ext\Applications\netpass.gif
C:\WINDOWS\system32\ext\Applications\notepad++.gif
C:\WINDOWS\system32\ext\Applications\Othello.gif
C:\WINDOWS\system32\ext\Applications\pathcopy.gif
C:\WINDOWS\system32\ext\Applications\phmBootLogo.dll..gif
C:\WINDOWS\system32\ext\Applications\phmFilesystemCustomize.dll.gif
C:\WINDOWS\system32\ext\Applications\phmFolderAppearance.dll.gif
C:\WINDOWS\system32\ext\Applications\phmFolderAppearance02.dll.gif
C:\WINDOWS\system32\ext\Applications\ProcessViewer.gif
C:\WINDOWS\system32\ext\Applications\propplus01.gif
C:\WINDOWS\system32\ext\Applications\propplus02.gif
C:\WINDOWS\system32\ext\Applications\pspv.gif
C:\WINDOWS\system32\ext\Applications\regalyzer.gif
C:\WINDOWS\system32\ext\Applications\regcompact.gif
C:\WINDOWS\system32\ext\Applications\regseeker.gif
C:\WINDOWS\system32\ext\Applications\Regshot.gif
C:\WINDOWS\system32\ext\Applications\restoredesktop.gif
C:\WINDOWS\system32\ext\Applications\runwithparameters.gif
C:\WINDOWS\system32\ext\Applications\shellmenuview.gif
C:\WINDOWS\system32\ext\Applications\shortcutsman.gif
C:\WINDOWS\system32\ext\Applications\sizer1.gif
C:\WINDOWS\system32\ext\Applications\sizer2.gif
C:\WINDOWS\system32\ext\Applications\sizer3.gif
C:\WINDOWS\system32\ext\Applications\starter.gif
C:\WINDOWS\system32\ext\Applications\statbar01.gif
C:\WINDOWS\system32\ext\Applications\statbar02.gif
C:\WINDOWS\system32\ext\Applications\swf1.gif
C:\WINDOWS\system32\ext\Applications\swf2.gif
C:\WINDOWS\system32\ext\Applications\swf3.gif
C:\WINDOWS\system32\ext\Applications\swf4.gif
C:\WINDOWS\system32\ext\Applications\taskswitch01.gif
C:\WINDOWS\system32\ext\Applications\taskswitch02.gif
C:\WINDOWS\system32\ext\Applications\taskswitch03.gif
C:\WINDOWS\system32\ext\Applications\thumbview.gif
C:\WINDOWS\system32\ext\Applications\tri.gif
C:\WINDOWS\system32\ext\Applications\tugzip.gif
C:\WINDOWS\system32\ext\Applications\TypeDLL.gif
C:\WINDOWS\system32\ext\Applications\TypeEXE.gif
C:\WINDOWS\system32\ext\Applications\ubericon.gif
C:\WINDOWS\system32\ext\Applications\unlocker01.gif
C:\WINDOWS\system32\ext\Applications\unlocker02.gif
C:\WINDOWS\system32\ext\Applications\unlocker03.gif
C:\WINDOWS\system32\ext\Applications\wholockme01.gif
C:\WINDOWS\system32\ext\Applications\wholockme02.gif
C:\WINDOWS\system32\ext\Applications\whyreboot.gif
C:\WINDOWS\system32\ext\Applications\winroll.gif
C:\WINDOWS\system32\ext\Applications\winservices.gif
C:\WINDOWS\system32\ext\Applications\xnstop.gif
C:\WINDOWS\system32\ext\Applications\XPSP2+_Chrysalide_Widescreen.jpg
C:\WINDOWS\system32\ext\Applications\xvid.gif
C:\WINDOWS\system32\ext\Applications\yz01.gif
C:\WINDOWS\system32\ext\Applications\yz02.gif
C:\WINDOWS\system32\ext\Applications\yz02b.gif
C:\WINDOWS\system32\ext\Applications\yz03.gif
C:\WINDOWS\system32\ext\AsteriskLogger\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\AsteriskLogger\Asterisk Logger.url
C:\WINDOWS\system32\ext\AsteriskLogger\astlog.chm
C:\WINDOWS\system32\ext\AsteriskLogger\astlog.exe
C:\WINDOWS\system32\ext\AsteriskLogger\astlog_lng.ini
C:\WINDOWS\system32\ext\AsteriskLogger\ReadMe.txt
C:\WINDOWS\system32\ext\AsteriskLogger\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\AsteriskLogger\v1.02fr
C:\WINDOWS\system32\ext\Audioshellext\AudioShell.url
C:\WINDOWS\system32\ext\Audioshellext\AudioShellExt.dll
C:\WINDOWS\system32\ext\Audioshellext\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Audioshellext\INSTALLER.cmd
C:\WINDOWS\system32\ext\Audioshellext\v1.0.1
C:\WINDOWS\system32\ext\Autoruns\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Autoruns\autoruns.chm
C:\WINDOWS\system32\ext\Autoruns\autoruns.exe
C:\WINDOWS\system32\ext\Autoruns\Autoruns.url
C:\WINDOWS\system32\ext\Autoruns\autorunsc.exe
C:\WINDOWS\system32\ext\Autoruns\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Autoruns\v8.42
C:\WINDOWS\system32\ext\CDBFShellExt\CDBF Shell Extension.url
C:\WINDOWS\system32\ext\CDBFShellExt\cdbfshell.dll
C:\WINDOWS\system32\ext\CDBFShellExt\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\CDBFShellExt\exemple.dbf
C:\WINDOWS\system32\ext\CDBFShellExt\INSTALLER.cmd
C:\WINDOWS\system32\ext\CDBFShellExt\readme.txt
C:\WINDOWS\system32\ext\CDBFShellExt\v1.0
C:\WINDOWS\system32\ext\ClipTray\ClipTray.chm
C:\WINDOWS\system32\ext\ClipTray\ClipTray.exe
C:\WINDOWS\system32\ext\ClipTray\ClipTray.ini
C:\WINDOWS\system32\ext\ClipTray\ClipTray.url
C:\WINDOWS\system32\ext\ClipTray\Personal.dat
C:\WINDOWS\system32\ext\ClipTray\v1.61fr
C:\WINDOWS\system32\ext\ClocX\ClocX.exe
C:\WINDOWS\system32\ext\ClocX\ClocX.url
C:\WINDOWS\system32\ext\ClocX\Lang\French.lng
C:\WINDOWS\system32\ext\ClocX\Presets\BlueSphere2.png
C:\WINDOWS\system32\ext\ClocX\Presets\CloQ.ini
C:\WINDOWS\system32\ext\ClocX\Presets\CloQ.png
C:\WINDOWS\system32\ext\ClocX\Presets\default.bmp
C:\WINDOWS\system32\ext\ClocX\Presets\default.ini
C:\WINDOWS\system32\ext\ClocX\Presets\GlowMarvilla.png
C:\WINDOWS\system32\ext\ClocX\Presets\Snowball Clock.png
C:\WINDOWS\system32\ext\ClocX\Presets\street.ini
C:\WINDOWS\system32\ext\ClocX\Presets\street.png
C:\WINDOWS\system32\ext\ClocX\Presets\streethour.hpng
C:\WINDOWS\system32\ext\ClocX\Presets\streetmin.hpng
C:\WINDOWS\system32\ext\ClocX\ReadMe.txt
C:\WINDOWS\system32\ext\ClocX\v1.5.1fr
C:\WINDOWS\system32\ext\ContextViewer\Context Viewer.url
C:\WINDOWS\system32\ext\ContextViewer\ContView.exe
C:\WINDOWS\system32\ext\ContextViewer\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\ContextViewer\INSTALLER.cmd
C:\WINDOWS\system32\ext\ContextViewer\plugins\AXZIP.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\AXZIP.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifDIB.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFGIF.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifgif.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFJPEG.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifjpeg.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFMAG.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFMAG.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPI.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPI.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC2.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFPIC2.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifpict.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifSunRAS.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifTGA.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFTIFF.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\iftiff.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifTIFF6.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\ifWMF.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFXLD4.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\IFXLD4.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\LHASAD.PLG
C:\WINDOWS\system32\ext\ContextViewer\plugins\LHASAD.SPI
C:\WINDOWS\system32\ext\ContextViewer\plugins\LZR.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\LZRP.spi
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.clw
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.dsp
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.dsw
C:\WINDOWS\system32\ext\ContextViewer\plugins\UseSPI.rc
C:\WINDOWS\system32\ext\ContextViewer\ReadMe.txt
C:\WINDOWS\system32\ext\ContextViewer\v1.41fr
C:\WINDOWS\system32\ext\CopyURL\CopyURL.dll
C:\WINDOWS\system32\ext\CopyURL\CopyURL.txt
C:\WINDOWS\system32\ext\CopyURL\CopyURL.url
C:\WINDOWS\system32\ext\CopyURL\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\CopyURL\INSTALLER.cmd
C:\WINDOWS\system32\ext\CopyURL\ReadMe.txt
C:\WINDOWS\system32\ext\CopyURL\v2.31fr
C:\WINDOWS\system32\ext\CRHexact\aide.chm
C:\WINDOWS\system32\ext\CRHexact\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.diz
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.exe
C:\WINDOWS\system32\ext\CRHexact\CR-Hexact.url
C:\WINDOWS\system32\ext\CRHexact\enregistrement_fr.txt
C:\WINDOWS\system32\ext\CRHexact\francais.lng
C:\WINDOWS\system32\ext\CRHexact\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CRHexact\v2.3fr
C:\WINDOWS\system32\ext\CurrentPorts\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CurrentPorts\cports.chm
C:\WINDOWS\system32\ext\CurrentPorts\cports.exe
C:\WINDOWS\system32\ext\CurrentPorts\cports_lng.ini
C:\WINDOWS\system32\ext\CurrentPorts\CurrPorts.url
C:\WINDOWS\system32\ext\CurrentPorts\readme.txt
C:\WINDOWS\system32\ext\CurrentPorts\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\CurrentPorts\v1.07fr
C:\WINDOWS\system32\ext\DialogBoxAssistant\Dialog Box Assistant.url
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDEx.chm
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDEx.exe
C:\WINDOWS\system32\ext\DialogBoxAssistant\OSDExLib.dll
C:\WINDOWS\system32\ext\DialogBoxAssistant\ReadMe.txt
C:\WINDOWS\system32\ext\DialogBoxAssistant\v1.1
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids 3D.url
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids3D.cfg
C:\WINDOWS\system32\ext\Disasteroids3D\disasteroids3d.dat
C:\WINDOWS\system32\ext\Disasteroids3D\Disasteroids3D.exe
C:\WINDOWS\system32\ext\Divx\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Divx\DivX.url
C:\WINDOWS\system32\ext\Divx\Divxconfig.exe
C:\WINDOWS\system32\ext\Divx\divxdec.ax
C:\WINDOWS\system32\ext\Divx\INSTALLER.cmd
C:\WINDOWS\system32\ext\Divx\v5.0.5 (dernière compatible VirtualDub)
C:\WINDOWS\system32\ext\DmexBar\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\DmexBar\dmexalign.exe
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange all horizontal.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange all vertical.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange two horizontal.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Arrange two vertical.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Restore positions.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Save position and minimize.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexalign\Save position.lnk
C:\WINDOWS\system32\ext\DmexBar\dmexbar.dll
C:\WINDOWS\system32\ext\DmexBar\dmexbar.dll.manifest
C:\WINDOWS\system32\ext\DmexBar\DMEXBAR.HLP
C:\WINDOWS\system32\ext\DmexBar\dmexbar.ini
C:\WINDOWS\system32\ext\DmexBar\DmexBar.url
C:\WINDOWS\system32\ext\DmexBar\francais.lng
C:\WINDOWS\system32\ext\DmexBar\INSTALLER.cmd
C:\WINDOWS\system32\ext\DmexBar\unsplit.exe
C:\WINDOWS\system32\ext\DmexBar\UnzDll.dll
C:\WINDOWS\system32\ext\DmexBar\v10
C:\WINDOWS\system32\ext\DmexBar\viewer.exe
C:\WINDOWS\system32\ext\DmexBar\viewer.ini
C:\WINDOWS\system32\ext\DmexBar\ZipDll.dll
C:\WINDOWS\system32\ext\DmexCol\DESINSTALLER.reg
C:\WINDOWS\system32\ext\DmexCol\DmexBar.url
C:\WINDOWS\system32\ext\DmexCol\dmexcol.dll
C:\WINDOWS\system32\ext\DmexCol\dmexcol.hlp
C:\WINDOWS\system32\ext\DmexCol\INSTALLER.cmd
C:\WINDOWS\system32\ext\DmexCol\v10fr
C:\WINDOWS\system32\ext\DoubleDriver\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\DoubleDriver\dd.chm
C:\WINDOWS\system32\ext\DoubleDriver\dd.exe
C:\WINDOWS\system32\ext\DoubleDriver\dd.ini
C:\WINDOWS\system32\ext\DoubleDriver\Double Driver.url
C:\WINDOWS\system32\ext\DoubleDriver\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\DoubleDriver\v1.0
C:\WINDOWS\system32\ext\EasyRead\AJOUTER A LA BARRE DE BOUTONS.cmd
C:\WINDOWS\system32\ext\EasyRead\EasyRead.cmd
C:\WINDOWS\system32\ext\EasyRead\EasyRead.gif
C:\WINDOWS\system32\ext\EasyRead\EasyRead.url
C:\WINDOWS\system32\ext\EasyRead\Iconico.ico
C:\WINDOWS\system32\ext\EasyRead\ShellExec.exe
C:\WINDOWS\system32\ext\EasyRead\SUPPRIMER DE LA BARRE DE BOUTONS.cmd
C:\WINDOWS\system32\ext\EasyRead\ZoomIn.ico
C:\WINDOWS\system32\ext\EasyRead\ZoomIn.js
C:\WINDOWS\system32\ext\EasyRead\ZoomOut.ico
C:\WINDOWS\system32\ext\EasyRead\ZoomOut.js
C:\WINDOWS\system32\ext\Everest\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Everest\everest.bin
C:\WINDOWS\system32\ext\Everest\everest.chm
C:\WINDOWS\system32\ext\Everest\everest.dat
C:\WINDOWS\system32\ext\Everest\everest.exe
C:\WINDOWS\system32\ext\Everest\everest.mem
C:\WINDOWS\system32\ext\Everest\everest.web
C:\WINDOWS\system32\ext\Everest\everest_cpl.cpl
C:\WINDOWS\system32\ext\Everest\everest_icons.dll
C:\WINDOWS\system32\ext\Everest\everest_memlat.dll
C:\WINDOWS\system32\ext\Everest\everest_xpicons.dll
C:\WINDOWS\system32\ext\Everest\everest_zipdll.dll
C:\WINDOWS\system32\ext\Everest\kerneld.amd64
C:\WINDOWS\system32\ext\Everest\kerneld.ia64
C:\WINDOWS\system32\ext\Everest\kerneld.w9x
C:\WINDOWS\system32\ext\Everest\kerneld.wnt
C:\WINDOWS\system32\ext\Everest\Language\lang_fr.txt
C:\WINDOWS\system32\ext\Everest\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\Everest\v2.20fr
C:\WINDOWS\system32\ext\Exif\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Exif\Exif Shell Extension.url
C:\WINDOWS\system32\ext\Exif\exif.dll
C:\WINDOWS\system32\ext\Exif\INSTALLER.cmd
C:\WINDOWS\system32\ext\Exif\v1.02
C:\WINDOWS\system32\ext\FavoritesView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FavoritesView\faview.chm
C:\WINDOWS\system32\ext\FavoritesView\faview.exe
C:\WINDOWS\system32\ext\FavoritesView\faview_lng.ini
C:\WINDOWS\system32\ext\FavoritesView\FavoritesView.url
C:\WINDOWS\system32\ext\FavoritesView\ReadMe.txt
C:\WINDOWS\system32\ext\FavoritesView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FavoritesView\v1.0fr
C:\WINDOWS\system32\ext\FebootiCase\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiCase\fCase.dll
C:\WINDOWS\system32\ext\FebootiCase\Febooti.url
C:\WINDOWS\system32\ext\FebootiCase\INSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiCase\Traduction française par club83 du forum xpcoccinelle.free.fr
C:\WINDOWS\system32\ext\FebootiCase\V1.1
C:\WINDOWS\system32\ext\FebootiHex\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiHex\Febooti.url
C:\WINDOWS\system32\ext\FebootiHex\fHex.dll
C:\WINDOWS\system32\ext\FebootiHex\INSTALLER.cmd
C:\WINDOWS\system32\ext\FebootiHex\Traduction française par club83 du forum xpcoccinelle.free.fr
C:\WINDOWS\system32\ext\FebootiHex\V1.0
C:\WINDOWS\system32\ext\Filenote\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Filenote\FileNote.dll
C:\WINDOWS\system32\ext\Filenote\FileNote.url
C:\WINDOWS\system32\ext\Filenote\INSTALLER.cmd
C:\WINDOWS\system32\ext\Filenote\ReadMe.txt
C:\WINDOWS\system32\ext\Filenote\v1.0
C:\WINDOWS\system32\ext\FlexibleRenamer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.exe
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.exe.manifest
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.ini
C:\WINDOWS\system32\ext\FlexibleRenamer\Flexible Renamer.url
C:\WINDOWS\system32\ext\FlexibleRenamer\HistoryEN.txt
C:\WINDOWS\system32\ext\FlexibleRenamer\PresetEN.ini
C:\WINDOWS\system32\ext\FlexibleRenamer\ReadMeEN.txt
C:\WINDOWS\system32\ext\FlexibleRenamer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\FlexibleRenamer\v7.3
C:\WINDOWS\system32\ext\FolderSize\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\FolderSize\Folder Size.url
C:\WINDOWS\system32\ext\FolderSize\FolderSize.msi
C:\WINDOWS\system32\ext\FolderSize\fr\FolderSizeColumn.dll
C:\WINDOWS\system32\ext\FolderSize\INSTALLER.cmd
C:\WINDOWS\system32\ext\FolderSize\v2.1fr
C:\WINDOWS\system32\ext\GetFileSize\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\GetFileSize\Get File Size.url
C:\WINDOWS\system32\ext\GetFileSize\GetFileSize.exe
C:\WINDOWS\system32\ext\GetFileSize\gfs.chm
C:\WINDOWS\system32\ext\GetFileSize\INSTALLER.cmd
C:\WINDOWS\system32\ext\GetFileSize\v2.2
C:\WINDOWS\system32\ext\Gmail\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Gmail\Gmail Drive en francais.url
C:\WINDOWS\system32\ext\Gmail\GMail Drive shell extension.url
C:\WINDOWS\system32\ext\Gmail\GMailFS.dll
C:\WINDOWS\system32\ext\Gmail\INSTALLER.cmd
C:\WINDOWS\system32\ext\Gmail\v1.0.8
C:\WINDOWS\system32\ext\GotoShared\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\GotoShared\GoTo Shared.url
C:\WINDOWS\system32\ext\GotoShared\GotoShared.exe
C:\WINDOWS\system32\ext\GotoShared\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\GotoShared\v1.0fr
C:\WINDOWS\system32\ext\HashTab\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\HashTab\HashTab Shell Extension.url
C:\WINDOWS\system32\ext\HashTab\HashTab.dll
C:\WINDOWS\system32\ext\HashTab\INSTALLER.cmd
C:\WINDOWS\system32\ext\HashTab\v1.7fr
C:\WINDOWS\system32\ext\IECookiesView\ads.txt
C:\WINDOWS\system32\ext\IECookiesView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IECookiesView\IECookiesView.url
C:\WINDOWS\system32\ext\IECookiesView\iecv.chm
C:\WINDOWS\system32\ext\IECookiesView\iecv.exe
C:\WINDOWS\system32\ext\IECookiesView\iecv_lng.ini
C:\WINDOWS\system32\ext\IECookiesView\ReadMe.txt
C:\WINDOWS\system32\ext\IECookiesView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IECookiesView\v1.70fr
C:\WINDOWS\system32\ext\IEHistoryView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEHistoryView\IEHistoryView.url
C:\WINDOWS\system32\ext\IEHistoryView\iehv.chm
C:\WINDOWS\system32\ext\IEHistoryView\iehv.exe
C:\WINDOWS\system32\ext\IEHistoryView\iehv_lng.ini
C:\WINDOWS\system32\ext\IEHistoryView\ReadMe.txt
C:\WINDOWS\system32\ext\IEHistoryView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEHistoryView\v1.30fr
C:\WINDOWS\system32\ext\IEPrivacyKeeper\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEPrivacyKeeper\dbghelp.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\hgc.ani
C:\WINDOWS\system32\ext\IEPrivacyKeeper\IE Privacy Keeper.url
C:\WINDOWS\system32\ext\IEPrivacyKeeper\iepk.ico
C:\WINDOWS\system32\ext\IEPrivacyKeeper\iepk.wav
C:\WINDOWS\system32\ext\IEPrivacyKeeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ext\IEPrivacyKeeper\Lang\French.lng
C:\WINDOWS\system32\ext\IEPrivacyKeeper\license_fr.txt
C:\WINDOWS\system32\ext\IEPrivacyKeeper\ntqsi.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\SecureDelete.dll
C:\WINDOWS\system32\ext\IEPrivacyKeeper\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\IEPrivacyKeeper\UnHCrashReport.exe
C:\WINDOWS\system32\ext\IEPrivacyKeeper\v2.7.2fr
C:\WINDOWS\system32\ext\MailPassView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MailPassView\Lisez-moi.txt
C:\WINDOWS\system32\ext\MailPassView\mailpv.chm
C:\WINDOWS\system32\ext\MailPassView\mailpv_lng.ini
C:\WINDOWS\system32\ext\MailPassView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MailPassView\v1.32fr
C:\WINDOWS\system32\ext\MessenPass\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MessenPass\mspass.chm
C:\WINDOWS\system32\ext\MessenPass\mspass_lng.ini
C:\WINDOWS\system32\ext\MessenPass\ReadMe.txt
C:\WINDOWS\system32\ext\MessenPass\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\MessenPass\v1.04fr
C:\WINDOWS\system32\ext\Minesweeper3D\docs\cubes-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\dodeca-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\index.html
C:\WINDOWS\system32\ext\Minesweeper3D\docs\mail.png
C:\WINDOWS\system32\ext\Minesweeper3D\docs\sprites-screenshot.png
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper 3D.url
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper3D.exe
C:\WINDOWS\system32\ext\Minesweeper3D\Minesweeper3D.ico
C:\WINDOWS\system32\ext\Minesweeper3D\mingwm10.dll
C:\WINDOWS\system32\ext\Minesweeper3D\saves\screenshot
C:\WINDOWS\system32\ext\Minesweeper3D\settings\default
C:\WINDOWS\system32\ext\Minesweeper3D\skins\default\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\default\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\sprites\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\sprites\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\transolid\fields.png
C:\WINDOWS\system32\ext\Minesweeper3D\skins\transolid\tiled.png
C:\WINDOWS\system32\ext\Minesweeper3D\v2005-01-10
C:\WINDOWS\system32\ext\MitecExec\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MitecExec\INSTALLER.cmd
C:\WINDOWS\system32\ext\MitecExec\MiTeC Shell Extension Pack.url
C:\WINDOWS\system32\ext\MitecExec\MPEISE.dll
C:\WINDOWS\system32\ext\MitecExec\ReadMe.txt
C:\WINDOWS\system32\ext\MitecExec\v3.2
C:\WINDOWS\system32\ext\MitecImage\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MitecImage\INSTALLER.cmd
C:\WINDOWS\system32\ext\MitecImage\MIPSE.dll
C:\WINDOWS\system32\ext\MitecImage\MiTeC Shell Extension Pack.url
C:\WINDOWS\system32\ext\MitecImage\ReadMe.txt
C:\WINDOWS\system32\ext\MitecImage\v3.2
C:\WINDOWS\system32\ext\MP3Lame\ACM codec version of Lame MP3 encoder.url
C:\WINDOWS\system32\ext\MP3Lame\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\MP3Lame\INSTALLER.cmd
C:\WINDOWS\system32\ext\MP3Lame\lame.exe
C:\WINDOWS\system32\ext\MP3Lame\lame_acm.xml
C:\WINDOWS\system32\ext\MP3Lame\lame_enc.dll
C:\WINDOWS\system32\ext\MP3Lame\lameACM.acm
C:\WINDOWS\system32\ext\MP3Lame\LameACM.inf
C:\WINDOWS\system32\ext\MP3Lame\v3.96
C:\WINDOWS\system32\ext\NetPass\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\NetPass\netpass.chm
C:\WINDOWS\system32\ext\NetPass\netpass_lng.ini
C:\WINDOWS\system32\ext\NetPass\Network Password Recovery.url
C:\WINDOWS\system32\ext\NetPass\ReadMe.txt
C:\WINDOWS\system32\ext\NetPass\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\NetPass\v1.02fr
C:\WINDOWS\system32\ext\Notepad++\config.xml
C:\WINDOWS\system32\ext\Notepad++\contextMenu.xml
C:\WINDOWS\system32\ext\Notepad++\doLocalConf.xml
C:\WINDOWS\system32\ext\Notepad++\Icons\blank.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\close_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\closeAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\copy_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\cut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\fileopen_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\fileopen_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\find_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\find_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\indent_guideline_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\indent_guideline_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\invisible_char_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\invisible_char_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\new_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\new_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\paste_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\playback_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\playback_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\print_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\print_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\record_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\redo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\replace_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_makro_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\save_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\saveAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\stop_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\stop_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\undo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\viewDlg_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\viewDlg_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\wrap_text_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\wrap_text_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomIn_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomIn_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomOut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons\zoomOut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\close_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\closeAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\copy_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\cut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\fileopen_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\fileopen_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\find_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\find_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\new_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\new_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\paste_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\print_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\print_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\readme.txt
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\redo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\replace_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\save_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\saveAll_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\toolbarIcons.xml
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_disabled.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\undo_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\viewDlg_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\viewDlg_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomIn_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomIn_normal.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomOut_hover.ico
C:\WINDOWS\system32\ext\Notepad++\Icons_Npp\zoomOut_normal.ico
C:\WINDOWS\system32\ext\Notepad++\insertExt.ini
C:\WINDOWS\system32\ext\Notepad++\langs.xml
C:\WINDOWS\system32\ext\Notepad++\license.txt
C:\WINDOWS\system32\ext\Notepad++\LINEDRAW.TTF
C:\WINDOWS\system32\ext\Notepad++\nativeLang.xml
C:\WINDOWS\system32\ext\Notepad++\notepad++.exe
C:\WINDOWS\system32\ext\Notepad++\Notepad++.url
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\1 - dllcache.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\2 - system32.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\3 - WINDOWS.lnk
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\notepad.exe
C:\WINDOWS\system32\ext\Notepad++\NppLauncher\readme.txt
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\c.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\cpp.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\css.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\flash.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\java.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\javascript.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\lisp.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\perl.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\php.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\python.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\vb.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\vhdl.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\winbatch.api
C:\WINDOWS\system32\ext\Notepad++\plugins\APIs\xml.api
C:\WINDOWS\system32\ext\Notepad++\plugins\NppInsertPlugin.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX.ini
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\AsciiToEBCDIC.bin
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\libTidy.dll
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\NPPTextFXdemo.TXT
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\TIDYCFG.INI
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\W3C-CSSValidator.htm
C:\WINDOWS\system32\ext\Notepad++\plugins\NPPTextFX\W3C-HTMLValidator.htm
C:\WINDOWS\system32\ext\Notepad++\plugins\XMLCheck.dll
C:\WINDOWS\system32\ext\Notepad++\ReadMe.txt
C:\WINDOWS\system32\ext\Notepad++\SciLexer.dll
C:\WINDOWS\system32\ext\Notepad++\shortcuts.xml
C:\WINDOWS\system32\ext\Notepad++\stylers.xml
C:\WINDOWS\system32\ext\Notepad++\toolbarIcons.xml
C:\WINDOWS\system32\ext\Notepad++\userDefineLang_ruby.xml
C:\WINDOWS\system32\ext\Notepad++\userDefineLang_winbatch.xml
C:\WINDOWS\system32\ext\Notepad++\v3.3fr
C:\WINDOWS\system32\ext\OGGVorbis\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\OGGVorbis\INSTALLER.cmd
C:\WINDOWS\system32\ext\OGGVorbis\ReadMe.txt
C:\WINDOWS\system32\ext\OGGVorbis\uninstall.inf
C:\WINDOWS\system32\ext\OGGVorbis\v1.0
C:\WINDOWS\system32\ext\OGGVorbis\Vorbis Ogg ACM Codec.url
C:\WINDOWS\system32\ext\OGGVorbis\vorbis.acm
C:\WINDOWS\system32\ext\OGGVorbis\vorbisacm.inf
C:\WINDOWS\system32\ext\Othello\Othello.exe
C:\WINDOWS\system32\ext\Othello\ReadMe.txt
C:\WINDOWS\system32\ext\Othello\v2.0
C:\WINDOWS\system32\ext\PathCopy\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PathCopy\INSTALLER.cmd
C:\WINDOWS\system32\ext\PathCopy\PATHCO32.DLL
C:\WINDOWS\system32\ext\PathCopy\PATHCO64.DLL
C:\WINDOWS\system32\ext\PathCopy\PATHCOPY.HLP
C:\WINDOWS\system32\ext\PathCopy\PATHCOPY.INF
C:\WINDOWS\system32\ext\PathCopy\ReadMe.txt
C:\WINDOWS\system32\ext\PathCopy\v4.0fr
C:\WINDOWS\system32\ext\PHMPlusBoot\BootLogo.dll
C:\WINDOWS\system32\ext\PHMPlusBoot\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusBoot\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusBoot\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusBoot\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusBoot\v1.0
C:\WINDOWS\system32\ext\PHMPlusFile\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFile\FilesystemCustomize.dll
C:\WINDOWS\system32\ext\PHMPlusFile\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFile\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusFile\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusFile\v1.0
C:\WINDOWS\system32\ext\PHMPlusFolder\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFolder\FolderAppearance.dll
C:\WINDOWS\system32\ext\PHMPlusFolder\INSTALLER.cmd
C:\WINDOWS\system32\ext\PHMPlusFolder\PHM Plus! for Windows XP.url
C:\WINDOWS\system32\ext\PHMPlusFolder\PHMXPP!.chm
C:\WINDOWS\system32\ext\PHMPlusFolder\v1.0
C:\WINDOWS\system32\ext\ProcessViewer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\ProcessViewer\GraphControl.dll
C:\WINDOWS\system32\ext\ProcessViewer\PrcMon.dll
C:\WINDOWS\system32\ext\ProcessViewer\PrcView.exe
C:\WINDOWS\system32\ext\ProcessViewer\PRCVIEW.HLP
C:\WINDOWS\system32\ext\ProcessViewer\Process Viewer.url
C:\WINDOWS\system32\ext\ProcessViewer\pv.exe
C:\WINDOWS\system32\ext\ProcessViewer\ReadMe.txt
C:\WINDOWS\system32\ext\ProcessViewer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\ProcessViewer\v5.2
C:\WINDOWS\system32\ext\Propplus\DESINSTALLER.cmd
C:\WINDOWS\system32\ext\Propplus\INSTALLER.cmd
C:\WINDOWS\system32\ext\Propplus\ppsetup.exe
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.DLL
C:\WINDOWS\system32\ext\Propplus\Ppshlext.exe
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.INF
C:\WINDOWS\system32\ext\Propplus\PPSHLEXT.TXT
C:\WINDOWS\system32\ext\Propplus\v1.65fr
C:\WINDOWS\system32\ext\PSPassView\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\PSPassView\Lisez-moi !.txt
C:\WINDOWS\system32\ext\PSPassView\Protected Storage PassView.url
C:\WINDOWS\system32\ext\PSPassView\pspv.chm
C:\WINDOWS\system32\ext\PSPassView\pspv_lng.ini
C:\WINDOWS\system32\ext\PSPassView\rawdata.html
C:\WINDOWS\system32\ext\PSPassView\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\PSPassView\v1.62fr
C:\WINDOWS\system32\ext\RegAlyzer\AJOUTER AU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\RegAlyzer\Bookmarks.txt
C:\WINDOWS\system32\ext\RegAlyzer\Help\Francais.chm
C:\WINDOWS\system32\ext\RegAlyzer\Languages\English.ral
C:\WINDOWS\system32\ext\RegAlyzer\Languages\Francais.ral
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.exe
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.rdb
C:\WINDOWS\system32\ext\RegAlyzer\RegAlyzer.url
C:\WINDOWS\system32\ext\RegAlyzer\SUPPRIMER DU MENU CONTEXTUEL.cmd
C:\WINDOWS\system32\ext\RegAlyzer\v1.2fr
C:\WINDOWS\system32\ext\RegCompact\AJOUTER AU MENU CONTEXTUEL.c
Re , rapport non complet
Ctrl+A pour tout selectionner
A+
Les nombres de choses supprimées m'impressionne ... m'inquiète aussi ... comment va ton pc ? il tourne bien ? pas de soucis niveau fonctionnement ?
Ctrl+A pour tout selectionner
A+
Les nombres de choses supprimées m'impressionne ... m'inquiète aussi ... comment va ton pc ? il tourne bien ? pas de soucis niveau fonctionnement ?
SALUT
je t'envoi mon rapport complet ce soir là chui au travail.
ben à la base mon prob est ke mon pc est devenu super lent 10min au démarrage, les icones du bureau clignotent, à part ca pas de soucis particulier.ca depuis ke g installé le cd d'installation de mon FAI alice, j'avais norton avant et aucun soucis avec mon ordi....
a ce soir si tu veux bien
je t'envoi mon rapport complet ce soir là chui au travail.
ben à la base mon prob est ke mon pc est devenu super lent 10min au démarrage, les icones du bureau clignotent, à part ca pas de soucis particulier.ca depuis ke g installé le cd d'installation de mon FAI alice, j'avais norton avant et aucun soucis avec mon ordi....
a ce soir si tu veux bien
ComboFix 08-02-17.2 - suzy 2008-02-18 18:57:39.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.237 [GMT 1:00]
Endroit: C:\Documents and Settings\suzy.AL\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
.
2008-02-18 12:50 . 2008-02-18 12:50 <REP> d-------- C:\Program Files\Fichiers communs\SureThing Shared
2008-02-18 12:50 . 2006-10-03 18:21 157,352 --------- C:\WINDOWS\system32\pxwma.dll
2008-02-18 12:50 . 2006-10-03 18:21 114,856 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-02-17 21:45 . 2008-02-17 21:45 <REP> d-------- C:\_OTMoveIt
2008-02-17 21:17 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 21:14 . 2008-02-17 21:14 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-17 16:42 . 2008-02-17 18:08 <REP> d-------- C:\VundoFix Backups
2008-02-17 12:48 . 2008-02-17 12:48 849 --a------ C:\WINDOWS\system32\ZoneAlarmIconUS.ico
2008-02-17 12:48 . 2008-02-17 12:48 849 --a------ C:\WINDOWS\system32\ZoneAlarmIconUK.ico
2008-02-15 22:04 . 2008-02-17 17:20 <REP> d-------- C:\Program Files\Navilog1
2008-02-15 21:04 . 2008-02-15 21:04 1,241,357 ---hs---- C:\WINDOWS\system32\esmypdhb.tmp
2008-02-15 19:55 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-15 19:55 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-15 19:55 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-15 19:55 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-15 19:54 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-15 19:54 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-15 19:53 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-15 19:53 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-15 18:11 . 2008-02-17 21:08 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-14 17:13 . 2008-02-14 17:13 1,241,195 ---hs---- C:\WINDOWS\system32\tpmfmxgo.tmp
2008-02-13 23:16 . 2008-02-13 23:16 <REP> d-------- C:\Program Files\Trend Micro
2008-02-13 21:34 . 2008-02-13 21:37 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-13 19:12 . 2008-02-13 19:12 <REP> d-------- C:\Documents and Settings\suzy.AL\Application Data\Grisoft
2008-02-13 19:10 . 2008-02-13 19:10 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-13 19:10 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 19:00 . 2008-02-13 19:01 <REP> d-------- C:\Program Files\CCleaner
2008-02-12 19:04 . 2008-02-12 19:04 1,235,041 ---hs---- C:\WINDOWS\system32\vswwhtin.tmp
2008-02-12 18:57 . 2008-02-12 18:57 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-02-11 19:41 . 2008-02-13 18:56 <REP> d-------- C:\Program Files\MalwareAlarm
2008-02-11 13:12 . 2008-02-11 21:07 1,220,369 ---hs---- C:\WINDOWS\system32\dqapucwh.ini
2008-02-10 21:26 . 2008-02-10 21:26 <REP> d-------- C:\Program Files\Fichiers communs\Nullsoft
2008-02-10 19:46 . 2008-02-10 19:46 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-10 19:45 . 2008-02-10 19:45 <REP> d-------- C:\WINDOWS\system32\Engines
2008-02-10 16:03 . 2005-10-19 18:19 1,327,189 --a------ C:\WINDOWS\system32\odSupp_M.dll
2008-02-10 16:03 . 2005-11-22 20:56 630,784 --a------ C:\WINDOWS\system32\ANIWZCS2.dll
2008-02-10 16:03 . 2005-11-22 20:55 237,568 --a------ C:\WINDOWS\system32\wlanapi.dll
2008-02-10 16:03 . 2005-10-19 18:19 204,800 --a------ C:\WINDOWS\system32\aIPH.dll
2008-02-10 16:03 . 2005-11-23 10:10 163,840 --a------ C:\WINDOWS\system32\WlanApp.dll
2008-02-10 16:03 . 2005-10-19 18:19 57,407 --a------ C:\WINDOWS\system32\ANICtl.dll
2008-02-10 16:03 . 2005-10-27 08:55 49,152 --a------ C:\WINDOWS\system32\JJAKEn.dll
2008-02-10 16:03 . 2005-10-19 18:19 49,152 --a------ C:\WINDOWS\system32\AQCKGen.dll
2008-02-08 21:17 . 2008-02-08 21:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-02-08 21:14 . 2008-02-08 21:14 <REP> d-------- C:\Program Files\illiminable
2008-02-08 21:13 . 2008-02-08 21:13 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\YAHOO
2008-02-08 21:08 . 2008-02-08 21:08 <REP> d-------- C:\Program Files\Thomson
2008-02-03 18:49 . 2008-02-03 18:49 <REP> d-------- C:\WINDOWS\Cache
2008-02-03 18:48 . 2006-11-01 15:54 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-02-03 18:48 . 2006-11-01 16:26 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-02-03 18:48 . 2004-03-09 11:39 8,704 --a------ C:\WINDOWS\system32\vidccleaner.exe
2008-02-03 18:47 . 2008-02-03 18:47 <REP> d-------- C:\Documents and Settings\suzy.AL\Application Data\InstallShield
2008-02-03 18:47 . 1998-07-09 20:41 217,088 --a------ C:\WINDOWS\system32\skjpeg40.dll
2008-02-03 18:47 . 1998-03-04 11:40 83,968 --a------ C:\WINDOWS\system32\Skbase40.dll
2008-01-18 17:39 . 2008-01-18 17:39 <REP> d-------- C:\Program Files\Wireless 802.11g Monitor
2008-01-18 17:39 . 2006-11-02 17:12 351,232 --a------ C:\WINDOWS\system32\rt73u98.sys
2008-01-18 17:39 . 2008-01-18 17:39 21,419 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2008-01-18 17:27 . 2008-01-18 17:27 <REP> d-------- C:\Program Files\Alice SSID
2008-01-18 17:26 . 2006-11-02 17:12 348,416 --a------ C:\WINDOWS\system32\drivers\rt73.sys
2008-01-18 17:26 . 2003-10-14 06:30 94,208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-01-18 17:26 . 2003-09-26 14:28 31,930 --a------ C:\WINDOWS\system32\GTNDIS3.VXD
2008-01-18 17:26 . 2003-09-26 13:15 15,872 --a------ C:\WINDOWS\system32\GTNDIS5.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 20:17 --------- d-----w C:\Program Files\Java
2008-02-17 20:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-15 16:55 --------- d-----w C:\Program Files\Samsung
2008-02-15 16:42 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-02-15 16:37 --------- d-----w C:\Program Files\LimeWire
2008-02-11 17:56 --------- d-----w C:\Documents and Settings\suzy.AL\Application Data\LimeWire
2008-02-10 15:18 --------- d-----w C:\Program Files\Norton Security Scan
2008-02-10 15:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-10 15:03 --------- d-----w C:\Program Files\ANI
2008-02-10 09:33 --------- d-----w C:\Program Files\Zylom Games
2008-02-09 22:08 21,936 ----a-w C:\Documents and Settings\suzy.AL\Application Data\GDIPFONTCACHEV1.DAT
2008-02-08 20:15 --------- d-----w C:\Program Files\Yahoo!
2008-01-16 20:14 --------- d-----w C:\Program Files\DivX
2008-01-14 13:27 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-11 16:18 --------- d-----w C:\Program Files\Alice
2007-09-19 21:22 164 ----a-w C:\Documents and Settings\suzy.AL\Regtemp.reg
2006-02-09 17:20 17,144 ----a-w C:\Documents and Settings\suzy\Application Data\GDIPFONTCACHEV1.DAT
2006-02-07 16:30 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B30B77-9699-47B4-B927-DA22C0627C5E}]
C:\WINDOWS\system32\tuvtq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f64a6c13-724f-421a-870c-0328aa432c81}]
C:\WINDOWS\system32\ppbwlfbo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC1437ED-CCAF-4616-98F8-3EE834971251}]
C:\WINDOWS\system32\xxyyv.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RestoreDesktop"="C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"Anas"="C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" [ ]
"Zxnhni"="C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 08:11 1388544]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 11:41 860160]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-19 09:03 88209 C:\WINDOWS\AGRSMMSG.exe]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 15:04 1544192]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"LyraUpdates"="C:\Program Files\Thomson\Auto Updater\Auto Updater.exe" [2007-08-01 11:37 1703936]
"ymetray"="C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" [2006-10-03 19:04 6104568]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152]
"ugac"="C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"combofix"="C:\WINDOWS\system32\kmd.exe" [2004-08-19 17:09 400896]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 1 (0x1)
"NoLog"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"NoSMHelp"= 01000000
"NoInstrumentation"= 1 (0x1)
"NoLog"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
R2 R54G Wireless Service;R54G Wireless Service;C:\Program Files\Wireless 802.11g Monitor\WLService.exe [2004-03-30 07:08]
S3 Brndis;External USB Cable Modem;C:\WINDOWS\system32\DRIVERS\Brndis.sys [2004-02-06 05:44]
S3 PanelSvc;PanelSvc;"C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe" [2007-03-31 20:52]
S3 USB_NDIS_51;USB Ndis Cable Modem Network Device Driver;C:\WINDOWS\system32\DRIVERS\bcmndis.sys [2004-08-18 21:38]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-04 00:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95d78f20-66bd-11db-b0a7-003054c08fbe}]
\Shell\AutoRun\command - E:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8617770-06d1-11dc-b258-00179abee860}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-01-10 19:02:58 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-11 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe
"2008-02-08 14:01:06 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 19:06:35
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-18 19:11:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-18 18:11:19
ComboFix2.txt 2008-02-17 21:40:20
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.237 [GMT 1:00]
Endroit: C:\Documents and Settings\suzy.AL\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
.
2008-02-18 12:50 . 2008-02-18 12:50 <REP> d-------- C:\Program Files\Fichiers communs\SureThing Shared
2008-02-18 12:50 . 2006-10-03 18:21 157,352 --------- C:\WINDOWS\system32\pxwma.dll
2008-02-18 12:50 . 2006-10-03 18:21 114,856 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-02-17 21:45 . 2008-02-17 21:45 <REP> d-------- C:\_OTMoveIt
2008-02-17 21:17 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-17 21:14 . 2008-02-17 21:14 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-17 16:42 . 2008-02-17 18:08 <REP> d-------- C:\VundoFix Backups
2008-02-17 12:48 . 2008-02-17 12:48 849 --a------ C:\WINDOWS\system32\ZoneAlarmIconUS.ico
2008-02-17 12:48 . 2008-02-17 12:48 849 --a------ C:\WINDOWS\system32\ZoneAlarmIconUK.ico
2008-02-15 22:04 . 2008-02-17 17:20 <REP> d-------- C:\Program Files\Navilog1
2008-02-15 21:04 . 2008-02-15 21:04 1,241,357 ---hs---- C:\WINDOWS\system32\esmypdhb.tmp
2008-02-15 19:55 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-15 19:55 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-15 19:55 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-15 19:55 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-15 19:54 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-15 19:54 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-15 19:53 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-15 19:53 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-15 18:11 . 2008-02-17 21:08 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-14 17:13 . 2008-02-14 17:13 1,241,195 ---hs---- C:\WINDOWS\system32\tpmfmxgo.tmp
2008-02-13 23:16 . 2008-02-13 23:16 <REP> d-------- C:\Program Files\Trend Micro
2008-02-13 21:34 . 2008-02-13 21:37 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-13 19:12 . 2008-02-13 19:12 <REP> d-------- C:\Documents and Settings\suzy.AL\Application Data\Grisoft
2008-02-13 19:10 . 2008-02-13 19:10 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-13 19:10 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 19:00 . 2008-02-13 19:01 <REP> d-------- C:\Program Files\CCleaner
2008-02-12 19:04 . 2008-02-12 19:04 1,235,041 ---hs---- C:\WINDOWS\system32\vswwhtin.tmp
2008-02-12 18:57 . 2008-02-12 18:57 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-02-11 19:41 . 2008-02-13 18:56 <REP> d-------- C:\Program Files\MalwareAlarm
2008-02-11 13:12 . 2008-02-11 21:07 1,220,369 ---hs---- C:\WINDOWS\system32\dqapucwh.ini
2008-02-10 21:26 . 2008-02-10 21:26 <REP> d-------- C:\Program Files\Fichiers communs\Nullsoft
2008-02-10 19:46 . 2008-02-10 19:46 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-10 19:45 . 2008-02-10 19:45 <REP> d-------- C:\WINDOWS\system32\Engines
2008-02-10 16:03 . 2005-10-19 18:19 1,327,189 --a------ C:\WINDOWS\system32\odSupp_M.dll
2008-02-10 16:03 . 2005-11-22 20:56 630,784 --a------ C:\WINDOWS\system32\ANIWZCS2.dll
2008-02-10 16:03 . 2005-11-22 20:55 237,568 --a------ C:\WINDOWS\system32\wlanapi.dll
2008-02-10 16:03 . 2005-10-19 18:19 204,800 --a------ C:\WINDOWS\system32\aIPH.dll
2008-02-10 16:03 . 2005-11-23 10:10 163,840 --a------ C:\WINDOWS\system32\WlanApp.dll
2008-02-10 16:03 . 2005-10-19 18:19 57,407 --a------ C:\WINDOWS\system32\ANICtl.dll
2008-02-10 16:03 . 2005-10-27 08:55 49,152 --a------ C:\WINDOWS\system32\JJAKEn.dll
2008-02-10 16:03 . 2005-10-19 18:19 49,152 --a------ C:\WINDOWS\system32\AQCKGen.dll
2008-02-08 21:17 . 2008-02-08 21:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-02-08 21:14 . 2008-02-08 21:14 <REP> d-------- C:\Program Files\illiminable
2008-02-08 21:13 . 2008-02-08 21:13 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\YAHOO
2008-02-08 21:08 . 2008-02-08 21:08 <REP> d-------- C:\Program Files\Thomson
2008-02-03 18:49 . 2008-02-03 18:49 <REP> d-------- C:\WINDOWS\Cache
2008-02-03 18:48 . 2006-11-01 15:54 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-02-03 18:48 . 2006-11-01 16:26 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-02-03 18:48 . 2004-03-09 11:39 8,704 --a------ C:\WINDOWS\system32\vidccleaner.exe
2008-02-03 18:47 . 2008-02-03 18:47 <REP> d-------- C:\Documents and Settings\suzy.AL\Application Data\InstallShield
2008-02-03 18:47 . 1998-07-09 20:41 217,088 --a------ C:\WINDOWS\system32\skjpeg40.dll
2008-02-03 18:47 . 1998-03-04 11:40 83,968 --a------ C:\WINDOWS\system32\Skbase40.dll
2008-01-18 17:39 . 2008-01-18 17:39 <REP> d-------- C:\Program Files\Wireless 802.11g Monitor
2008-01-18 17:39 . 2006-11-02 17:12 351,232 --a------ C:\WINDOWS\system32\rt73u98.sys
2008-01-18 17:39 . 2008-01-18 17:39 21,419 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2008-01-18 17:27 . 2008-01-18 17:27 <REP> d-------- C:\Program Files\Alice SSID
2008-01-18 17:26 . 2006-11-02 17:12 348,416 --a------ C:\WINDOWS\system32\drivers\rt73.sys
2008-01-18 17:26 . 2003-10-14 06:30 94,208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-01-18 17:26 . 2003-09-26 14:28 31,930 --a------ C:\WINDOWS\system32\GTNDIS3.VXD
2008-01-18 17:26 . 2003-09-26 13:15 15,872 --a------ C:\WINDOWS\system32\GTNDIS5.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 20:17 --------- d-----w C:\Program Files\Java
2008-02-17 20:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-15 16:55 --------- d-----w C:\Program Files\Samsung
2008-02-15 16:42 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-02-15 16:37 --------- d-----w C:\Program Files\LimeWire
2008-02-11 17:56 --------- d-----w C:\Documents and Settings\suzy.AL\Application Data\LimeWire
2008-02-10 15:18 --------- d-----w C:\Program Files\Norton Security Scan
2008-02-10 15:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-10 15:03 --------- d-----w C:\Program Files\ANI
2008-02-10 09:33 --------- d-----w C:\Program Files\Zylom Games
2008-02-09 22:08 21,936 ----a-w C:\Documents and Settings\suzy.AL\Application Data\GDIPFONTCACHEV1.DAT
2008-02-08 20:15 --------- d-----w C:\Program Files\Yahoo!
2008-01-16 20:14 --------- d-----w C:\Program Files\DivX
2008-01-14 13:27 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-11 16:18 --------- d-----w C:\Program Files\Alice
2007-09-19 21:22 164 ----a-w C:\Documents and Settings\suzy.AL\Regtemp.reg
2006-02-09 17:20 17,144 ----a-w C:\Documents and Settings\suzy\Application Data\GDIPFONTCACHEV1.DAT
2006-02-07 16:30 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B30B77-9699-47B4-B927-DA22C0627C5E}]
C:\WINDOWS\system32\tuvtq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f64a6c13-724f-421a-870c-0328aa432c81}]
C:\WINDOWS\system32\ppbwlfbo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC1437ED-CCAF-4616-98F8-3EE834971251}]
C:\WINDOWS\system32\xxyyv.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RestoreDesktop"="C:\WINDOWS\System32\Ext\Restoredesktop\RestoreDesktop.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"Anas"="C:\DOCUME~1\suzy.AL\APPLIC~1\CROSOF~1.NET\wuauboot.exe" [ ]
"Zxnhni"="C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 08:11 1388544]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 11:41 860160]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-19 09:03 88209 C:\WINDOWS\AGRSMMSG.exe]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 15:04 1544192]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"LyraUpdates"="C:\Program Files\Thomson\Auto Updater\Auto Updater.exe" [2007-08-01 11:37 1703936]
"ymetray"="C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" [2006-10-03 19:04 6104568]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152]
"ugac"="C:\PROGRA~1\FICHIE~1\AVSYST~1\ugac.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"combofix"="C:\WINDOWS\system32\kmd.exe" [2004-08-19 17:09 400896]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 1 (0x1)
"NoLog"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"NoSMHelp"= 01000000
"NoInstrumentation"= 1 (0x1)
"NoLog"= 1 (0x1)
"NoStrCmpLogical"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
R2 R54G Wireless Service;R54G Wireless Service;C:\Program Files\Wireless 802.11g Monitor\WLService.exe [2004-03-30 07:08]
S3 Brndis;External USB Cable Modem;C:\WINDOWS\system32\DRIVERS\Brndis.sys [2004-02-06 05:44]
S3 PanelSvc;PanelSvc;"C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe" [2007-03-31 20:52]
S3 USB_NDIS_51;USB Ndis Cable Modem Network Device Driver;C:\WINDOWS\system32\DRIVERS\bcmndis.sys [2004-08-18 21:38]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-04 00:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95d78f20-66bd-11db-b0a7-003054c08fbe}]
\Shell\AutoRun\command - E:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8617770-06d1-11dc-b258-00179abee860}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-01-10 19:02:58 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-11 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe
"2008-02-08 14:01:06 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 19:06:35
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Desktop Search\WindowsSearchFilter.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-18 19:11:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-18 18:11:19
ComboFix2.txt 2008-02-17 21:40:20
Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )
File::
C:\WINDOWS\system32\tuvtq.dll
C:\WINDOWS\system32\ppbwlfbo.dll
C:\WINDOWS\system32\xxyyv.dll
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
Folder::
C:\Program Files\MalwareAlarm
C:\Program Files\Spyware Doctor
Registry::
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B30B77-9699-47B4-B927-DA22C0627C5E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f64a6c13-724f-421a-870c-0328aa432c81}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC1437ED-CCAF-4616-98F8-3EE834971251}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zxnhni"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=-
Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
****************************************************
1)Va dans ' poste de travail ' > ' Outil ' > ' Options des dossiers ' > Onglet ' Affichage '
2)Active le bouton ' Afficher les fichiers et dossiers cachés '
3)Décoche ' Masquer les fichiers protégés du systeme d'exploitation ( recommandé ) '
4)Décoche ' Masquer les extensions dont le type est connu '
5)Va sur ce site --> https://www.virustotal.com/gui/
Clique sur ' parcourir '
Cherche ce fichier :
C:\WINDOWS\system32\esmypdhb.tmp ( en gras )
Clique sur ' send '
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
-> Poste le moi stp.
*************
Puis va sur ce site : http://virusscan.jotti.org/de/
Et fait analyser le même fichier -> poste le rapport.
Recommence l'analyse avec :
C:\WINDOWS\system32\tpmfmxgo.tmp
****
Total :
Rapport Combofix + rapport Virustotal + Virusscan ( pour esmypdhb.tmp ) puis pour tpmfmxgo.tmp.
5 rapports.
A+
Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )
File::
C:\WINDOWS\system32\tuvtq.dll
C:\WINDOWS\system32\ppbwlfbo.dll
C:\WINDOWS\system32\xxyyv.dll
C:\Documents and Settings\suzy.AL\Application Data\??sembly\?xplorer.exe
Folder::
C:\Program Files\MalwareAlarm
C:\Program Files\Spyware Doctor
Registry::
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B2B30B77-9699-47B4-B927-DA22C0627C5E}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f64a6c13-724f-421a-870c-0328aa432c81}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC1437ED-CCAF-4616-98F8-3EE834971251}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zxnhni"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=-
Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
http://serveur1.archive-host.com/membres/up/1366464061/CFScript.gif
Cela va relancer Combofix,
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
****************************************************
1)Va dans ' poste de travail ' > ' Outil ' > ' Options des dossiers ' > Onglet ' Affichage '
2)Active le bouton ' Afficher les fichiers et dossiers cachés '
3)Décoche ' Masquer les fichiers protégés du systeme d'exploitation ( recommandé ) '
4)Décoche ' Masquer les extensions dont le type est connu '
5)Va sur ce site --> https://www.virustotal.com/gui/
Clique sur ' parcourir '
Cherche ce fichier :
C:\WINDOWS\system32\esmypdhb.tmp ( en gras )
Clique sur ' send '
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
-> Poste le moi stp.
*************
Puis va sur ce site : http://virusscan.jotti.org/de/
Et fait analyser le même fichier -> poste le rapport.
Recommence l'analyse avec :
C:\WINDOWS\system32\tpmfmxgo.tmp
****
Total :
Rapport Combofix + rapport Virustotal + Virusscan ( pour esmypdhb.tmp ) puis pour tpmfmxgo.tmp.
5 rapports.
A+
NOTEPAD NE VEUT PAS s'ouvrir...
petite question j'essaie d'ouvrir un site ou je peux habituellement regarder une chaine, mais impossible de visionner la vidéo depuis kke jours est ce ke tu c pourkoi??
petite question j'essaie d'ouvrir un site ou je peux habituellement regarder une chaine, mais impossible de visionner la vidéo depuis kke jours est ce ke tu c pourkoi??
NOTEPAD NE VEUT PAS s'ouvrir...
petite question j'essaie d'ouvrir un site ou je peux habituellement regarder une chaine, mais impossible de visionner la vidéo depuis kke jours est ce ke tu c pourkoi??
petite question j'essaie d'ouvrir un site ou je peux habituellement regarder une chaine, mais impossible de visionner la vidéo depuis kke jours est ce ke tu c pourkoi??
Re , non je sais pas on verra si c'est lié à l'infection.
C'est à dire notepad veut pas s'ouvrir ?
A+
C'est à dire notepad veut pas s'ouvrir ?
A+
Re , j'ai comprit pourquoi ...
...combofix l'a supprimé (ou du moins des parties ) ! je comprend pas pourquoi =/
Je demande de l'aide
Je re
a+
...combofix l'a supprimé (ou du moins des parties ) ! je comprend pas pourquoi =/
Je demande de l'aide
Je re
a+
Re ,
Télécharge metapad ,
Puis renomme-le en ' notepad(.exe) '
Ecrit un texte , n'importe quoi > sauvegarde.
Quel est le format ? .txt ? ( clique droit sur le fichier > propriété )
a+
Télécharge metapad ,
Puis renomme-le en ' notepad(.exe) '
Ecrit un texte , n'importe quoi > sauvegarde.
Quel est le format ? .txt ? ( clique droit sur le fichier > propriété )
a+