TA TOF FAIT KOI SUR CE SITE?

DIDO -  
 Utilisateur anonyme -
Bonjour tout le monde!
svp aidez moi..mon ordinateur est infecté par le virus "ta tof fait koi sur ce site?",il n'arrete pas d'envoyer des msg a tous mes contacts msn en ligne.merci.
voici mon rapport avec HijackThis v2.02:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:25:20, on 05/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nutsrv4.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\17PHolmes1423.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {930E4DE1-973D-42D6-BF6E-6788E06BD003} - (no file)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\bin\ncoeenv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\MOUCHF~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Mouch Fatma\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NuTCRACKER Service (NuTCRACKERService) - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

--
End of file - 9177 bytes
Configuration: Windows XP
Firefox 2.0.0.12

8 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Pour suivre

    Là, je me marre ;;))

    2
  2. Utilisateur anonyme
     
    bonsoir

    commence par ça apres on verra :

    Télécharge MSNFix.zip (de !aur3n7) sur ton bureau:
    http://sosvirus.changelog.fr/MSNFix.zip

    Décompresse-le (clic droit >> Extraire ici) et place les fichiers dans C:\MSNFix (très important).

    Double cliquer sur le fichier MSNFix.bat.
    - Exécutez l'option R.
    -- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage

    Note :
    Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal

    - Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt

    poste le rapport stp

    bises
    0
  3. LEVGHEL
     
    slt,

    ta tof fait koi sur ce site?
    ta touffe fait quoi sur ce site.
    ta touffe m'etouffe.

    t'es sérieux là ?
    0
    1. Utilisateur anonyme
       
      Pour ta gouverne il s'agit d'un virus msn tout betement!

      bises
      0
  4. DIDO
     
    salut,je l'ai téléchargé,et g fait extraire (dans bureau)puis g glisser le dossier MSNFix dans C:
    ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore.
    0
    1. Utilisateur anonyme
       
      bonjour

      tu fais clic droit, extraire vers

      bises
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. DIDO
     
    salut,je l'ai téléchargé,et g fait extraire (dans bureau)puis g glisser le dossier MSNFix dans C:
    ensuite g executé le fichier se trouvant ds ce dossier.ya V un message d'erreur,aparament je n'ai pas decompressé le fichier.comment faire pour le decompressé?merci encore
    0
  7. Utilisateur anonyme
     
    tu te trouve avec 1 truc en haut "extraire vers? normalement
    oui? ou non?
    0
  8. DIDO
     
    oui,et g fait vers bureau
    0
    1. Utilisateur anonyme
       
      ok alors va sur ton bureau et go!
      0
  9. DIDO
     
    ok,ca y est,g glissé le ficher du dossier obtenu dans c: ensuite losrque g fait ouvrir,je recoi le meme msg d'erreur(ms-dos est desactivé mais j n c pa comment l'activer),alors g clické sur "modifer" et g recu ce msg dans un ficher txt :
    @echo off
    rem Thanks for translation help / Merci pour l'aide apportée à la traduction

    rem ÁcÅ餤¤å ... Credits ...¥§§J² nickjian@taiwan
    rem Dutch ... Credits ...Luuk Bom
    rem English ... Credits ...Jintan
    rem Deutsch ... Credits ...Ruby
    rem Italiano ... Credits ...LadyHawke
    rem Svenska ... Credits ...Jonatan
    rem Turkce ... Credits ...Alvin
    rem Español ... Credits ...Christian D
    rem Dane ... Credits ...?
    rem ............................................................incl............................................................
    rem ..............................................................................................................................
    rem ...........................................................Process.exe
    rem Process.exe by Craig.Peacock (http://www.beyondlogic.org)
    rem ........................................................... swreg.exe
    rem SteelWerX Registry Console Tool 2.0 (https://fstaal01.home.xs4all.nl/
    rem Written by Bobbi Flekman 2006 (C)
    rem ........................................................... zip.exe
    rem http://infozip.sourceforge.net/
    rem ........................................................... msnchk.exe
    rem Malware Analysis & Diagnostic (http://secubox.aldria.com)
    rem ..............................................................................................................................
    rem ............................................................incl............................................................

    title MSNFix
    cd %~dp0
    set winsys=%windir%\system32
    incl\process.exe -k Strad.exe >NUL
    incl\process.exe -k Zser.exe >NUL
    incl\process.exe -k Xeyu.exe >NUL
    incl\process.exe -k Xsfr.exe >NUL
    incl\process.exe -k Cfreer.exe >NUL
    incl\process.exe -k Nzil.exe >NUL
    incl\process.exe -k Negdo.exe >NUL
    incl\process.exe -k Juegs.exe >NUL
    incl\process.exe -k Ttt.exe >NUL
    incl\process.exe -k Avconsol.exe >NUL
    incl\process.exe -k Zap.exe >NUL
    incl\process.exe -k Hide32.exe >NUL
    incl\process.exe -k avp.exe >NUL
    incl\process.exe -k mgrs.exe >NUL
    incl\process.exe -k Icon010.exe >NUL
    incl\process.exe -k IEXPLORER.exe >NUL
    incl\process.exe -k IEXPLORE.exe >NUL
    incl\process.exe -k nvscvse.exe >NUL
    incl\process.exe -k te32.exe >NUL
    incl\process.exe -k FF.exe >NUL
    incl\process.exe -k mssq.exe >NUL
    incl\process.exe -k %temp%\*.exe >NUL
    incl\process.exe -k %userprofile%\*.exe >NUL
    incl\process.exe -k syst.exe >NUL
    incl\process.exe -k Mwsx.exe >NUL
    incl\process.exe -k server.exe >NUL
    incl\process.exe -k serverivy.exe >NUL
    incl\process.exe -k %Temp%\svchost.exe >NUL
    incl\process.exe -k %temp%\services.exe >NUL
    incl\process.exe -k %temp%\direct3d.exe >NUL
    incl\process.exe -k msnworm.exe >NUL
    incl\process.exe -k oddysee.exe >NUL
    incl\process.exe -k tsorfib.exe >NUL
    incl\process.exe -k BRISA.exe >NUL
    incl\process.exe -k orgut.scr >NUL
    incl\process.exe -k korn.scr >NUL
    incl\process.exe -k directxd.exe >NUL
    incl\process.exe -k dwwin.exe >NUL
    incl\process.exe -k drwtsn32.exe >NUL
    incl\process.exe -k win.scr >NUL
    incl\process.exe -k winfp.exe >NUL
    incl\process.exe -k svhostt32.exe >NUL
    incl\process.exe -k WormList.exe >NUL
    incl\process.exe -k Windows32.exe >NUL
    incl\process.exe -k msnmsnr.scr >NUL
    incl\process.exe -k bsyys.scr >NUL
    incl\process.exe -k svhost.exe >NUL
    incl\process.exe -k spoolms.exe >NUL
    incl\process.exe -k wlivemsgs.exe >NUL
    incl\process.exe -k mrofinu1148.exe >NUL
    incl\process.exe -k MsnMsgr.Exe >NUL
    incl\process.exe -k Dot1XCfg.exe >NUL
    incl\process.exe -k usnsvc.exe >NUL
    incl\process.exe -k 7PHolmes1148.exe >NUL
    incl\process.exe -k wnbsvc.exe >NUL
    incl\process.exe -k %winsys%\vservice32.exe >NUL
    incl\process.exe -k %Temp%\winlogon.exe >NUL
    incl\process.exe -k %Temp%\*.exe >NUL

    set fix=MSNFix
    set vers=1.676

    rem ******************************************************** part 2 **************************************************************

    set contact=contact@changelog.fr
    set urlupload=http://upload.changelog.fr

    VER|find "Windows 95">NUL
    IF NOT ERRORLEVEL 1 set verwin=9x
    VER|find "Windows 98">NUL
    IF NOT ERRORLEVEL 1 set verwin=9x
    VER|find "Windows Millennium">NUL
    IF NOT ERRORLEVEL 1 set verwin=9x
    ver|find "Windows XP">nul
    IF NOT ERRORLEVEL 1 set verwin=NT
    ver|find "Windows 2000">nul
    IF NOT ERRORLEVEL 1 set verwin=NT
    if %OS%==Windows_NT set verwin=NT

    if not exist incl\MD5File.exe goto erroruse
    if not exist incl\swreg.exe goto erroruse
    if not exist incl\Process.exe goto erroruse
    if not exist incl\zip.exe goto erroruse
    if not exist incl\banker.reg goto erroruse

    goto :testlang

    :erroruse

    color 1F
    TITLE %fix% - erreur
    cls
    echo.
    echo.
    echo %fix% %vers%
    echo.
    echo Error ... Error .... Error .... Error
    echo.
    echo.
    if not exist "%userprofile%\Bureau" (
    echo Please Unzip MSNFix.zip
    echo in recommended location %systemdrive%\MSNFix
    echo before beginning
    )
    echo.
    if exist "%userprofile%\Bureau" (
    echo SVP Veuillez decompresser MSNFix.zip avant de commencer
    echo il est recommende de le placer dans le dossier %systemdrive%\MSNFix
    )
    echo.
    echo. ------------------------------------------------------------------------
    echo. %auteur% Contact: %contact%
    echo. ------------------------------------------------------------------------
    echo.
    echo %touchquitt%
    pause >nul
    goto fin

    :testlang
    if exist "%userprofile%\Bureau" goto fran
    goto langue

    :langue
    TITLE %fix% - Language
    color 1F
    cls
    echo %fix% %vers%
    echo.
    echo Choose language
    echo.
    echo.
    echo A. ÁcÅ餤¤å
    echo B. Dane
    echo C. Espa¤ol
    echo D. Dutch
    echo E. English
    echo F. Francais
    echo G. Deutsch
    echo I. Italiano
    echo S. Svenska
    echo T. Turkce
    echo P. Portugues (Brasil)
    echo.
    echo.
    echo.
    echo If you want translate in other language, please contact me
    echo contact@changelog.fr
    echo.
    echo.
    set menu=''
    set /p menu=%sChoice% Choose your language and press enter
    if "%menu%"=="f" goto fran
    if "%menu%"=="F" goto fran
    if "%menu%"=="e" goto eng
    if "%menu%"=="E" goto eng
    if "%menu%"=="i" goto itali
    if "%menu%"=="I" goto itali
    if "%menu%"=="d" goto dutch
    if "%menu%"=="D" goto dutch
    if "%menu%"=="t" goto turkce
    if "%menu%"=="T" goto turkce
    if "%menu%"=="A" goto chinese
    if "%menu%"=="a" goto chinese
    if "%menu%"=="s" goto swe
    if "%menu%"=="S" goto swe
    if "%menu%"=="g" goto german
    if "%menu%"=="G" goto german
    if "%menu%"=="b" goto danish
    if "%menu%"=="B" goto danish
    if "%menu%"=="c" goto spa
    if "%menu%"=="C" goto spa
    if "%menu%"=="P" goto port
    if "%menu%"=="p" goto port
    goto langue

    :fran
    set chx=Choisissez une action:
    set forcnetreg=Nettoyer le registre et quitter
    set prenet= Pressez une touche pour lancer le nettoyage
    set rech=Rechercher
    set quitt=Quitter
    set avert=L'utilisation se fait … vos risques et p‚rils.
    set scandate=Fix exécuté le
    set mse=mode sans échec
    set nommode=mode normal
    set chfichpres=Recherche les fichiers présents
    set nofich=Aucun Fichier trouvé
    set chdospres=Recherche les dossiers présents
    set nodoss=Aucun dossier trouvé
    set infepres=Infection Pr‚sente
    set nett=Nettoyage en cours
    set aff=Afficher le rapport et Quitter
    set infnopres=Infection Absente
    set infnodetect=L'infection n'a pas ‚t‚ d‚tect‚e
    set fichaprrede=Les fichiers encore présents seront supprimés au prochain redémarrage
    set suppfich=Suppression des fichiers
    set suppdoss=Suppression des dossiers
    set netreg=Nettoyage du registre
    set suspectfile=Fichiers suspects
    set netpref=Nettoyage du dossier
    set execdans=Executable dans le dossier
    set avertcursor=ces fichiers nécessitent un avis expérimenté avant toute intervention
    set infosauv=Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier
    set verwinnosupp=Version de Windows non prise en charge
    set signalhel=Veuillez le signaler … la personne vous ayant propos‚ ce fix
    set touchquitt=Appuyez sur une touche pour quitter
    set fichdossencpres=Des fichiers sont encore pr‚sents
    set redemfin=Veuillez Red‚marrer votre ordinateur pour terminer le nettoyage
    set auteur=Auteur : !aur3n7
    set upload=SVP merci d'envoyer le fichier
    set upload2=sur %urlupload%
    goto crea

    :spa
    set chx=Elija una acci¢n:
    set prenet=Pulse cualquier tecla para empezar la limpieza
    set forcnetreg=Limpiar el registro y cerrar
    set rech=Buscar
    set quitt=Salir
    set avert=Usa esta herramienta bajo tu propio riesgo.
    set scandate=Escaneo finalizado el
    set mse=Modo Seguro
    set nommode=Modo Normal
    set chfichpres=Comprobando Archivos
    set nofich=No se ha encontrado ningún archivo
    set chdospres=Comprobando carpetas
    set nodoss=No se ha encontrado ninguna carpeta
    set infepres=Programa malintencionado encontrado
    set nett=Limpieza en progreso
    set aff=Ver archivo log y cerrar
    set infnopres=No encontrado
    set infnodetect=No se ha encontrado ningún programa malintencionado
    set fichaprrede=Algunos archivos se borrarán despues de reiniciar en el modo normal
    set suppfich=Borrando archivos del programa malintencionado
    set suppdoss=Borrando carpetas del programa malintencionado
    set netreg=Limpiando el registro
    set suspectfile=Archivos Sospechosos
    set netpref=Limpiando Carpetas
    set execdans=Se han encontrado archivos ejecutables en la carpeta
    set avertcursor=Los archivos detectados deberían ser posteados en foros especializados antes de que los cambios se puedan hacer
    set infosauv=Los archivos borrados y las modificaciones del registro se han guardado en el archivo
    set verwinnosupp=No soporta esta versión de Windows
    set signalhel=Por favor informa de esto a la persona que te sugirió esta herramienta
    set touchquitt=Pulsa cualquier tecla para salir
    set fichdossencpres=Algunos archivos aún son detectados
    set redemfin=Por favor reinicia tu sistema en el modo normal para finalizar la limpieza
    set auteur=Autor : !aur3n7
    set upload=Por favor sube el archivo
    set upload2= a %urlupload%
    goto crea

    :danish
    set chx= Vælg en funktion :
    set prenet= Tryk på en vilkårlig knap for at starte rengøringen
    set forcnetreg= Tøm registeret og luk
    set rech= Søg
    set quitt= Exit
    set avert= Brug af dette værktøj er på eget ansvar
    set scandate= Scannet den
    set mse= Sikker tilstand
    set nommode= normal tilstand
    set chfichpres= Checker filer
    set nofich= Ingen filer fundet
    set chdospres= Checker Mapper
    set nodoss= Ingen Mapper fundet
    set infepres= Malware Fundet
    set nett= Rengøring igang
    set aff= Vis logfil og luk
    set infnopres= Ikke fundet
    set infnodetect= Malware ikke fundet
    set fichaprrede= Andre filer vil blive slettet efter genstart i normal tilstand
    set suppfich= Sletter malware filer
    set suppdoss= Sletter malware mapper
    set netreg= Register rengøring
    set suspectfile= Mistænkelige filer
    set netpref= Mappe rengøring
    set execdans= .exe filer fundet i mappe
    set avertcursor= De fundne filer skal kontrolleres af en hjælper før andre handlinger udføres
    set infosauv= De slettede Filer og Register er blevet gemt i
    set verwinnosupp= Understøtter ikke denne Version af Windows
    set signalhel= Informer det venligst til personen der foreslog dette værktøj til dig.
    set touchquitt= Tryk på en vilkårlig knap for at lukke
    set fichdossencpres= Filer stadig opdaget
    set redemfin= Genstart venligst systemet i normal tilstand for at gøre rengøringen færdig
    set auteur= Lavet af : !aur3n7
    set upload= Upload venligst filen
    set upload2= på http://upload.changelog.fr
    goto crea

    :german
    set chx=Wähle eine Tätigkeit !
    set prenet= Drücke auf irgendeine Taste, um die Reinigung zu beginnen
    set forcnetreg=reinige die Registrierung und verlasse sie
    set rech=Suche
    set quitt= Exit
    set avert=verwende dieses Programm auf eigenes Risiko
    set scandate=Scan ausgeführt
    set mse=abgesicherter Modus
    set nommode=normaler Modus
    set chfichpres=Datei Prüfung
    set nofich=Keine Dateien gefunden
    set chdospres=Verzeichnis Kontrolle
    set nodoss=keine Verzeichnisse gefunden
    set infepres=gefundene Malware
    set nett=Reinigung läuft
    set aff=Schau dir das Logfile an und exit
    set infnopres=nicht gefunden
    set infnodetect=Malware nicht gefunden
    set fichaprrede=die anderen Dateien werden gelöscht, wenn der Rechner in den normalen Modus gestartet wird
    set suppfich=die Malware Dateien werden gelöscht
    set suppdoss=die Malware Verzeichnisse werden gelöscht
    set netreg=Reinigung der Registrierung
    set suspectfile=Verdächtige Dateien
    set netpref=Reinigung der Verzeichnisse
    set execdans=*.exe Dateien gefunden, im Ordner
    set avertcursor=Die angegebenen Dateien müssen von einem Forums Mitarbeiter kontrolliert werden, bevor Änderungen durchgenommen werden dürfen.
    set infosauv=Die gelöschten Dateien und Registrierungseinträge wurden gespeichert in
    set verwinnosupp=unterstützt diese Version von Windows nicht
    set signalhel=Bitte informiere den Helfer, der dir dieses Tool empfohlen hat.
    set touchquitt=Drücke auf irgendeine Taste zum exit
    set fichdossencpres=Es werden noch Dateien entdeckt
    set redemfin=starte deinen Rechner in den normalen Modus, um die Reinigung zu beenden
    set auteur=Hersteller : !aur3n7
    set upload=Lade bitte die Datei hoch
    set upload2= zu %urlupload%
    goto crea

    :swe
    set chx=Valj funktion :
    set prenet=Tryck valfri knapp for att borja sokningen
    set forcnetreg=Rensa datorn och Avsluta
    set rech=Ta bort
    set quitt=Avsluta
    set avert=Anvand pa egen risk.
    set scandate=Sokningen var klar pa
    set mse=Felsakert lage
    set nommode=normalt lage
    set chfichpres=Kollar filer
    set nofich=Inga Filer Funna
    set chdospres=Kollar mappar
    set nodoss=Inga Mappar Funna
    set infepres=Virus Hittat
    set nett=Tar bort virus
    set aff=Granska loggen och Avsluta
    set infnopres=Kunde inte hitta nagot
    set infnodetect=Kunde inte hitta nagot virus
    set fichaprrede=Resten av filerna tas bort efter omstart
    set suppfich=Tar bort virus filer
    set suppdoss=Tar bort virus mappar
    set netreg=Rensar registret
    set suspectfile=Misstankta Filer
    set netpref=Rensar Mappar
    set execdans=.exe Filer funna i mappen
    set avertcursor=Dem funna filerna maste kontrolleras innan borttagning
    set infosauv=Filerna och Registernycklarna har sparats i karantan
    set verwinnosupp=Programmet fungerar ej med denna Windowsversion
    set signalhel=Var snall och tala om det for personen du fick detta program av
    set touchquitt=Tryck pa valfri knapp for att Avsluta
    set fichdossencpres=Filer hittas fortfarande
    set redemfin=Var snall och starta om datorn for att ta bort rester av viruset.
    set auteur=Gjord av : !aur3n7
    set upload=Var snall och ladda upp filen
    set upload2= on %urlupload%
    goto crea

    :turkce
    set chx=Bir islem Secin :
    set prenet=Temizlemeye baslamak icin herhangi bir tusa basin
    set forcnetreg=Registry yi temizle ve cik
    set rech=Dosyalari Ara ve Temizle
    set quitt=Cikis
    set avert=Bu programi kullanmak kendi insiyatifinizdedir.
    set scandate=Temizleme tamamlandý
    set mse=Güvenli mod
    set nommode=Normal mode
    set chfichpres=Dosyalar araniyor
    set nofich=Dosya bulunamadi
    set chdospres=Dizin kontrol ediliyor
    set nodoss=Dizin bulunamadi
    set infepres=Virus bulundu
    set nett=Temizleniyor
    set aff=Sonuclara bak ve cik
    set infnopres=Bulunamadi
    set infnodetect=Virus bulunamadi
    set fichaprrede=Diger dosyalar bilgisayar yeniden basladiktan sonra silinecek.
    set suppfich=Virus dosyalari siliniyor
    set suppdoss=Virus dizinleri siliniyor
    set netreg=Kayit defteri temizleniyor
    set suspectfile=Supheli dosyalar
    set netpref=Dizin temizleniyor
    set execdans=.exe dosyalari bulundu. Dizin :
    set avertcursor=Bulunanan dosyalar kontrol edilmeli
    set infosauv=Dosyalar ve Kayýt duzenleyicinde silinen kayitlar asagidaki dizine kaydedildi
    set verwinnosupp=Bu Windows versiyonu desteklenmiyor
    set signalhel=Bu programi arkadaslariniza da önerin
    set touchquitt=Cikmak icin bir tusa basin
    set fichdossencpres=Viruslu dosyalar halen var
    set redemfin=Lutfen temizlemeyi bitirmek icin bilgisayarinizi yeniden baslatin
    set auteur=Autor : !aur3n7
    set upload=Lutfen dosyayi upload edin
    set upload2= on %urlupload%
    goto crea

    :Eng
    set chx=Choose an action :
    set prenet=Press any key to start cleaning
    set forcnetreg=Clean the registry and quit
    set rech=Search
    set quitt=Exit
    set avert=Use this tool at your own risk.
    set scandate=Scan done at
    set mse=Safe mode
    set nommode=normal mode
    set chfichpres=Checking Files
    set nofich=No files found
    set chdospres=Checking Folders
    set nodoss=No Folders Found
    set infepres=Malware Found
    set nett=Cleaning in progress
    set aff=View logfile and Exit
    set infnopres=Not found
    set infnodetect=Malware Not found
    set fichaprrede=Others Files will be deleted after a reboot to normal mode
    set suppfich=Deleting malware Files
    set suppdoss=Deleting malware Folders
    set netreg=Registry Cleaning
    set suspectfile=Suspect Files
    set netpref=Folder Cleaning
    set execdans=.exe Files found in folder
    set avertcursor=The detected files must be reviewed by a forum Helper before changes can be made
    set infosauv=The File and Registry deletions have been saved in
    set verwinnosupp=Doesn't support this Windows Version
    set signalhel=Please tell this to the Helper who suggested this tool
    set touchquitt=Press any key to Exit
    set fichdossencpres=Files are still detected
    set redemfin=Please reboot your system to normal mode to finish cleaning
    set auteur=Author : !aur3n7
    set upload=Please upload the file
    set upload2= to %urlupload%
    goto crea

    :dutch
    set chx=Kies een actie:
    set prenet=Druk op een toets om het opschonen te starten
    set forcnetreg=Schoon het register op en sluit af
    set rech=Zoek
    set quitt=Afsluiten
    set avert=Gebruik van dit programma is voor eigen risico
    set scandate=Scan voltooid op
    set mse=Veilige modus
    set nommode=Normale modus
    set chfichpres=Controleren van bestanden
    set nofich=Geen bestanden gevonden
    set chdospres=Controleren van mappen
    set nodoss=Geen map gevonden
    set infepres=Malware gevonden
    set nett=Bezig met opschonen
    set aff=Bekijk logbestand en sluit af
    set infnopres=Niet gevonden
    set infnodetect=Malware niet gevonden
    set fichaprrede=De resterende bestanden zullen worden verwijderd na
    set herstarten in de normale modus
    set suppfich=Verwijderen van malware bestanden
    set suppdoss=Verwijderen van malware map
    set netreg=Register Opschonen
    set suspectfile=Verdachte bestanden
    set netpref=Map Opschonen
    set execdans=.exe-bestanden gevonden in map
    set avertcursor=De gevonden bestanden moeten gecontroleerd worden door een
    set helper voor er actie wordt ondernomen
    set infosauv=De verwijderde bestanden en registersleutels zijn opgeslagen in
    set verwinnosupp=Deze Windows-versie wordt niet ondersteund
    set signalhel=Geef het door aan de persoon die dit programma aan u
    set voorstelde
    set touchquitt=Druk op een toets om af te sluiten
    set fichdossencpres=Bestanden zijn nog steeds beschadigd
    set redemfin=Herstart alstublieft de pc in normale modus
    set auteur=Maker : !aur3n7
    set upload=Upload het bestand alstublieft
    set upload2=op http://upload.changelog.fr
    goto crea

    :itali
    set chx=Scegliere una azione:
    set forcnetreg=Ripulire il Registro e uscire
    set prenet= Premere un tasto per lanciare la rimozione
    set rech=Cercare
    set quitt=Uscire
    set avert=L'uso è fatto … vostro rischio e pericolo.
    set scandate=Fix effettuato il
    set mse=modalità sicura
    set nommode=modalità normale
    set chfichpres=Cercare i files presenti
    set nofich=Nessun files trovato
    set chdospres=Ricerca le cartelle presenti
    set nodoss=Nessuna cartella trovata
    set infepres=Infezione Presente
    set nett=Rimozione in corso
    set aff=Visualizzare il rapporto e uscire
    set infnopres=Infezione non presente
    set infnodetect=L'infezione non è stata trovata
    set fichaprrede=I files ancora presenti saranno eliminati al prossimo riavvio
    set suppfich=Eliminazione dei files
    set suppdoss=Eliminazione delle cartelle
    set netreg=Pulizia del Registro
    set suspectfile=Files sospetti
    set netpref=Pulizia delle cartelle
    set execdans=Eseguibili nelle cartelle
    set avertcursor=questi files necessitano di un parere esperto prima di qualsiasi intervento
    set infosauv=I files e le chiavi di registro eliminati sono stati salvati nel file
    set touchquitt=Premere un tasto per uscire
    set fichdossencpres=Alcuni files sono ancora presenti
    set redemfin=Riavviate il vostro computer per terminare la rimozione
    set auteur=Auteur : !aur3n7
    set upload=Vi saremo grati se vorrete inviare il file
    set upload2= su %urlupload%
    goto crea

    :chinese
    set chx=½Ð¿ï¾Ü°Ê§@ :
    set prenet=½Ð«ö¥ô·NÁä¶}©l§R°£¯f¬r
    set forcnetreg=²M°£µù¥UÀɤÎÂ÷¶}
    set rech=´M§ä
    set quitt=Â÷¶}
    set avert=·í±z¨Ï¥Î¦¹³nÅé®É±z¥²¶·©Ó¨ü¨ä©Ò±a¨Ó¥i¯àªº­·ÀI.
    set scandate=±½´yµ²§ô¦b
    set mse=¦w¥þ¼Ò¦¡
    set nommode=¤@¯ë¼Ò¦¡
    set chfichpres=ÀˬdÀÉ®×
    set nofich=¨S¦³µo²{¥ô¦óÀÉ®×
    set chdospres=Àˬd¥Ø¿ý
    set nodoss=¨S¦³µo²{¥ô¦ó¥Ø¿ý
    set infepres=µo²{´c©Ê³nÅé
    set nett=Àˬd¥¿¦b°õ¦æªº³nÅé
    set aff=Àˬd°O¿ýÀɤÎÂ÷¶}
    set infnopres=µLµo²{
    set infnodetect=µLµo²{´c©Ê³nÅé
    set fichaprrede=¨ä·í±z­«¶}¾÷¨Ã¥Ñ¤@¯ë¼Ò¦¡¶i¤J§@·~¡A¥LÀÉ®×±N³Q§R°£
    set suppfich=§R°£´c©ÊÀÉ®×
    set suppdoss=§R°£´c©Ê¥Ø¿ý
    set netreg=µù¥UÀɲM°£¤¤
    set suspectfile=·j´M¥i¯à¦³¯f¬rªºÀÉ®×
    set netpref=¥Ø¿ý²M°£¤¤
    set execdans=¦b¥Ø¿ý¤¤µo²{ .exe ÀÉ®×
    set avertcursor=¦b±z¨Ï¥Î¤U¦CÀɮפ§«e¥²¶·¨Ï¥Î¨ä¥L³nÅé¨Ó¨ó§U½T»{¡A
    set infosauv=³Q§R°£ªºÀɮפεù¥UÀɱNÀx¦s¦b
    set verwinnosupp=¤£¤ä´©³o­Ó Windows ª©¥»
    set signalhel=
    set touchquitt=«ö¥ô·NÁäÂ÷¶}
    set fichdossencpres=Àɮפ´µM³Q°»´ú¨ì
    set redemfin=½Ð­«·s¶}¾÷¨Ã¥Ñ¤@¯ë¶}¾÷µ{§Ç¨Ó§¹¦¨²M°£°Ê§@
    set auteur=Autor : !aur3n7
    set upload=½Ð¤W¶Ç¦¹ÀÉ
    set upload2= ¨ì %urlupload%
    goto crea

    :port
    set chx=Escolha uma opcao:
    set forcnetreg=Limpar o registro e sair
    set prenet= Pressionne uma tecla pra lancar a limpeza
    set rech=Procurar
    set quitt=Sair
    set avert=O uso feito e por sua conta e risco.
    set scandate=Fix lançado dia
    set mse=modo de segurança
    set nommode=modo normal
    set chfichpres=Procurando os arquivos presentes
    set nofich=Nenhum arquivo encontrado
    set chdospres=Procurando as pastas presentes
    set nodoss=Nenhuma pasta encontrada
    set infepres=Infeccao presente
    set nett=Limpando ...
    set aff=Exibir o relatorio
    set infnopres=Infeccao ausente
    set infnodetect=A infeccao não foi detectada
    set fichaprrede=Os arquivos ainda presentes serão apagado no proximo boot
    set suppfich=Apagando os arquivos
    set suppdoss=Apagando as pastas
    set netreg=Limpeza do registro
    set suspectfile=Arquivos suspeitos
    set netpref=Limpeza da pasta
    set execdans=Executaveis na pasta
    set avertcursor=Estes arquivos necessitam de uma opiniao de alguem competente antes de qualquer intervencao
    set infosauv=Os arquivos e as chaves do registro apagados foram salvos no arquivo
    set verwinnosupp=Versão do Windows não supportada
    set signalhel=Queira avisar a pessoa que lhe propos esse Fix
    set touchquitt=Pressionne uma tecla pra sair
    set fichdossencpres=Alguns arquivos continuam presentes
    set redemfin=Reinicie seu computador pra terminar a limpeza
    set auteur=Autor : !aur3n7
    set upload=Por favor não esqueça de mandar o arquivo
    set upload2=no %urlupload%
    goto crea

    :crea

    if "%verwin%"=="9x" goto noos

    :crea

    if "%verwin%"=="9x" goto noos

    rem SET "AppData=C:\DOCUME~1\sUBs\APPLIC~1"
    rem SET "Cookies=C:\DOCUME~1\sUBs\Cookies"
    rem SET "Desktop=C:\DOCUME~1\sUBs\Desktop"
    rem SET "Favorites=C:\DOCUME~1\sUBs\FAVORI~1"
    rem SET "NetHood=C:\DOCUME~1\sUBs\NetHood"
    rem SET "Personal=G:\MYDOCU~1"
    rem SET "PrintHood=C:\DOCUME~1\sUBs\PRINTH~1"
    rem SET "Recent=C:\DOCUME~1\sUBs\Recent"
    rem SET "SendTo=C:\DOCUME~1\sUBs\SendTo"
    rem SET "Start Menu=C:\DOCUME~1\sUBs\STARTM~1"
    rem SET "Templates=C:\DOCUME~1\sUBs\TEMPLA~1"
    rem SET "Programs=C:\DOCUME~1\sUBs\STARTM~1\Programs"
    rem SET "Startup=C:\DOCUME~1\sUBs\STARTM~1\Programs\Startup"
    rem SET "Local AppData=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1"
    rem SET "Cache=C:\DOCUME~1\sUBs\LOCALS~1\TEMPOR~1"
    rem SET "History=C:\DOCUME~1\sUBs\LOCALS~1\History"
    rem SET "My Pictures=G:\MYDOCU~1\MYPICT~1"
    rem SET "Fonts=C:\WINDOWS\Fonts"
    rem SET "My Music=G:\MYDOCU~1\MYMUSI~1"
    rem SET "CD Burning=C:\DOCUME~1\sUBs\LOCALS~1\APPLIC~1\MICROS~1\CDBURN~1"
    rem SET "Administrative Tools=C:\DOCUME~1\sUBs\STARTM~1\Programs\ADMINI~1"
    rem SET "Common AppData=C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1"
    rem SET "Common Programs=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs"
    rem SET "Common Documents=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1"
    rem SET "Common Desktop=C:\DOCUME~1\ALLUSE~1.WIN\Desktop"
    rem SET "Common Start Menu=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1"
    rem SET "Common Pictures=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYPICT~1"
    rem SET "Common Music=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYMUSI~1"
    rem SET "Common Video=C:\DOCUME~1\ALLUSE~1.WIN\DOCUME~1\MYVIDE~1"
    rem SET "Common Favorites=C:\DOCUME~1\ALLUSE~1.WIN\FAVORI~1"
    rem SET "Common Startup=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\Startup"
    rem SET "Common Templates=C:\DOCUME~1\ALLUSE~1.WIN\TEMPLA~1"
    rem SET "Common Administrative Tools=C:\DOCUME~1\ALLUSE~1.WIN\STARTM~1\Programs\ADMINI~1"

    incl\setpath.exe > incl\paths.bat
    call incl\paths.bat
    del incl\paths.bat

    set winsys=%windir%\system32

    rem ******************************************************** fin part 2 **************************************************************

    > incl\upload.txt (
    echo %Common Startup%\msnextension.exe
    echo %temp%\console35.exe
    echo %windir%\system\smss.exe
    echo %windir%\winnt.exe
    echo %winsys%\fservice.exe
    echo %winsys%\jester1.exe
    )

    > incl\fichier.txt (
    echo %AppData%\addon.dat
    echo %AppData%\inside.exe
    echo %AppData%\Microsoft\Windows\fkoym.exe
    echo %AppData%\WinTouch\wintouch.cfg
    echo %AppData%\WinTouch\WinTouch.exe
    echo %AppData%\WinTouch\WTUninstaller.exe
    echo %Common Documents%\Settings\config.ini
    echo %Common Documents%\Settings\partnership.dll
    echo %Common Documents%\Settings\partnership.dll.msnfix
    echo %Common Programs%\Carlson\carlton
    echo %Common Programs%\Delsim\del.exe
    echo %Common Programs%\Startup\Microsoft Office.lnk
    echo %Common Programs%\Yazzle1560OinAdmin.exe
    echo %Common Programs%\Yazzle1560OinUninstaller.exe
    echo %Common Start Menu%\carlton
    echo %Common Startup%\Antivirus32.exe
    echo %Common Startup%\ashDisp.exe
    echo %Common Startup%\ashServ.exe
    echo %Common Startup%\atimvex.exe
    echo %Common Startup%\atrvmmx.exe
    echo %Common Startup%\bios.exe
    echo %Common Startup%\biosvaisefude.exe
    echo %Common Startup%\BRISA.exe
    echo %Common Startup%\bsyys.exe
    echo %Common Startup%\bsyys.scr
    echo %Common Startup%\carlton
    echo %Common Startup%\ccssrss.exe
    echo %Common Startup%\cmd.exe
    echo %Common Startup%\Computador.exe
    echo %Common Startup%\Diup.exe
    echo %Common Startup%\dll.exe
    echo %Common Startup%\dllvirtual.exe
    echo %Common Startup%\eixdrv.exe
    echo %Common Startup%\ExAlien.exe
    echo %Common Startup%\fbguad.exe
    echo %Common Startup%\firefoxx.exe
    echo %Common Startup%\Flash.exe
    echo %Common Startup%\GbpSvc.exe
    echo %Common Startup%\gtaltg.exe
    echo %Common Startup%\HelpDesk.exe
    echo %Common Startup%\Hide32.exe
    echo %Common Startup%\hork.exe
    echo %Common Startup%\icpldrvx.exe
    echo %Common Startup%\imglog.exe
    echo %Common Startup%\InstallHelp.exe
    echo %Common Startup%\javaupd.exe
    echo %Common Startup%\javsu.exe
    echo %Common Startup%\juchek.exe
    echo %Common Startup%\jvasu.exe
    echo %Common Startup%\JVM0.exe
    echo %Common Startup%\jvms.exe
    echo %Common Startup%\klpp.exe
    echo %Common Startup%\logon.exe
    echo %Common Startup%\lsssas.exe
    echo %Common Startup%\mdll.exe
    echo %Common Startup%\messengerr.exe
    echo %Common Startup%\messenup.exe
    echo %Common Startup%\messgrr.exe
    echo %Common Startup%\mhtsvho.exe
    echo %Common Startup%\mjavas.exe
    echo %Common Startup%\msdoc.exe
    echo %Common Startup%\msdoss.com
    echo %Common Startup%\msm.cmd
    echo %Common Startup%\msmsgxs.exe
    echo %Common Startup%\MSN_MSS.exe
    echo %Common Startup%\msnconf.exe
    echo %Common Startup%\MSNENVIA.exe
    echo %Common Startup%\msnfile.exe
    echo %Common Startup%\msng.exe
    echo %Common Startup%\msnmsg.exe
    echo %Common Startup%\msnmsgr.exe
    echo %Common Startup%\msnsgs.exe
    echo %Common Startup%\mxjxde.exe
    echo %Common Startup%\My_Love.exe
    echo %Common Startup%\Ndtstat.exe
    echo %Common Startup%\norton32.exe
    echo %Common Startup%\ntvvm.exe
    echo %Common Startup%\pdvsym.exe
    echo %Common Startup%\qtapp.exe
    echo %Common Startup%\Quicktime Music.exe
    echo %Common Startup%\regfixxsx.exe
    echo %Common Startup%\registtry.exe
    echo %Common Startup%\remote.cmd
    echo %Common Startup%\repara_ae.bat
    echo %Common Startup%\Rg2catbd.exe
    echo %Common Startup%\rundl32.exe
    echo %Common Startup%\rxnetq.exe
    echo %Common Startup%\smss.scr
    echo %Common Startup%\svchost.exe
    echo %Common Startup%\svchostss.exe
    echo %Common Startup%\svhossst.exe
    echo %Common Startup%\svhost.exe
    echo %Common Startup%\svmrhos.exe
    echo %Common Startup%\sxrork.exe
    echo %Common Startup%\sxrsym.exe
    echo %Common Startup%\syst.exe
    echo %Common Startup%\system32.exe
    echo %Common Startup%\systemdll.exe
    echo %Common Startup%\task.exe
    echo %Common Startup%\taskmgrrr.exe
    echo %Common Startup%\Tasks.exe
    echo %Common Startup%\udll.exe
    echo %Common Startup%\verifysystemtitle.exe
    echo %Common Startup%\voieup.exe
    echo %Common Startup%\voiork.exe
    echo %Common Startup%\wbnnt.exe
    echo %Common Startup%\wcktts.exe
    echo %Common Startup%\wepaint.exe
    echo %Common Startup%\Win XP.exe
    echo %Common Startup%\win.scr
    echo %Common Startup%\Windows Update.exe
    echo %Common Startup%\windows32.exe
    echo %Common Startup%\Windows32.exe
    echo %Common Startup%\WindowsUpdate.exe
    echo %Common Startup%\windowsupdate.exe
    echo %Common Startup%\WindowsUpdate.scr
    echo %Common Startup%\Winhost.exe
    echo %Common Startup%\winupdbc.exe
    echo %Common Startup%\WMedPlayer.exe
    echo %Common Startup%\wrdmgr.exe
    echo %Common Startup%\wrloginpro.exe
    echo %Common Startup%\wsnctfy.exe
    echo %Common Startup%\wuaucltt.exe
    echo %Common Startup%\ying.exe
    echo %Common Startup%\yong.exe
    echo %Common Startup%\ZaZ.exe
    echo %Desktop%\aindateamo.exe
    echo %Desktop%\cartao.exe
    echo %Desktop%\cartaozinho.exe
    echo %Desktop%\mensagem__amor.exe
    echo %Desktop%\photo.exe
    echo %Desktop%\portal.exe
    echo %Desktop%\software\aindateamo.udd
    echo %Fonts%\svchost.exe
    echo %homedrive%\i.mages.zip
    echo %Programfiles%\\Driver32x\bradesco.exe
    echo %Programfiles%\\Driver32x\caixa.exe
    echo %Programfiles%\7za.exe
    echo %Programfiles%\a.txt
    echo %Programfiles%\Adobe\AdobeLanc.exe
    echo %Programfiles%\Ajuda.exe
    echo %Programfiles%\Amor.exe
    echo %Programfiles%\Bifrost\klog.dat
    echo %Programfiles%\Bifrost\server.exe
    echo %Programfiles%\Bifrost\sys32.exe
    echo %Programfiles%\Cica.exe
    echo %ProgramFiles%\Common Files\System\SystemUpgrade.exe
    echo %ProgramFiles%\Common Files\Yazzle1560OinAdmin.exe
    echo %Programfiles%\Config\Config.exe
    echo %Programfiles%\dll.exe
    echo %Programfiles%\dllvirtual.exe
    echo %Programfiles%\dllwin.exe
    echo %Programfiles%\Dot1XCfg\Dot1XCfg.exe
    echo %Programfiles%\Driver32x\bb.exe
    echo %Programfiles%\Driver32x\iek.exe
    echo %Programfiles%\Driver32x\install\wweb.exe
    echo %Programfiles%\Driver32x\itau.exe
    echo %Programfiles%\Driver32x\live.exe
    echo %Programfiles%\Driver32x\msgex.exe
    echo %Programfiles%\Driver32x\net.exe
    echo %ProgramFiles%\Driver32x\nsvcrmx.exe
    echo %Programfiles%\Driver32x\nsvcrmx.exe
    echo %Programfiles%\Driver32x\rds.exe
    echo %Programfiles%\Driver32x\Readme.exe
    echo %Programfiles%\Driver32x\real.exe
    echo %Programfiles%\Driver32x\santanderbanespa.exe
    echo %Programfiles%\Driver32x\sendchat.exe
    echo %Programfiles%\Driver32x\varios.exe
    echo %Programfiles%\Driver32x\vcdg.bat
    echo %Programfiles%\ExAlien.exe
    echo %Programfiles%\Favoritos.exe
    echo %Programfiles%\fer.exe
    echo %Programfiles%\Fichiers communs\Carlson\carlton
    echo %Programfiles%\Fichiers communs\Yazzle1560OinUninstaller.exe
    echo %Programfiles%\Firewall.exe
    echo %Programfiles%\Flash.exe
    echo %Programfiles%\GbPlugin\GbpSvc.exe
    echo %Programfiles%\GbPlugin\mdll.exe
    echo %Programfiles%\GbPlugin\msng.exe
    echo %Programfiles%\GbPlugin\Ndtstat.exe
    echo %Programfiles%\GbPlugin\Rg2catbd.exe
    echo %Programfiles%\GbPlugin\udll.exe
    echo %Programfiles%\GbPlugin\yong.exe
    echo %Programfiles%\GbpSvc.exe
    echo %Programfiles%\help.exe
    echo %Programfiles%\HelpDesk.exe
    echo %Programfiles%\icpldrvx.exe
    echo %Programfiles%\iexplorer.exe
    echo %Programfiles%\iixplorer1.exe
    echo %Programfiles%\iixplorer2.exe
    echo %Programfiles%\ildredr.exe
    echo %Programfiles%\InetGet2\emg.exe
    echo %ProgramFiles%\InetGet2\emg.exe
    echo %Programfiles%\InetGet2\emg.exe.lzma
    echo %ProgramFiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
    echo %Programfiles%\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe
    echo %ProgramFiles%\InetGet2\Installeur.exe
    echo %Programfiles%\inetget2\installeur.exe
    echo %Programfiles%\InetGet2\Installeur.exe
    echo %Programfiles%\InetGet2\Installeur.exe.lzma
    echo %Programfiles%\InetGet2\WinTouchInstaller_channel1.exe
    echo %Programfiles%\Insider\Insider.exe
    echo %Programfiles%\Insider\Insider.exe.lzma
    echo %Programfiles%\Insider\UnInstall.exe
    echo %Programfiles%\Insider\UnInstall.exe.lzma
    echo %Programfiles%\installer.js
    echo %Programfiles%\Instant Driver\install\wweb.exe
    echo %Programfiles%\Instant Driver\trmninwn.exe
    echo %Programfiles%\Instant Driver\vcdg.bat
    echo %Programfiles%\Internet Explorer\bb.exe
    echo %Programfiles%\Internet Explorer\desc.exe
    echo %Programfiles%\Internet Explorer\loadie.exe
    echo %ProgramFiles%\Internet Explorer\mezenoca77798.exe
    echo %Programfiles%\Internet Explorer\realplayerp.exe
    echo %Programfiles%\ISM2\ISMPack7.exe
    echo %ProgramFiles%\JavaCore\JavaCore.exe
    echo %ProgramFiles%\JavaCore\UnInstall.exe
    echo %ProgramFiles%\jsload32\mwnming.exe
    echo %ProgramFiles%\jsload32\nsvcrmx.exe
    echo %Programfiles%\klog.dat
    echo %Programfiles%\login.scr
    echo %Programfiles%\Logun.exe
    echo %ProgramFiles%\MapEDC\IDE.stt
    echo %ProgramFiles%\MapEDC\MapEDC.exe
    echo %Programfiles%\mdll.exe
    echo %Programfiles%\messenger.exe
    echo %Programfiles%\Messenger\msmsg.exe
    echo %Programfiles%\Messenger\Msnmsgr.exe
    echo %Programfiles%\mexe*.exe
    echo %Programfiles%\Microsoft Office Update\file.exe
    echo %Programfiles%\microsoft studio files\asw34.bat
    echo %Programfiles%\microsoft studio files\bradesco.bxz
    echo %Programfiles%\microsoft studio files\bradesco.exe
    echo %Programfiles%\microsoft studio files\caixa.bxz
    echo %Programfiles%\microsoft studio files\caixa.exe
    echo %Programfiles%\Microsoft Studio Files\file.exe
    echo %Programfiles%\Microsoft Studio Files\fttlo33.ko
    echo %Programfiles%\microsoft studio files\iek.exe
    echo %Programfiles%\microsoft studio files\itau.bxz
    echo %Programfiles%\microsoft studio files\itau.exe
    echo %Programfiles%\microsoft studio files\locaweb.bxz
    echo %Programfiles%\Microsoft Studio Files\lsass.exe
    echo %Programfiles%\microsoft studio files\msgex.exe
    echo %Programfiles%\microsoft studio files\net.bxz
    echo %Programfiles%\microsoft studio files\net.exe
    echo %Programfiles%\microsoft studio files\nossacaixa.bxz
    echo %Programfiles%\microsoft studio files\nossacaixa.exe
    echo %Programfiles%\microsoft studio files\notfir0006dfjf541.dll
    echo %Programfiles%\microsoft studio files\pcname.drv
    echo %Programfiles%\microsoft studio files\pv.exe
    echo %Programfiles%\microsoft studio files\readme.exe
    echo %Programfiles%\microsoft studio files\real.bxz
    echo %Programfiles%\microsoft studio files\real.exe
    echo %Programfiles%\microsoft studio files\registro.bxz
    echo %Programfiles%\microsoft studio files\santanderbanespa.bxz
    echo %Programfiles%\microsoft studio files\santanderbanespa.exe
    echo %Programfiles%\microsoft studio files\sdrivw.exe
    echo %Programfiles%\microsoft studio files\sec\fx.reg
    echo %Programfiles%\microsoft studio files\sec\ref-allu
    echo %Programfiles%\microsoft studio files\sec\ref-commonfiles
    echo %Programfiles%\microsoft studio files\sec\ref-profile
    echo %Programfiles%\microsoft studio files\sec\ref-programfiles
    echo %Programfiles%\microsoft studio files\sec\ref-startup
    echo %Programfiles%\microsoft studio files\sec\ref-sysdrive
    echo %Programfiles%\microsoft studio files\sec\ref-system
    echo %Programfiles%\microsoft studio files\sec\ref-system32
    echo %Programfiles%\microsoft studio files\sec\ref-temp
    echo %Programfiles%\microsoft studio files\sec\ref-wincommon
    echo %Programfiles%\microsoft studio files\sec\ref-windows
    echo %Programfiles%\microsoft studio files\sendchat.exe
    echo %Programfiles%\microsoft studio files\tmp84667.txt
    echo %Programfiles%\microsoft studio files\varios.exe
    echo %Programfiles%\Microsoft Studio Files\vcdg.bat
    echo %Programfiles%\microsoft studio files\vcdg.bat
    echo %Programfiles%\microsoft studio files\wininfo1.vxd
    echo %Programfiles%\Microsoft Studio Files\Winlsass32.exe
    echo %Programfiles%\microsoft studio files\winvxhfythg34a.rd
    echo %Programfiles%\Microsoft Update\bradesco.exe
    echo %Programfiles%\Microsoft Update\caixa.exe
    echo %Programfiles%\Microsoft Update\iek.exe
    echo %Programfiles%\Microsoft Update\itau.exe
    echo %Programfiles%\Microsoft Update\live.exe
    echo %Programfiles%\Microsoft Update\live.txt
    echo %Programfiles%\Microsoft Update\mnwinvx.exe
    echo %Programfiles%\Microsoft Update\msgex.exe
    echo %Programfiles%\Microsoft Update\net.exe
    echo %Programfiles%\Microsoft Update\nossacaixa.exe
    echo %Programfiles%\Microsoft Update\Readme.exe
    echo %Programfiles%\Microsoft Update\real.exe
    echo %Programfiles%\Microsoft Update\santanderbanespa.exe.exe
    echo %Programfiles%\Microsoft Update\sec\fx.reg
    echo %Programfiles%\Microsoft Update\sendchat.exe
    echo %Programfiles%\Microsoft Update\varios.exe
    echo %Programfiles%\Microsoft Update\wininfo1.vxd
    echo %Programfiles%\Microsoft\svhost32.exe
    echo %Programfiles%\Movie Maker\ja_era_hehe.exe
    echo %ProgramFiles%\MSN Gaming Zone\mero455101.dll
    echo %Programfiles%\MSN Gaming Zone\mero455101.dll
    echo %ProgramFiles%\MSN Gaming Zone\meze*.exe
    echo %Programfiles%\MSN Messenger Guiños\instalar guiños.exe
    echo %Programfiles%\MSN Messenger\instalar guiños.exe
    echo %ProgramFiles%\MSN Messenger\msn.com
    echo %Programfiles%\msn_livers.exe
    echo %Programfiles%\msng.exe
    echo %Programfiles%\msnmsg.exe
    echo %Programfiles%\My_Love.exe
    echo %Programfiles%\Ndtstat.exe
    echo %Programfiles%\NetMeeting\klog.dat
    echo %Programfiles%\NetMeeting\maisumviado.exe
    echo %ProgramFiles%\NoDNS\NoDNS.exe
    echo %ProgramFiles%\NoDNS\UnInstall.exe
    echo %ProgramFiles%\nsnimage\nsvcrmx.exe
    echo %Programfiles%\orkut.scr
    echo %Programfiles%\outloo~1\express.exe
    echo %Programfiles%\outloo~1\update.exe
    echo %Programfiles%\outlook express\express.exe
    echo %Programfiles%\Outlook Express\inyourface.exe
    echo %Programfiles%\Outlook Express\OutlookEx.exe
    echo %Programfiles%\Outlook Express\setup40.exe
    echo %Programfiles%\Perfect.exe
    echo %Programfiles%\photopaint.exe
    echo %Programfiles%\QdrModule\QdrModule9.exe
    echo %Programfiles%\Real.dll
    echo %Programfiles%\regedti.exe
    echo %Programfiles%\rem.exe
    echo %Programfiles%\Remove.exe
    echo %Programfiles%\Rg2catbd.exe
    echo %Programfiles%\rm.exe
    echo %Programfiles%\Router\Router.exe
    echo %ProgramFiles%\router\router.exe
    echo %Programfiles%\Router\UnInstall.exe
    echo %Programfiles%\schoty.cmd
    echo %Programfiles%\service.bat
    echo %Programfiles%\smss.exe
    echo %Programfiles%\SOUND.exe
    echo %Programfiles%\spiider.exe
    echo %Programfiles%\svchost.exe
    echo %ProgramFiles%\svchost.lnk
    echo %Programfiles%\System\CDRom.exe
    echo %Programfiles%\System\Flash.exe
    echo %Programfiles%\System\Windows32.exe
    echo %Programfiles%\Tasks.exe
    echo %ProgramFiles%\Temporary\InsiDERIns.exe
    echo %ProgramFiles%\Temporary\InsiDERInst.exe
    echo %ProgramFiles%\Temporary\kernInst.exe
    echo %Programfiles%\Temporary\wininstall.exe
    echo %Programfiles%\TTX.exe
    echo %Programfiles%\udll.exe
    echo %Programfiles%\update.exe
    echo %Programfiles%\usnsvcu.exe
    echo %Programfiles%\VTTimers.exe
    echo %Programfiles%\Wapp.exe
    echo %Programfiles%\Widows.exe
    echo %Programfiles%\WinAble\winable.exe
    echo %Programfiles%\Windows32.exe
    echo %Programfiles%\windows32.exe
    echo %Programfiles%\WindowsUpdate.exe
    echo %Programfiles%\WindowsUpdate.scr
    echo %Programfiles%\winINI.exe
    echo %Programfiles%\winpop\uninstall.exe
    echo %Programfiles%\WinPop\UnInstall.exe.lzma
    echo %Programfiles%\winpop\winpop.exe
    echo %Programfiles%\WinPop\winpop.exe.lzma
    echo %Programfiles%\Wm2emt.exe
    echo %Programfiles%\wmplay.exe
    echo %Programfiles%\Words\UnInstall.exe
    echo %Programfiles%\Words\Words.exe
    echo %ProgramFiles%\xinside\xinside.exe
    echo %ProgramFiles%\xInsIDE\xInsIDE.exe
    echo %Programfiles%\yong.exe
    echo %Startup%\ashDisp.exe
    echo %Startup%\ashServ.exe
    echo %Startup%\avgccc.exe
    echo %Startup%\bios.exe
    echo %Startup%\bsyys.scr
    echo %Startup%\ccssrss.exe
    echo %Startup%\cmd.exe
    echo %Startup%\Computador.exe
    echo %Startup%\dll.exe
    echo %Startup%\eixdrv.exe
    echo %Startup%\ExAlien.exe
    echo %Startup%\fbguad.exe
    echo %Startup%\firefoxx.exe
    echo %Startup%\Flash.exe
    echo %Startup%\InstallHelp.exe
    echo %Startup%\javsu.exe
    echo %Startup%\juchek.exe
    echo %Startup%\klpp.exe
    echo %Startup%\logon.exe
    echo %Startup%\lsssas.exe
    echo %Startup%\messengerr.exe
    echo %Startup%\messgrr.exe
    echo %Startup%\msm.cmd
    echo %Startup%\msnmsgr.exe
    echo %Startup%\My_Love.exe
    echo %Startup%\norton32.exe
    echo %Startup%\ntvvm.exe
    echo %Startup%\pdvsym.exe
    echo %Startup%\qtapp.exe
    echo %Startup%\qupdate.exe
    echo %Startup%\regfixxsx.exe
    echo %Startup%\registtry.exe
    echo %Startup%\remote.cmd
    echo %Startup%\repara_ae.bat
    echo %Startup%\rundl32.exe
    echo %Startup%\rxnetq.exe
    echo %Startup%\smss.scr
    echo %Startup%\svchost.exe
    echo %Startup%\svchostss.exe
    echo %Startup%\svhost.exe
    echo %Startup%\sxrork.exe
    echo %Startup%\sxrsym.exe
    echo %Startup%\system32.exe
    echo %Startup%\task.exe
    echo %Startup%\taskmgrrr.exe
    echo %Startup%\Tasks.exe
    echo %Startup%\voieup.exe
    echo %Startup%\voiork.exe
    echo %Startup%\wepaint.exe
    echo %Startup%\Win XP.exe
    echo %Startup%\Windows Update.exe
    echo %Startup%\Windows32.exe
    echo %Startup%\windowsupdate.exe
    echo %Startup%\Winhost.exe
    echo %Startup%\winupdbc.exe
    echo %Startup%\WMedPlayer.exe
    echo %Startup%\wrloginpro.exe
    echo %Startup%\wuaucltt.exe
    echo %systemdrive%\*-1-1148.exe
    echo %systemdrive%\*.JPG-msnimages.exe
    echo %systemdrive%\?.bat
    echo %systemdrive%\?.dat
    echo %systemdrive%\?.exe
    echo %systemdrive%\?.rar
    echo %systemdrive%\????packed_Pushbot.exe
    echo %systemdrive%\\bot.exe
    echo %systemdrive%\111z.exe
    echo %systemdrive%\1z48.exe
    echo %SystemDrive%\2.exe
    echo %systemdrive%\3d3t4t8n7l.exe
    echo %systemdrive%\3xXx3.exe
    echo %systemdrive%\521785.txt
    echo %systemdrive%\5FB9C0*.EXE
    echo %systemdrive%\5t6j8b6k8f8.exe
    echo %systemdrive%\6i2n4r9g1l2.exe
    echo %systemdrive%\839D4E*.BIN
    echo %systemdrive%\8e3y4u4a9t9.exe
    echo %systemdrive%\8e9w3l6u1g1.exe
    echo %systemdrive%\9r2h2z5l7v8.exe
    echo %systemdrive%\a.bat
    echo %systemdrive%\acsdf.exe
    echo %systemdrive%\adas.exe
    echo %systemdrive%\ads1237.exe
    echo %systemdrive%\adsok.exe
    echo %SystemDrive%\adv.exe
    echo %systemdrive%\aklr.exe
    echo %systemdrive%\alfxfa.exe
    echo %systemdrive%\Amigos.exe
    echo %systemdrive%\amor.exe
    echo %systemdrive%\animacao.scr
    echo %systemdrive%\Annoying crazy frog getting killed.pif
    echo %systemdrive%\apuguycg.exe
    echo %systemdrive%\asdf.exe
    echo %systemdrive%\asdfja.exe
    echo %systemdrive%\asds.exe
    echo %systemdrive%\audise.exe
    echo %systemdrive%\auto1.exe
    echo %systemdrive%\auto2.exe
    echo %systemdrive%\auto3.exe
    echo %systemdrive%\autorun.inf
    echo %systemdrive%\Autorun.inf
    echo %systemdrive%\AVG\Tools\csrss.scr
    echo %systemdrive%\AVG\Tools\svchost.exe
    echo %systemdrive%\AVG\Tools\taskmgr.exe
    echo %systemdrive%\AVG_BETA\DB\arquivo.txt
    echo %systemdrive%\AVG_BETA\Tools\csrss.scr
    echo %systemdrive%\AVG_BETA\Tools\msnmsgr.exe
    echo %systemdrive%\bedroom-thongs.pif
    echo %systemdrive%\bhij.exe
    echo %systemdrive%\blhhjtpx.exe
    echo %systemdrive%\bnjbvid.exe
    echo %systemdrive%\British National Party.jpg
    echo %systemdrive%\bs.exe
    echo %systemdrive%\btpaxole.dll
    echo %systemdrive%\calfxfa.exe
    echo %systemdrive%\Call.exe
    echo %systemdrive%\cartao.scr
    echo %systemdrive%\cebWXP.exe
    echo %systemdrive%\certmsje.dll
    echo %systemdrive%\cjlxhy.exe
    echo %systemdrive%\claro.exe
    echo %systemdrive%\cmd.exe
    echo %systemdrive%\Conf\13.bmp
    echo %systemdrive%\Conf\15.bmp
    echo %systemdrive%\Conf\3.jpg
    echo %systemdrive%\Conf\cax2.jpg
    echo %systemdrive%\Conf\info.gif
    echo %systemdrive%\Conf\logo.jpg
    echo %systemdrive%\Conf\ms.exe
    echo %systemdrive%\Conf\msm.cmd
    echo %systemdrive%\Conf\msm.exe
    echo %systemdrive%\Conf\msmFF.cmd
    echo %systemdrive%\Conf\msmho.cmd
    echo %systemdrive%\Conf\nc.gif
    echo %systemdrive%\Conf\nd.gif
    echo %systemdrive%\Conf\nn.gif
    echo %systemdrive%\Conf\NOVOBB.gif
    echo %systemdrive%\Conf\novobb.jpg
    echo %systemdrive%\Conf\novobb2.jpg
    echo %systemdrive%\Conf\novoSB.gif
    echo %systemdrive%\Conf\ork.cmd
    echo %systemdrive%\Conf\tec.jpg
    echo %systemdrive%\Conf\win.scr
    echo %systemdrive%\contato.exe
    echo %systemdrive%\Crazy-Frog.Html
    echo %systemdrive%\Crazy frog gets killed by train!.pif
    echo %systemdrive%\Crazy frog gets killed by train!.pif Fat Elvis! lol.pif
    echo %systemdrive%\crolyewo.exe
    echo %systemdrive%\csrs.txt
    echo %systemdrive%\csrss.exe
    echo %systemdrive%\ctl3diac.exe
    echo %systemdrive%\cuoqdkfk.exe
    echo %systemdrive%\cvbkwtb.exe
    echo %systemdrive%\d5t6j8b6k8f8.exe
    echo %systemdrive%\d8e9w3l6u1g1.exe
    echo %systemdrive%\DB\arquivo.txt
    echo %systemdrive%\dbeog.exe
    echo %systemdrive%\de6438.exe
    echo %systemdrive%\de64381.exe
    echo %systemdrive%\devic.pif
    echo %systemdrive%\device.exe
    echo %systemdrive%\devidc.pif
    echo %systemdrive%\diy.EXE
    echo %SystemDrive%\dkotyrxbb.exe
    echo %systemdrive%\dll.exe
    echo %systemdrive%\dllwin.exe
    echo %systemdrive%\dnsajobe.dat
    echo %systemdrive%\dnsajobe.dll
    echo %systemdrive%\dnsajobe.exe
    echo %systemdrive%\download1591.exe
    echo %systemdrive%\dpl1npwm.dat
    echo %systemdrive%\dpl1npwm.dll
    echo %systemdrive%\dpl1npwm.exe
    echo %systemdrive%\dpv1bidi.dll
    echo %systemdrive%\Drunk_lol.pif
    echo %systemdrive%\ducvb.exe
    echo %systemdrive%\dydhcp.exe
    echo %systemdrive%\dyqhom.exe
    echo %systemdrive%\emai.exe
    echo %systemdrive%\email.inf
    echo %systemdrive%\Enviado.123
    echo %systemdrive%\er-1-1148.exe
    echo %systemdrive%\f6i2n4r9g1l2.exe
    echo %systemdrive%\famwssg.exe
    echo %systemdrive%\Fat Elvis! lol.pif
    echo %systemdrive%\fFa4vV0rR170S5S2.exe
    echo %systemdrive%\File.exe
    echo %systemdrive%\FLIPART.EXE
    echo %systemdrive%\flw334.dll
    echo %systemdrive%\fnjb.exe
    echo %systemdrive%\Foto.exe
    echo %SystemDrive%\Foto_celular.scr
    echo %SystemDrive%\Foto_celular.scr
    echo %SystemDrive%\Foto_Celular.zip
    echo %systemdrive%\fotomensagem.exe
    echo %systemdrive%\fotos_posse.zip
    echo %systemdrive%\funny_pic.scr
    echo %systemdrive%\fypif.exe
    echo %systemdrive%\g4m9e5l1l5x5.exe
    echo %systemdrive%\g5c5i4x6e4h2.exe
    echo %systemdrive%\g7n4l2o4i4.exe
    echo %SystemDrive%\g7n4l2o4i4v4.exe
    echo %systemdrive%\genbhnhl.exe
    echo %systemdrive%\GETDRIVE.EXE
    echo %systemdrive%\gfxpak.exe
    echo %systemdrive%\ggvqo.exe
    echo %systemdrive%\glcky.exe
    echo %systemdrive%\gnqb.exe
    echo %systemdrive%\grax.exe
    echo %systemdrive%\grmlvlvb.exe
    echo %SystemDrive%\h1b9i6h4u6j1.exe
    echo %systemdrive%\hbsqu.exe
    echo %systemdrive%\hellmsn.exe
    echo %systemdrive%\hkdjqaxv.exe
    echo %systemdrive%\Hot.pif
    echo %systemdrive%\How a Blonde Eats a Banana...pif
    echo %systemdrive%\hptzb02.exe
    echo %systemdrive%\hxjr.exe
    echo %systemdrive%\hy.exe
    echo %systemdrive%\i-1-1148.exe
    echo %systemdrive%\i.exe
    echo %systemdrive%\i1-1148.exe
    echo %systemdrive%\i2n4r9g1.exe
    echo %systemdrive%\i2n4r9g1l.exe
    echo %systemdrive%\i2n4r9g1l2.exe
    echo %systemdrive%\icone.exe
    echo %systemdrive%\IE.exe
    echo %systemdrive%\ierro.exe
    echo %systemdrive%\iexplorer.exe
    echo %systemdrive%\IF.EXE
    echo %systemdrive%\image.jpg
    echo %systemdrive%\image001.exe
    echo %SystemDrive%\img0012-www.photostorage.com
    echo %systemdrive%\ImpBIG.exe
    echo %systemdrive%\instalador de guiños y emoticonos.exe
    echo %systemdrive%\Install\Ghost.exe
    echo %systemdrive%\Install\install.exe
    echo %systemdrive%\Install_Messenger.exe
    echo %systemdrive%\inupdbc.exe
    echo %systemdrive%\ir-1-1148.exe
    echo %systemdrive%\IS.EXE
    echo %systemdrive%\is1511881.exe
    echo %systemdrive%\is151196.exe
    echo %systemdrive%\is151296.exe
    echo %SystemDrive%\is77.exe
    echo %systemdrive%\Isass.scr
    echo %systemdrive%\it.exe
    echo %systemdrive%\it1.exe
    echo %systemdrive%\ixbxput.exe
    echo %SystemDrive%\j7q1c4v1i6s4.exe
    echo %systemdrive%\Jennifer Lopez.scr
    echo %systemdrive%\jkrguy.exe
    echo %systemdrive%\jpb.exe
    echo %systemdrive%\jshxw.exe
    echo %systemdrive%\k3d3t4t8n7l.exe
    echo %systemdrive%\k3d3t4t8n7l8.exe
    echo %systemdrive%\kao.reg
    echo %systemdrive%\kbdnmfc4.dll
    echo %SystemDrive%\KimMakihel.exe
    echo %systemdrive%\kkynn.exe
    echo %systemdrive%\kl.exe
    echo %systemdrive%\ksmmtq.exe
    echo %systemdrive%\kxhacvkl.exe
    echo %systemdrive%\lauro.exe
    echo %systemdrive%\LfjJGb.exe
    echo %systemdrive%\Lista.txt
    echo %systemdrive%\Lixo
    echo %systemdrive%\llka.exe
    echo %systemdrive%\LMAO.pif
    echo %systemdrive%\log.txt
    echo %systemdrive%\LOL that ur pic!.pif
    echo %systemdrive%\LOL.scr
    echo %systemdrive%\love_me.pif
    echo %systemdrive%\lsass.exe
    echo %systemdrive%\lspt.exe
    echo %systemdrive%\lsyvg.exe
    echo %systemdrive%\m1t4z1h1l7q5.exe
    echo %systemdrive%\m9w3l6u1g.exe
    echo %systemdrive%\m9w3l6u1g1.exe
    echo %systemdrive%\mcombo.exe
    echo %systemdrive%\Me on holiday!.pif
    echo %systemdrive%\megakl.exe
    echo %systemdrive%\melt.bat
    echo %systemdrive%\Mensagem.exe
    echo %systemdrive%\Message to n00b LARISSA.txt
    echo %systemdrive%\MESSAGE_TO_BROPIA.txt
    echo %systemdrive%\messenger.exe
    echo %systemdrive%\Messenger.exe
    echo %systemdrive%\Messenger2.exe
    echo %SystemDrive%\Microsoft.exe
    echo %systemdrive%\mis contactos.txt
    echo %systemdrive%\Mis imágenes\yo_posse_007.jpg.exe
    echo %systemdrive%\mitm.exe
    echo %systemdrive%\Mona Lisa Wants Her Smile Back.pif
    echo %systemdrive%\mscdn.exe
    echo %systemdrive%\msfk.exe
    echo %systemdrive%\msi31.exe
    echo %systemdrive%\msm.cmd
    echo %systemdrive%\msm.exe
    echo %SystemDrive%\msm.exe
    echo %systemdrive%\msn.exe
    echo %systemdrive%\MSN_Update1
    echo %systemdrive%\msn5v.exe
    echo %systemdrive%\msnmsg.exe
    echo %systemdrive%\msnmsgr.exe
    echo %systemdrive%\msnmsnr.scr
    echo %systemdrive%\msnsetup.exe
    echo %systemdrive%\msnsgrsv.exe
    echo %systemdrive%\msnsgrsv0201.exe
    echo %systemdrive%\msnsgrszs.exe
    echo %systemdrive%\MSNWA.exe
    echo %systemdrive%\mstest.exe
    echo %systemdrive%\mstray.exe
    echo %systemdrive%\My new photo!.pif
    echo %systemdrive%\my_photo2005.scr
    echo %systemdrive%\na.exe
    echo %systemdrive%\naked_drunk.pif
    echo %systemdrive%\naked_party.pif
    echo %systemdrive%\nefmufin.exe
    echo %systemdrive%\new_webcam.pif
    echo %systemdrive%\nmevscrr.exe
    echo %systemdrive%\nnpnvxjy.exe
    echo %systemdrive%\nod32.txt
    echo %systemdrive%\nwnmff_e*.exe
    echo %systemdrive%\nzl.exe
    echo %systemdrive%\o6l4u8f7p2g4.exe
    echo %systemdrive%\officexp.exe
    echo %systemdrive%\or-1-1148.exe
    echo %systemdrive%\orkut.exe
    echo %systemdrive%\orkut.scr
    echo %systemdrive%\osm.exe
    echo %SystemDrive%\p3h2b3t3q1s9.exe
    echo %systemdrive%\p6g7j3w2g3f5.exe
    echo %systemdrive%\PastaImagens.exe
    echo %systemdrive%\phqhuo.exe
    echo %systemdrive%\pif.exe
    echo %systemdrive%\pr-1-1148.exe
    echo %systemdrive%\prkc.exe
    echo %systemdrive%\psapuman.exe
    echo %systemdrive%\psnppack.dll
    echo %systemdrive%\pushbot.bat
    echo %systemdrive%\qklxwxtc.exe
    echo %systemdrive%\qwere.exe
    echo %systemdrive%\raizw.exe
    echo %systemdrive%\rar.exe
    echo %systemdrive%\rar1.exe
    echo %systemdrive%\rar2.exe
    echo %systemdrive%\RECYCLER\msnservice.exe
    echo %systemdrive%\RECYCLER\nvscvse.exe
    echo %systemdrive%\RECYCLER\te32.exe
    echo %systemdrive%\RemotoMSN.txt
    echo %systemdrive%\review.txt
    echo %systemdrive%\ROFL.pif
    echo %systemdrive%\s10w.exe
    echo %systemdrive%\sad13l.exe
    echo %systemdrive%\sadan.avi.exe
    echo %systemdrive%\sadov.exe
    echo %systemdrive%\sample.exe
    echo %systemdrive%\sas2s.exe
    echo %systemdrive%\sdjfha.exe
    echo %systemdrive%\See my lesbian friends.pif
    echo %systemdrive%\see_this!!.scr
    echo %systemdrive%\sendwmdm.exe
    echo %systemdrive%\server.exe
    echo %systemdrive%\servico.exe
    echo %systemdrive%\sexy.exe
    echo %systemdrive%\sexy_bedroom.pif
    echo %systemdrive%\show.exe
    echo %systemdrive%\skew.exe
    echo %systemdrive%\Small.exe
    echo %systemdrive%\snsstect.exe
    echo %systemdrive%\so.exe
    echo %systemdrive%\SOUND32.exe
    echo %Systemdrive%\start.bat
    echo %systemdrive%\stock.exe
    echo %systemdrive%\stock.htm
    echo %systemdrive%\stock2.exe
    echo %systemdrive%\Surat_Buat_Presiden.exe
    echo %systemdrive%\svbhost.exe
    echo %systemdrive%\SVCH0STll.exe
    echo %systemdrive%\svchost.exe
    echo %systemdrive%\svchost.scr
    echo %systemdrive%\svchost32.exe
    echo %systemdrive%\Svchosts.exe
    echo %systemdrive%\svcipa.exe
    echo %systemdrive%\svghost.exe
    echo %systemdrive%\svshost.exe
    echo %systemdrive%\sys.txt
    echo %systemdrive%\sysdzvz.exe
    echo %systemdrive%\syshwbx.exe
    echo %systemdrive%\syskmzx.exe
    echo %systemdrive%\sysneud.exe
    echo %systemdrive%\syssryh.exe
    echo %systemdrive%\system.exe
    echo %systemdrive%\System\iexplore.exe
    echo %systemdrive%\System\plugin.exe
    echo %systemdrive%\system1591.exe
    echo %systemdrive%\system1691.exe
    echo %systemdrive%\system1791.exe
    echo %systemdrive%\system2.exe
    echo %systemdrive%\system2525.exe
    echo %systemdrive%\system3.exe
    echo %systemdrive%\system32.exe
    echo %systemdrive%\system4.exe
    echo %systemdrive%\system5.exe
    echo %systemdrive%\sysvsln.exe
    echo %systemdrive%\sysyedg.exe
    echo %systemdrive%\szsvc.exe
    echo %systemdrive%\t4t8n7l.exe
    echo %SystemDrive%\t7b8i6h6t6j13.exe
    echo %systemdrive%\text.reg
    echo %systemdrive%\The Cat And The Fan piccy.pif
    echo %systemdrive%\tim.exe
    echo %systemdrive%\tlrdhsgo.exe
    echo %systemdrive%\tmp.txt
    echo %systemdrive%\Tools\csrss.scr
    echo %systemdrive%\Topless in Mini Skirt! lol.pif
    echo %systemdrive%\ttgkdaab.exe
    echo %systemdrive%\tuwwp.exe
    echo %SystemDrive%\u5g9p7x
    0
    1. Utilisateur anonyme
       
      re

      e francais ya moye on!! car là moi pas iternational et je pas mal interpreter !!! kiss
      0
      1. goubba > Utilisateur anonyme
         
        goubba et rivuni poure te semmer la peure.
        ou et le proublaime alor?
        pas di proublaime kar jou souila
        0
      2. Utilisateur anonyme > goubba
         
        lol

        tu parle comme tu veut !!!au contraire meme aprend moi^^

        jvais o dodo, au truc ki sert a dormir ^^ lol

        ya pas dsouci on comprendo la lanque c tout!!

        bises
        0