AIde pour virer un virus svp !
Triba
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjours tout le monde .
Apres pas mal de recherche je n'arrive pas a me defaire d'un salopard de virus .
En effet, mon gestionnaire des taches ainsi que ma base des registres se ferme automatiquement apres que je les ouvre, avant de demander de l aide j ai bien parcouru quelque forum sans arriver a quoi que se soit .
J'ai toutefoit pu accéder a mon gestionaire des taches avec un ptit utilitaire qui s'apelle TUNEUP et apres avoir aretter le processus NVSCV32.EXE j arrive a avoir mon gestionaire des taches ainsi que ma base de donnée .
J ai fait une analyse sur securer.com et ma trouver quelquue 3000 fujacks.do comme trojan oO, oui ca fait bcp .
Je vous demande donc avec la plus grande des politesses comment je pourrais m en débarasser, je vous poste mon log HIJACK .
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:34, on 13/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\SVCHOST.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\TuneUp Utilities 2008\ProcessManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Tribal\Local Settings\Temporary Internet Files\Content.IE5\MG1A6ZQA\FxGaobot[1].exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SVCHOST] C:\WINDOWS\MDM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [nvscv32] C:\WINDOWS\system32\drivers\nvscv32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~3\Office\1033\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?06f500461e5b450bb906f955c854ff84
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?06f500461e5b450bb906f955c854ff84
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{62E4931B-5BA7-4579-B96A-8D9C61F1445D}: NameServer = 193.252.19.1,193.252.19.2
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Apres pas mal de recherche je n'arrive pas a me defaire d'un salopard de virus .
En effet, mon gestionnaire des taches ainsi que ma base des registres se ferme automatiquement apres que je les ouvre, avant de demander de l aide j ai bien parcouru quelque forum sans arriver a quoi que se soit .
J'ai toutefoit pu accéder a mon gestionaire des taches avec un ptit utilitaire qui s'apelle TUNEUP et apres avoir aretter le processus NVSCV32.EXE j arrive a avoir mon gestionaire des taches ainsi que ma base de donnée .
J ai fait une analyse sur securer.com et ma trouver quelquue 3000 fujacks.do comme trojan oO, oui ca fait bcp .
Je vous demande donc avec la plus grande des politesses comment je pourrais m en débarasser, je vous poste mon log HIJACK .
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:09:34, on 13/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\SVCHOST.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\TuneUp Utilities 2008\ProcessManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Tribal\Local Settings\Temporary Internet Files\Content.IE5\MG1A6ZQA\FxGaobot[1].exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SVCHOST] C:\WINDOWS\MDM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [nvscv32] C:\WINDOWS\system32\drivers\nvscv32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~3\Office\1033\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?06f500461e5b450bb906f955c854ff84
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?06f500461e5b450bb906f955c854ff84
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{62E4931B-5BA7-4579-B96A-8D9C61F1445D}: NameServer = 193.252.19.1,193.252.19.2
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
A voir également:
- AIde pour virer un virus svp !
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
12 réponses
il a deja cela :C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
mais bon pas d antivirus ni de pare feu. cela devient dur de passer entre les balles.
passe cela.
pour voir télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
mais bon pas d antivirus ni de pare feu. cela devient dur de passer entre les balles.
passe cela.
pour voir télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Heu ca va faire long oO
voici le rapport :
ComboFix 08-11-12.01 - Tribal 2008-11-13 19:08:19.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1507 [GMT 1:00]
Lancé depuis: c:\documents and settings\Tribal\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\2d5c3f4c1c5394bc903a6faf32af\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\60\comctl\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\60\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\msft\mswincrt\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\drw\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\images\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\lang\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\new\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\mediactr\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\mediactr\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\netfx\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\netfx\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\tabletpc\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\tabletpc\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\ic\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\ip\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\setuptxt\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\update\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\acrobat\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\cmmgr\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\devupgrd\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\dmicall\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\eastman\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\fax\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\hptools\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\ibmav\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\icm\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\iemig\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\mapi\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\mapi\dll\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\modems\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\msgqueue\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\msp\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\neckbd\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\necpa\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\necwps\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\octopus\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\oewab\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\print\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\pws\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\rumba\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\setup\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\transact\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\wia\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\wmp\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\winntupg\Desktop_.ini
C:\autorun.inf
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Canon MP700 Printer\[u]0[/u]001\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Canon MP700 Printer\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\LanguageModules\[u]0[/u]409\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\LanguageModules\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Picture\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\SYSTEM\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\Tribal\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Desktop_.ini
c:\bjprinter\Desktop_.ini
c:\canonmp\Desktop_.ini
c:\canonmp\MP730700\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Fax\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Print\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNC700\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNC730\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNCUMP70\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\MPSCNLLD\Desktop_.ini
c:\drivekey\Desktop_.ini
c:\fraps\benchmarks\Desktop_.ini
c:\fraps\Desktop_.ini
c:\fraps\HELP\Desktop_.ini
c:\intel\Desktop_.ini
c:\intel\Logs\Desktop_.ini
c:\logs\Desktop_.ini
c:\nvidia forceware\Desktop_.ini
c:\nvidia forceware\XTreme-G 175.16 XP 32 bit\Desktop_.ini
c:\nvidia\Desktop_.ini
c:\nvidia\Win2k\175.16\Desktop_.ini
c:\nvidia\Win2k\175.16\IS\Desktop_.ini
c:\nvidia\Win2k\178.13\Desktop_.ini
c:\nvidia\Win2k\178.13\IS\Desktop_.ini
c:\nvidia\Win2k\Desktop_.ini
c:\poker\Desktop_.ini
c:\poker\Titan Poker\data\blackjack\Desktop_.ini
c:\poker\Titan Poker\data\Desktop_.ini
c:\poker\Titan Poker\data\lobby\buttons\Desktop_.ini
c:\poker\Titan Poker\data\lobby\Desktop_.ini
c:\poker\Titan Poker\data\lobby\dialogs\Desktop_.ini
c:\poker\Titan Poker\data\lobby\login\Desktop_.ini
c:\poker\Titan Poker\data\lobby\sidegames\Desktop_.ini
c:\poker\Titan Poker\data\lobby\tables\Desktop_.ini
c:\poker\Titan Poker\data\lobby\waitinglist\Desktop_.ini
c:\poker\Titan Poker\data\poker_caribbean\Desktop_.ini
c:\poker\Titan Poker\data\poker_holdem\Desktop_.ini
c:\poker\Titan Poker\data\poker_paigow\Desktop_.ini
c:\poker\Titan Poker\data\poker_tequila\Desktop_.ini
c:\poker\Titan Poker\data\roulette\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette\buttons\Desktop_.ini
c:\poker\Titan Poker\data\roulette\Desktop_.ini
c:\poker\Titan Poker\data\roulette\sounds\Desktop_.ini
c:\poker\Titan Poker\data\roulette\zoom\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\luxury\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\luxury\Desktop_.ini
c:\poker\Titan Poker\data\shared\9line\Desktop_.ini
c:\poker\Titan Poker\data\shared\blackjack\Desktop_.ini
c:\poker\Titan Poker\data\shared\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\poker\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\textures\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\videopoker_multiline\Desktop_.ini
c:\poker\Titan Poker\data\shared\coins\Desktop_.ini
c:\poker\Titan Poker\data\shared\coins\tablecoins\Desktop_.ini
c:\poker\Titan Poker\data\shared\Desktop_.ini
c:\poker\Titan Poker\data\shared\dollarball\Desktop_.ini
c:\poker\Titan Poker\data\shared\dollarball\sounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\doublescreen\Desktop_.ini
c:\poker\Titan Poker\data\shared\fonts\Desktop_.ini
c:\poker\Titan Poker\data\shared\history\cards\Desktop_.ini
c:\poker\Titan Poker\data\shared\history\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\chat\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\chat\emoticons\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\Desktop_.ini
c:\poker\Titan Poker\data\shared\interface\chat\Desktop_.ini
c:\poker\Titan Poker\data\shared\interface\Desktop_.ini
c:\poker\Titan Poker\data\shared\options\Desktop_.ini
c:\poker\Titan Poker\data\shared\slots\Desktop_.ini
c:\poker\Titan Poker\data\shared\slots\lines\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\dealervoices\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\dealervoices\numbers\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\baseballer\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\blackdude\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\bond\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\cowboy\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\frenchgirl\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\frenchman\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\mafiaguy\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\olderbusinesswoman\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\oldtourist\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\valleygirl\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablegames\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablegames\silver_bright\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablesigns\Desktop_.ini
c:\poker\Titan Poker\data\shared\ui\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_4line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_4line\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_deuces\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_jacks\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_multiline\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_multiline\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\betlines\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\bonusgame\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\betlines\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\bonus\screen\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\fonts\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\bonusgame\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\intro_txt\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\ninjas\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\info\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\reelspins\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\symbols\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\info\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\reelspins\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\symbols\Desktop_.ini
c:\poker\Titan Poker\data\table\3d\Desktop_.ini
c:\poker\Titan Poker\data\table\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\chat\cards\Desktop_.ini
c:\poker\Titan Poker\data\table\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\buttons\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\chat\chat_bottom\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\coins\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\avatars\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\buttons\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\cards\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\chat_bottom\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\chat_side\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\coins\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\dialogs\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\history\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_25aces\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_25aces\wintable\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_4deuceswild\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_deuceswild\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_jacks\Desktop_.ini
c:\poker\Titan Poker\data\wildviking\Desktop_.ini
c:\poker\Titan Poker\data\wildviking\silver_bright\Desktop_.ini
c:\poker\Titan Poker\Desktop_.ini
c:\poker\Titan Poker\History\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Table\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Tournament\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\en\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\fr\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\Desktop_.ini
c:\program files\Adobe\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Esl\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\AIR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\AMT\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Onramp\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Browser\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\ENU\Images\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\FRA\Images\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Javascripts\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Optional\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\PMP\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\MPP\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins3d\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins3d\prc\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\SPPlugins\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Tracker\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\CMap\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Font\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Font\PFM\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\LanguageNames\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Proximity\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1036-7B44-A81000000003}\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Setup Files\Desktop_.ini
c:\program files\Advanced Combat Tracker\Config\Desktop_.ini
c:\program files\Advanced Combat Tracker\Desktop_.ini
c:\program files\Advanced Combat Tracker\html\Desktop_.ini
c:\program files\Advanced Combat Tracker\Temp\Desktop_.ini
c:\program files\AGEIA Technologies\demos\container\Desktop_.ini
c:\program files\AGEIA Technologies\demos\Desktop_.ini
c:\program files\AGEIA Technologies\Desktop_.ini
c:\program files\AGEIA Technologies\driver\Desktop_.ini
c:\program files\AGEIA Technologies\driver\x86\1.1.1.15\Desktop_.ini
c:\program files\AGEIA Technologies\driver\x86\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\Desktop_.ini
c:\program files\AoCtoEQ2logConverter-1.3\Desktop_.ini
c:\program files\AoCtoEQ2logConverter-1.3\Images\Desktop_.ini
c:\program files\Apple Software Update\Desktop_.ini
c:\program files\Apple Software Update\plugins\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Crystal\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Epiphany\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Neo\Desktop_.ini
c:\program files\ASUSTek\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\_frHTML\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15748\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15749\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15750\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Ini\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Close2Exp\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Expired\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Invalid\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Trial\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\pic\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Skin\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Default\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Default\images\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Desktop_.ini
c:\program files\BitDefender\Desktop_.ini
c:\program files\Bonjour\Desktop_.ini
c:\program files\Canon\Desktop_.ini
c:\program files\Canon\MP Toolbox\Desktop_.ini
c:\program files\Curse\Desktop_.ini
c:\program files\CyberLink\Common\Desktop_.ini
c:\program files\CyberLink\Desktop_.ini
c:\program files\Desktop_.ini
c:\program files\DivX\Artwork\Desktop_.ini
c:\program files\DivX\AutoUpdate\Desktop_.ini
c:\program files\DivX\Desktop_.ini
c:\program files\DivX\DivX Codec\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Microsoft.VC80.ATL\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Converter\Desktop_.ini
c:\program files\DivX\DivX Converter\Images\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.ATL\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.MFC\Desktop_.ini
c:\program files\DivX\DivX Player\Desktop_.ini
c:\program files\DivX\DivX Player\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Player\Microsoft.VC80.MFC\Desktop_.ini
c:\program files\DivX\DivX Player\Skins\Desktop_.ini
c:\program files\DivX\DivX Web Player\Desktop_.ini
c:\program files\DivX\DivX Web Player\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Web Player\Skins\Desktop_.ini
c:\program files\eMule\config\Desktop_.ini
c:\program files\eMule\Desktop_.ini
c:\program files\eMule\Incoming\Desktop_.ini
c:\program files\eMule\lang\Desktop_.ini
c:\program files\eMule\skins\Desktop_.ini
c:\program files\eMule\Temp\Desktop_.ini
c:\program files\eMule\webserver\Desktop_.ini
c:\program files\Everest Poker\data\Desktop_.ini
c:\program files\Everest Poker\data\fonts\Desktop_.ini
c:\program files\Everest Poker\data\mp-lobby\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\background\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\fr\Desktop_.ini
c:\program files\Everest Poker\data\shared\Desktop_.ini
c:\program files\Everest Poker\data\shared\fr\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\bitmaps\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\sounds\Desktop_.ini
c:\program files\Everest Poker\data\startup\Desktop_.ini
c:\program files\Everest Poker\data\startup\en\Desktop_.ini
c:\program files\Everest Poker\data\startup\fr\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\bitmaps\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\icons\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\sounds\Desktop_.ini
c:\program files\Everest Poker\Desktop_.ini
c:\program files\Everest Poker\history\Desktop_.ini
c:\program files\Everest Poker\var\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Acrobat\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\images\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\images\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\ICU\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Adobe\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Mac\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\win\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Updater5\Desktop_.ini
c:\program files\Fichiers communs\Ahead\AudioPlugins\Desktop_.ini
c:\program files\Fichiers communs\Ahead\BackItUp\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Desktop_.ini
c:\program files\Fichiers communs\Ahead\DSFilter\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\default\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\filedlg\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\nas\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\nas\presets\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero 7\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero 7\Eula\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero Web\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NeroSlideShow\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NTP\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NTP\Nero 7\Desktop_.ini
c:\program files\Fichiers communs\Ahead\RemoteControl\Desktop_.ini
c:\program files\Fichiers communs\Apple\CoreFP\Desktop_.ini
c:\program files\Fichiers communs\Apple\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\de.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\en.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\es.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\fr.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\it.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ja.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\nb.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\nl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pt.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Drivers\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Africa\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Argentina\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Indiana\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Kentucky\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\North_Dakota\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Antarctica\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Arctic\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Asia\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Atlantic\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Australia\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Brazil\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Canada\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Chile\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Etc\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Europe\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Indian\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Mexico\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Mideast\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Pacific\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\US\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CFNetwork.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CFNetwork.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Foundation.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Foundation.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\GoogleContactSync.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\GoogleContactSync.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\OutlookSyncClientHelper.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\OutlookSyncClientHelper.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServices.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServices.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sy
voici le rapport :
ComboFix 08-11-12.01 - Tribal 2008-11-13 19:08:19.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1507 [GMT 1:00]
Lancé depuis: c:\documents and settings\Tribal\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\2d5c3f4c1c5394bc903a6faf32af\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\10\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\51\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\52\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\60\comctl\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\60\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\60\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\msft\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\70\policy\msft\mswincrt\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\asms\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\drw\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ic\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\images\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\compdata\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\ip\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\lang\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\new\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\mediactr\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\mediactr\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\netfx\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\netfx\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\tabletpc\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\cmpnents\tabletpc\i386\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\ic\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\root\ip\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\setuptxt\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\update\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\acrobat\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\cmmgr\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\devupgrd\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\dmicall\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\eastman\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\fax\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\hptools\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\ibmav\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\icm\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\iemig\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\mapi\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\mapi\dll\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\modems\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\msgqueue\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\msp\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\neckbd\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\necpa\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\necwps\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\octopus\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\oewab\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\print\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\pws\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\rumba\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\setup\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\transact\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\wia\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xmig\wmp\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\win9xupg\Desktop_.ini
c:\2d5c3f4c1c5394bc903a6faf32af\i386\winntupg\Desktop_.ini
C:\autorun.inf
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Canon MP700 Printer\[u]0[/u]001\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Canon MP700 Printer\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\LanguageModules\[u]0[/u]409\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\LanguageModules\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\Picture\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\SYSTEM\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Canon MP700 Printer\UserProfile\Tribal\Desktop_.ini
c:\bjprinter\CNMWINDOWS\Desktop_.ini
c:\bjprinter\Desktop_.ini
c:\canonmp\Desktop_.ini
c:\canonmp\MP730700\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Fax\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Print\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNC700\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNC730\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\CNCUMP70\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\Desktop_.ini
c:\canonmp\MP730700\Win2KXP\Scan\MPSCNLLD\Desktop_.ini
c:\drivekey\Desktop_.ini
c:\fraps\benchmarks\Desktop_.ini
c:\fraps\Desktop_.ini
c:\fraps\HELP\Desktop_.ini
c:\intel\Desktop_.ini
c:\intel\Logs\Desktop_.ini
c:\logs\Desktop_.ini
c:\nvidia forceware\Desktop_.ini
c:\nvidia forceware\XTreme-G 175.16 XP 32 bit\Desktop_.ini
c:\nvidia\Desktop_.ini
c:\nvidia\Win2k\175.16\Desktop_.ini
c:\nvidia\Win2k\175.16\IS\Desktop_.ini
c:\nvidia\Win2k\178.13\Desktop_.ini
c:\nvidia\Win2k\178.13\IS\Desktop_.ini
c:\nvidia\Win2k\Desktop_.ini
c:\poker\Desktop_.ini
c:\poker\Titan Poker\data\blackjack\Desktop_.ini
c:\poker\Titan Poker\data\Desktop_.ini
c:\poker\Titan Poker\data\lobby\buttons\Desktop_.ini
c:\poker\Titan Poker\data\lobby\Desktop_.ini
c:\poker\Titan Poker\data\lobby\dialogs\Desktop_.ini
c:\poker\Titan Poker\data\lobby\login\Desktop_.ini
c:\poker\Titan Poker\data\lobby\sidegames\Desktop_.ini
c:\poker\Titan Poker\data\lobby\tables\Desktop_.ini
c:\poker\Titan Poker\data\lobby\waitinglist\Desktop_.ini
c:\poker\Titan Poker\data\poker_caribbean\Desktop_.ini
c:\poker\Titan Poker\data\poker_holdem\Desktop_.ini
c:\poker\Titan Poker\data\poker_paigow\Desktop_.ini
c:\poker\Titan Poker\data\poker_tequila\Desktop_.ini
c:\poker\Titan Poker\data\roulette\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette\buttons\Desktop_.ini
c:\poker\Titan Poker\data\roulette\Desktop_.ini
c:\poker\Titan Poker\data\roulette\sounds\Desktop_.ini
c:\poker\Titan Poker\data\roulette\zoom\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\luxury\3d\Desktop_.ini
c:\poker\Titan Poker\data\roulette_mini\luxury\Desktop_.ini
c:\poker\Titan Poker\data\shared\9line\Desktop_.ini
c:\poker\Titan Poker\data\shared\blackjack\Desktop_.ini
c:\poker\Titan Poker\data\shared\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\poker\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\textures\Desktop_.ini
c:\poker\Titan Poker\data\shared\cards\videopoker_multiline\Desktop_.ini
c:\poker\Titan Poker\data\shared\coins\Desktop_.ini
c:\poker\Titan Poker\data\shared\coins\tablecoins\Desktop_.ini
c:\poker\Titan Poker\data\shared\Desktop_.ini
c:\poker\Titan Poker\data\shared\dollarball\Desktop_.ini
c:\poker\Titan Poker\data\shared\dollarball\sounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\doublescreen\Desktop_.ini
c:\poker\Titan Poker\data\shared\fonts\Desktop_.ini
c:\poker\Titan Poker\data\shared\history\cards\Desktop_.ini
c:\poker\Titan Poker\data\shared\history\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\chat\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\chat\emoticons\Desktop_.ini
c:\poker\Titan Poker\data\shared\html\Desktop_.ini
c:\poker\Titan Poker\data\shared\interface\chat\Desktop_.ini
c:\poker\Titan Poker\data\shared\interface\Desktop_.ini
c:\poker\Titan Poker\data\shared\options\Desktop_.ini
c:\poker\Titan Poker\data\shared\slots\Desktop_.ini
c:\poker\Titan Poker\data\shared\slots\lines\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\dealervoices\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\dealervoices\numbers\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\baseballer\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\blackdude\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\bond\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\cowboy\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\frenchgirl\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\frenchman\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\mafiaguy\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\olderbusinesswoman\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\oldtourist\Desktop_.ini
c:\poker\Titan Poker\data\shared\sounds\playersounds\valleygirl\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablegames\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablegames\silver_bright\Desktop_.ini
c:\poker\Titan Poker\data\shared\tablesigns\Desktop_.ini
c:\poker\Titan Poker\data\shared\ui\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_4line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_4line\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_deuces\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_jacks\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_multiline\buttons\Desktop_.ini
c:\poker\Titan Poker\data\shared\videopoker_multiline\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\betlines\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\bonusgame\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_beachlife20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\betlines\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_globaltraveler20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\bonus\screen\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\fonts\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_gold8line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\animation\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\bonusgame\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_millionaireslane20line\wintable\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\intro_txt\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\bonus\ninjas\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\info\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\reelspins\Desktop_.ini
c:\poker\Titan Poker\data\slots_silentsamurai9line\sounds\symbols\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\buttons\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\info\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\bonus\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\doubleup\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\reelspins\Desktop_.ini
c:\poker\Titan Poker\data\slots_wildspirit20line\sounds\symbols\Desktop_.ini
c:\poker\Titan Poker\data\table\3d\Desktop_.ini
c:\poker\Titan Poker\data\table\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\chat\cards\Desktop_.ini
c:\poker\Titan Poker\data\table\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\buttons\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\chat\chat_bottom\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\coins\Desktop_.ini
c:\poker\Titan Poker\data\table\smallview\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\anim\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\avatars\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\buttons\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\cards\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\chat_bottom\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\chat_side\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\chat\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\coins\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\dialogs\Desktop_.ini
c:\poker\Titan Poker\data\table\topview\history\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_25aces\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_25aces\wintable\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_4deuceswild\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_deuceswild\Desktop_.ini
c:\poker\Titan Poker\data\videopoker_jacks\Desktop_.ini
c:\poker\Titan Poker\data\wildviking\Desktop_.ini
c:\poker\Titan Poker\data\wildviking\silver_bright\Desktop_.ini
c:\poker\Titan Poker\Desktop_.ini
c:\poker\Titan Poker\History\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Table\Desktop_.ini
c:\poker\Titan Poker\History\TTR91295552\Tournament\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\en\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\1.0\Resources\fr\Desktop_.ini
c:\program files\Adobe\Adobe Help Viewer\Desktop_.ini
c:\program files\Adobe\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Esl\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\adobe_epic\eula\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\AIR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\AMT\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Onramp\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Browser\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\ENU\Images\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\HowTo\FRA\Images\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\IDTemplates\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Javascripts\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Legal\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Optional\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\PMP\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\en_US\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\fr_FR\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\MPP\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\ENU\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\FRA\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins3d\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\plug_ins3d\prc\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\SPPlugins\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Reader\Tracker\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\CMap\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Font\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Font\PFM\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\LanguageNames\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Proximity\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1036-7B44-A81000000003}\Desktop_.ini
c:\program files\Adobe\Reader 8.0\Setup Files\Desktop_.ini
c:\program files\Advanced Combat Tracker\Config\Desktop_.ini
c:\program files\Advanced Combat Tracker\Desktop_.ini
c:\program files\Advanced Combat Tracker\html\Desktop_.ini
c:\program files\Advanced Combat Tracker\Temp\Desktop_.ini
c:\program files\AGEIA Technologies\demos\container\Desktop_.ini
c:\program files\AGEIA Technologies\demos\Desktop_.ini
c:\program files\AGEIA Technologies\Desktop_.ini
c:\program files\AGEIA Technologies\driver\Desktop_.ini
c:\program files\AGEIA Technologies\driver\x86\1.1.1.15\Desktop_.ini
c:\program files\AGEIA Technologies\driver\x86\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.3.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.4.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.5.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.6.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.1\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.2\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.3\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.4\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.5\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.7.6\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.0\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\AG1011\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\AG1021\Desktop_.ini
c:\program files\AGEIA Technologies\v2.8.1\Desktop_.ini
c:\program files\AoCtoEQ2logConverter-1.3\Desktop_.ini
c:\program files\AoCtoEQ2logConverter-1.3\Images\Desktop_.ini
c:\program files\Apple Software Update\Desktop_.ini
c:\program files\Apple Software Update\plugins\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\da.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\de.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\en.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\es.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\it.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Crystal\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Epiphany\Desktop_.ini
c:\program files\ASUSTek\ASUSDVD XP\Skins\Neo\Desktop_.ini
c:\program files\ASUSTek\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\_frHTML\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15748\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15749\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\as2core\antispam_sig_15750\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Ini\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Close2Exp\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Expired\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Invalid\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\NAG\Trial\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\pic\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Skin\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Default\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Default\images\Desktop_.ini
c:\program files\BitDefender\BitDefender 2008\Themes\Desktop_.ini
c:\program files\BitDefender\Desktop_.ini
c:\program files\Bonjour\Desktop_.ini
c:\program files\Canon\Desktop_.ini
c:\program files\Canon\MP Toolbox\Desktop_.ini
c:\program files\Curse\Desktop_.ini
c:\program files\CyberLink\Common\Desktop_.ini
c:\program files\CyberLink\Desktop_.ini
c:\program files\Desktop_.ini
c:\program files\DivX\Artwork\Desktop_.ini
c:\program files\DivX\AutoUpdate\Desktop_.ini
c:\program files\DivX\Desktop_.ini
c:\program files\DivX\DivX Codec\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Microsoft.VC80.ATL\Desktop_.ini
c:\program files\DivX\DivX Common Filters\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Converter\Desktop_.ini
c:\program files\DivX\DivX Converter\Images\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.ATL\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Converter\Microsoft.VC80.MFC\Desktop_.ini
c:\program files\DivX\DivX Player\Desktop_.ini
c:\program files\DivX\DivX Player\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Player\Microsoft.VC80.MFC\Desktop_.ini
c:\program files\DivX\DivX Player\Skins\Desktop_.ini
c:\program files\DivX\DivX Web Player\Desktop_.ini
c:\program files\DivX\DivX Web Player\Microsoft.VC80.CRT\Desktop_.ini
c:\program files\DivX\DivX Web Player\Skins\Desktop_.ini
c:\program files\eMule\config\Desktop_.ini
c:\program files\eMule\Desktop_.ini
c:\program files\eMule\Incoming\Desktop_.ini
c:\program files\eMule\lang\Desktop_.ini
c:\program files\eMule\skins\Desktop_.ini
c:\program files\eMule\Temp\Desktop_.ini
c:\program files\eMule\webserver\Desktop_.ini
c:\program files\Everest Poker\data\Desktop_.ini
c:\program files\Everest Poker\data\fonts\Desktop_.ini
c:\program files\Everest Poker\data\mp-lobby\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\background\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\Desktop_.ini
c:\program files\Everest Poker\data\mp-poker\fr\Desktop_.ini
c:\program files\Everest Poker\data\shared\Desktop_.ini
c:\program files\Everest Poker\data\shared\fr\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\bitmaps\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\Desktop_.ini
c:\program files\Everest Poker\data\shared\shared\sounds\Desktop_.ini
c:\program files\Everest Poker\data\startup\Desktop_.ini
c:\program files\Everest Poker\data\startup\en\Desktop_.ini
c:\program files\Everest Poker\data\startup\fr\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\bitmaps\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\icons\Desktop_.ini
c:\program files\Everest Poker\data\startup\shared\sounds\Desktop_.ini
c:\program files\Everest Poker\Desktop_.ini
c:\program files\Everest Poker\history\Desktop_.ini
c:\program files\Everest Poker\var\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Acrobat\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\images\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\en_US\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\images\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Help\fr_FR\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\ICU\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Adobe\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Mac\Desktop_.ini
c:\program files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\win\Desktop_.ini
c:\program files\Fichiers communs\Adobe\Updater5\Desktop_.ini
c:\program files\Fichiers communs\Ahead\AudioPlugins\Desktop_.ini
c:\program files\Fichiers communs\Ahead\BackItUp\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Desktop_.ini
c:\program files\Fichiers communs\Ahead\DSFilter\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\default\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Lib\NeroPreview\filedlg\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\nas\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NAS\nas\presets\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero 7\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero 7\Eula\Desktop_.ini
c:\program files\Fichiers communs\Ahead\Nero Web\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NeroSlideShow\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NTP\Desktop_.ini
c:\program files\Fichiers communs\Ahead\NTP\Nero 7\Desktop_.ini
c:\program files\Fichiers communs\Ahead\RemoteControl\Desktop_.ini
c:\program files\Fichiers communs\Apple\CoreFP\Desktop_.ini
c:\program files\Fichiers communs\Apple\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\IESyncClient.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SafariSyncClient.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncServer.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\de.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\en.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\es.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\fr.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\it.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ja.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\nb.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\nl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pt.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsContactsSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\WindowsMailSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\YahooSync.app\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Drivers\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Africa\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Argentina\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Indiana\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\Kentucky\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\America\North_Dakota\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Antarctica\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Arctic\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Asia\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Atlantic\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Australia\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Brazil\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Canada\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Chile\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Etc\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Europe\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Indian\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Mexico\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Mideast\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\Pacific\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\etc\zoneinfo\US\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CFNetwork.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CFNetwork.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\CoreFoundation.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Foundation.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\Foundation.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\GoogleContactSync.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\GoogleContactSync.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\OutlookSyncClientHelper.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\OutlookSyncClientHelper.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServices.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServices.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\Frameworks\SyncServicesUI.framework\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.IE\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Outlook\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.Safari\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsContacts\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\ko.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\no.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\pl.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\pt_PT.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\ru.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\Spanish.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\sv.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\zh_CN.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Contents\Resources\zh_TW.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.apple.WindowsMail\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.google.ContactSync\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\da.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Dutch.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\English.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\fi.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\French.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\German.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Italian.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\Contents\Resources\Japanese.lproj\Desktop_.ini
c:\program files\Fichiers communs\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sy
Je te post juste la fin parce qu il y a le double de se que je vient de te mettre oO
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.
2008-11-13 17:54 . 2008-11-13 17:55 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-13 16:44 . 2008-11-13 16:44 <REP> d-------- c:\windows\SxsCaPendDel
2008-11-13 16:44 . 2008-11-13 16:44 <REP> d-------- c:\windows\LastGood
2008-11-13 16:44 . 2008-11-13 16:44 81,984 --a------ c:\windows\system32\bdod.bin
2008-11-13 16:44 . 2008-11-13 16:44 121 --a------ c:\windows\bdagent.INI
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\program files\TuneUp Utilities 2008
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\documents and settings\Tribal\Application Data\TuneUp Software
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-11-13 16:21 . 2008-11-13 16:21 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-11-13 16:21 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-11-13 16:06 . 2008-11-13 16:06 61,440 --a------ c:\windows\system32\drivers\ycokxnj.sys
2008-11-13 16:02 . 2008-11-13 19:13 <REP> d-------- c:\program files\ToniArts
2008-11-13 16:02 . 2008-11-13 16:44 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-13 16:02 . 2008-11-13 16:02 <REP> d-------- c:\documents and settings\Tribal\Application Data\Malwarebytes
2008-11-13 16:02 . 2008-11-13 16:02 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-13 16:02 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-13 16:02 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-13 15:57 . 2008-11-13 19:13 <REP> d-------- c:\program files\Trend Micro
2008-11-13 15:04 . 2008-11-13 15:04 <REP> d-------- c:\windows\report
2008-11-13 15:04 . 2008-11-13 15:04 <REP> d-------- c:\windows\AU_Backup
2008-11-13 15:04 . 2008-11-13 15:04 20,916,229 --a------ c:\windows\VPTNFILE.651
2008-11-13 15:04 . 2008-11-13 15:04 20,916,229 --a------ c:\windows\LPT$VPN.651
2008-11-13 15:04 . 2008-11-13 15:04 1,961,645 --a------ c:\windows\tsc.ptn
2008-11-13 15:04 . 2008-11-13 15:04 1,213,784 --a------ c:\windows\vsapi32.dll
2008-11-13 15:04 . 2008-11-13 15:04 348,229 --a------ c:\windows\tsc.exe
2008-11-13 15:04 . 2008-11-13 15:04 91,744 --a------ c:\windows\BPMNT.dll
2008-11-13 15:04 . 2008-11-13 15:04 71,749 --a------ c:\windows\hcextoutput.dll
2008-11-13 15:04 . 2008-11-13 16:24 823 --a------ c:\windows\tsc.ini
2008-11-13 15:01 . 2008-11-13 15:04 <REP> d-------- c:\windows\AU_Temp
2008-11-13 15:01 . 2008-11-13 15:01 <REP> d-------- c:\windows\AU_Log
2008-11-13 15:01 . 2008-11-13 15:01 170 --a------ c:\windows\GetServer.ini
2008-11-13 15:00 . 2008-11-13 15:00 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-13 15:00 . 2008-11-13 15:00 286,720 --a------ c:\windows\PATCH.EXE
2008-11-13 15:00 . 2008-11-13 15:00 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-13 14:51 . 2008-11-13 19:09 <REP> d-------- c:\program files\BitDefender
2008-11-13 14:50 . 2008-11-13 19:10 <REP> d-------- c:\program files\Fichiers communs\BitDefender
2008-11-13 14:44 . 2008-11-13 14:44 307,712 --a------ c:\documents and settings\Tribal\firefox.exe.exe
2008-11-13 13:55 . 2008-11-13 13:55 4,789,760 --a------ c:\documents and settings\Tribal\CurseClient.exe.exe
2008-11-13 13:55 . 2008-11-13 13:55 2,321,600 --a------ c:\documents and settings\Tribal\AdobeUpdater.exe.exe
2008-11-13 13:35 . 2008-11-13 17:54 <REP> d-------- c:\program files\Lavasoft
2008-11-13 13:35 . 2008-11-13 17:54 <REP> d-------- c:\documents and settings\Tribal\Application Data\Lavasoft
2008-11-04 15:01 . 2008-11-04 15:01 <REP> d-------- c:\documents and settings\Tribal\Application Data\DivX
2008-11-04 14:54 . 2008-11-13 19:09 <REP> d-------- c:\program files\CyberLink
2008-11-04 14:54 . 2008-11-13 19:09 <REP> d-------- c:\program files\ASUSTek
2008-11-04 14:54 . 2008-11-04 14:54 <REP> d-------- c:\documents and settings\All Users\Application Data\CyberLink
2008-11-03 20:40 . 2008-11-10 14:09 8 --a------ c:\windows\system32\nvModes.dat
2008-11-01 23:30 . 2008-11-13 19:13 <REP> d-------- c:\program files\RealVNC
2008-11-01 14:52 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-01 14:51 . 2008-11-01 14:52 <REP> d-------- c:\windows\system32\XPSViewer
2008-11-01 14:50 . 2008-11-13 19:13 <REP> d-------- c:\program files\Reference Assemblies
2008-11-01 14:50 . 2008-11-13 19:11 <REP> d-------- c:\program files\MSBuild
2008-11-01 14:50 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2008-11-01 14:50 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2008-11-01 14:50 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-11-01 14:50 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2008-11-01 14:50 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2008-11-01 14:50 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2008-11-01 14:50 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-11-01 14:48 . 2008-11-13 19:11 <REP> d-------- c:\program files\MSXML 6.0
2008-11-01 14:42 . 2008-11-13 19:11 <REP> d-------- c:\program files\MacroGoblin 2
2008-10-29 13:48 . 2008-11-13 19:13 <REP> d-------- c:\program files\WowCartographe
2008-10-29 11:03 . 2008-10-29 11:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2008-10-29 09:14 . 2008-11-13 19:09 <REP> d-------- C:\Logs
2008-10-29 09:08 . 2008-11-13 19:10 <REP> d-------- c:\program files\Fichiers communs\Blizzard Entertainment
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:\windows\system32\divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:\windows\system32\divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:\windows\system32\divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:\windows\system32\DivX.dll
2008-10-14 14:24 . 2007-01-05 16:35 49,242 --------- C:\RavMon.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-13 18:13 --------- d-----w c:\program files\Windows Live Toolbar
2008-11-13 18:13 --------- d-----w c:\program files\Windows Live Favorites
2008-11-13 18:13 --------- d-----w c:\program files\VideoLAN
2008-11-13 18:13 --------- d-----w c:\program files\Teamspeak2_RC2
2008-11-13 18:13 --------- d-----w c:\program files\Services en ligne
2008-11-13 18:13 --------- d-----w c:\program files\Realtek
2008-11-13 18:12 --------- d-----w c:\program files\Real
2008-11-13 18:12 --------- d-----w c:\program files\QuickTime
2008-11-13 18:12 --------- d-----w c:\program files\OrangeFrance
2008-11-13 18:12 --------- d-----w c:\program files\nLite
2008-11-13 18:11 --------- d-----w c:\program files\Nero
2008-11-13 18:11 --------- d-----w c:\program files\MSXML 4.0
2008-11-13 18:11 --------- d-----w c:\program files\MSN Messenger
2008-11-13 18:11 --------- d-----w c:\program files\Microsoft LifeChat
2008-11-13 18:11 --------- d-----w c:\program files\Metaboli Downloader
2008-11-13 18:11 --------- d-----w c:\program files\Macromedia
2008-11-13 18:11 --------- d-----w c:\program files\ma-config.com
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Apple
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-13 18:09 --------- d-----w c:\program files\Everest Poker
2008-11-13 18:09 --------- d-----w c:\program files\eMule
2008-11-13 18:09 --------- d-----w c:\program files\DivX
2008-11-13 18:09 --------- d-----w c:\program files\Curse
2008-11-13 18:09 --------- d-----w c:\program files\Canon
2008-11-13 18:09 --------- d-----w c:\program files\Bonjour
2008-11-13 18:09 --------- d-----w c:\program files\Apple Software Update
2008-11-13 18:09 --------- d-----w c:\program files\AoCtoEQ2logConverter-1.3
2008-11-13 18:09 --------- d-----w c:\program files\AGEIA Technologies
2008-11-13 18:09 --------- d-----w c:\program files\Advanced Combat Tracker
2008-11-13 15:02 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-10 10:11 --------- d-----w c:\documents and settings\Tribal\Application Data\teamspeak2
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-09 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\nView_Profiles
2008-10-04 15:38 --------- d-----w c:\documents and settings\Tribal\Application Data\Apple Computer
2008-10-04 15:38 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-04 15:37 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-04 15:36 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
2008-09-19 21:57 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
2008-09-19 21:57 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:57 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-19 21:57 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-19 21:57 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-16 19:27 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 07:31 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-08-29 19:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-29 06:57 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-08-26 08:11 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-20 68856]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-09 185896]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-13 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2008-08-21 267296]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Orange Connect.lnk - c:\program files\OrangeFrance\Orange Connect\Orange Connect.exe [2007-07-31 790528]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01_2k.sys [2007-03-15 37376]
S2 GtFlashSwitch;GtFlashSwitch;c:\program files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
S2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe [2004-08-19 14336]
S3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;c:\windows\system32\DRIVERS\Gtm51Irp.sys [2007-04-14 122496]
S3 GTPTSER;GT PT SER;c:\windows\system32\DRIVERS\gtptser.sys [2007-04-14 8064]
S3 GTUQBUS;GT UQ BUS;c:\windows\system32\DRIVERS\gtuqbus.sys [2007-04-14 37120]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-06-26 576680]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-11-13 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\RavMon.exe
\Shell\explore\Command - C:\RavMon.exe -e
\Shell\open\Command - C:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\RavMon.exe
\Shell\explore\Command - D:\RavMon.exe -e
\Shell\open\Command - D:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\RavMon.exe
\Shell\explore\Command - F:\RavMon.exe -e
\Shell\open\Command - F:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46da0e82-99f3-11dd-bc16-001bfcd29a05}]
\Shell\AutoRun\command - F:\RavMon.exe
\Shell\explore\Command - F:\RavMon.exe -e
\Shell\open\Command - F:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ecf-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - E:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ed1-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - D:\RavMon.exe
\Shell\explore\Command - D:\RavMon.exe -e
\Shell\open\Command - D:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ed3-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - C:\RavMon.exe
\Shell\explore\Command - C:\RavMon.exe -e
\Shell\open\Command - C:\RavMon.exe
*Newly Created Service* - 2335DAEB
*Newly Created Service* - 705B4EB8
*Newly Created Service* - AAWSERVICE
*Newly Created Service* - BDSELFPR
*Newly Created Service* - CATCHME
*Newly Created Service* - MBAMSWISSARMY
*Newly Created Service* - PROCEXP90
*Newly Created Service* - PROFOS
*Newly Created Service* - TRUFOS
*Newly Created Service* - UXTUNEUP
.
Contenu du dossier 'Tâches planifiées'
2008-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-11-13 15:43]
2008-10-11 c:\windows\Tasks\LifeChatTask.job
- c:\program files\Microsoft LifeChat\LifeChat.exe [2008-08-21 10:16]
2008-11-13 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
2008-11-13 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2008-11-13 15:47]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-AdobeUpdater - c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
HKCU-Run-CurseClient - c:\program files\Curse\CurseClient.exe
HKCU-Run-nvscv32 - c:\windows\system32\drivers\nvscv32.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\Tribal\Application Data\Mozilla\Firefox\Profiles\zkwvgz8z.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p=
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-13 19:13:36
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-13 19:14:10
ComboFix-quarantined-files.txt 2008-11-13 18:13:56
Avant-CF: 53 723 238 400 octets libres
Après-CF: 54,851,039,232 octets libres
3474 --- E O F --- 2008-11-12 22:01:3
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.
2008-11-13 17:54 . 2008-11-13 17:55 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-13 16:44 . 2008-11-13 16:44 <REP> d-------- c:\windows\SxsCaPendDel
2008-11-13 16:44 . 2008-11-13 16:44 <REP> d-------- c:\windows\LastGood
2008-11-13 16:44 . 2008-11-13 16:44 81,984 --a------ c:\windows\system32\bdod.bin
2008-11-13 16:44 . 2008-11-13 16:44 121 --a------ c:\windows\bdagent.INI
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\program files\TuneUp Utilities 2008
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\documents and settings\Tribal\Application Data\TuneUp Software
2008-11-13 16:21 . 2008-11-13 16:21 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-11-13 16:21 . 2008-11-13 16:21 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-11-13 16:21 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-11-13 16:06 . 2008-11-13 16:06 61,440 --a------ c:\windows\system32\drivers\ycokxnj.sys
2008-11-13 16:02 . 2008-11-13 19:13 <REP> d-------- c:\program files\ToniArts
2008-11-13 16:02 . 2008-11-13 16:44 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-13 16:02 . 2008-11-13 16:02 <REP> d-------- c:\documents and settings\Tribal\Application Data\Malwarebytes
2008-11-13 16:02 . 2008-11-13 16:02 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-13 16:02 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-13 16:02 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-13 15:57 . 2008-11-13 19:13 <REP> d-------- c:\program files\Trend Micro
2008-11-13 15:04 . 2008-11-13 15:04 <REP> d-------- c:\windows\report
2008-11-13 15:04 . 2008-11-13 15:04 <REP> d-------- c:\windows\AU_Backup
2008-11-13 15:04 . 2008-11-13 15:04 20,916,229 --a------ c:\windows\VPTNFILE.651
2008-11-13 15:04 . 2008-11-13 15:04 20,916,229 --a------ c:\windows\LPT$VPN.651
2008-11-13 15:04 . 2008-11-13 15:04 1,961,645 --a------ c:\windows\tsc.ptn
2008-11-13 15:04 . 2008-11-13 15:04 1,213,784 --a------ c:\windows\vsapi32.dll
2008-11-13 15:04 . 2008-11-13 15:04 348,229 --a------ c:\windows\tsc.exe
2008-11-13 15:04 . 2008-11-13 15:04 91,744 --a------ c:\windows\BPMNT.dll
2008-11-13 15:04 . 2008-11-13 15:04 71,749 --a------ c:\windows\hcextoutput.dll
2008-11-13 15:04 . 2008-11-13 16:24 823 --a------ c:\windows\tsc.ini
2008-11-13 15:01 . 2008-11-13 15:04 <REP> d-------- c:\windows\AU_Temp
2008-11-13 15:01 . 2008-11-13 15:01 <REP> d-------- c:\windows\AU_Log
2008-11-13 15:01 . 2008-11-13 15:01 170 --a------ c:\windows\GetServer.ini
2008-11-13 15:00 . 2008-11-13 15:00 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-13 15:00 . 2008-11-13 15:00 286,720 --a------ c:\windows\PATCH.EXE
2008-11-13 15:00 . 2008-11-13 15:00 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-13 14:51 . 2008-11-13 19:09 <REP> d-------- c:\program files\BitDefender
2008-11-13 14:50 . 2008-11-13 19:10 <REP> d-------- c:\program files\Fichiers communs\BitDefender
2008-11-13 14:44 . 2008-11-13 14:44 307,712 --a------ c:\documents and settings\Tribal\firefox.exe.exe
2008-11-13 13:55 . 2008-11-13 13:55 4,789,760 --a------ c:\documents and settings\Tribal\CurseClient.exe.exe
2008-11-13 13:55 . 2008-11-13 13:55 2,321,600 --a------ c:\documents and settings\Tribal\AdobeUpdater.exe.exe
2008-11-13 13:35 . 2008-11-13 17:54 <REP> d-------- c:\program files\Lavasoft
2008-11-13 13:35 . 2008-11-13 17:54 <REP> d-------- c:\documents and settings\Tribal\Application Data\Lavasoft
2008-11-04 15:01 . 2008-11-04 15:01 <REP> d-------- c:\documents and settings\Tribal\Application Data\DivX
2008-11-04 14:54 . 2008-11-13 19:09 <REP> d-------- c:\program files\CyberLink
2008-11-04 14:54 . 2008-11-13 19:09 <REP> d-------- c:\program files\ASUSTek
2008-11-04 14:54 . 2008-11-04 14:54 <REP> d-------- c:\documents and settings\All Users\Application Data\CyberLink
2008-11-03 20:40 . 2008-11-10 14:09 8 --a------ c:\windows\system32\nvModes.dat
2008-11-01 23:30 . 2008-11-13 19:13 <REP> d-------- c:\program files\RealVNC
2008-11-01 14:52 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2008-11-01 14:51 . 2008-11-01 14:52 <REP> d-------- c:\windows\system32\XPSViewer
2008-11-01 14:50 . 2008-11-13 19:13 <REP> d-------- c:\program files\Reference Assemblies
2008-11-01 14:50 . 2008-11-13 19:11 <REP> d-------- c:\program files\MSBuild
2008-11-01 14:50 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2008-11-01 14:50 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2008-11-01 14:50 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-11-01 14:50 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2008-11-01 14:50 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2008-11-01 14:50 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2008-11-01 14:50 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-11-01 14:48 . 2008-11-13 19:11 <REP> d-------- c:\program files\MSXML 6.0
2008-11-01 14:42 . 2008-11-13 19:11 <REP> d-------- c:\program files\MacroGoblin 2
2008-10-29 13:48 . 2008-11-13 19:13 <REP> d-------- c:\program files\WowCartographe
2008-10-29 11:03 . 2008-10-29 11:03 <REP> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2008-10-29 09:14 . 2008-11-13 19:09 <REP> d-------- C:\Logs
2008-10-29 09:08 . 2008-11-13 19:10 <REP> d-------- c:\program files\Fichiers communs\Blizzard Entertainment
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx0c.dll
2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:\windows\system32\divx_xx07.dll
2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:\windows\system32\divx_xx0a.dll
2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:\windows\system32\divx_xx11.dll
2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:\windows\system32\divxdec.ax
2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:\windows\system32\DivX.dll
2008-10-14 14:24 . 2007-01-05 16:35 49,242 --------- C:\RavMon.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-13 18:13 --------- d-----w c:\program files\Windows Live Toolbar
2008-11-13 18:13 --------- d-----w c:\program files\Windows Live Favorites
2008-11-13 18:13 --------- d-----w c:\program files\VideoLAN
2008-11-13 18:13 --------- d-----w c:\program files\Teamspeak2_RC2
2008-11-13 18:13 --------- d-----w c:\program files\Services en ligne
2008-11-13 18:13 --------- d-----w c:\program files\Realtek
2008-11-13 18:12 --------- d-----w c:\program files\Real
2008-11-13 18:12 --------- d-----w c:\program files\QuickTime
2008-11-13 18:12 --------- d-----w c:\program files\OrangeFrance
2008-11-13 18:12 --------- d-----w c:\program files\nLite
2008-11-13 18:11 --------- d-----w c:\program files\Nero
2008-11-13 18:11 --------- d-----w c:\program files\MSXML 4.0
2008-11-13 18:11 --------- d-----w c:\program files\MSN Messenger
2008-11-13 18:11 --------- d-----w c:\program files\Microsoft LifeChat
2008-11-13 18:11 --------- d-----w c:\program files\Metaboli Downloader
2008-11-13 18:11 --------- d-----w c:\program files\Macromedia
2008-11-13 18:11 --------- d-----w c:\program files\ma-config.com
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Apple
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-11-13 18:09 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-13 18:09 --------- d-----w c:\program files\Everest Poker
2008-11-13 18:09 --------- d-----w c:\program files\eMule
2008-11-13 18:09 --------- d-----w c:\program files\DivX
2008-11-13 18:09 --------- d-----w c:\program files\Curse
2008-11-13 18:09 --------- d-----w c:\program files\Canon
2008-11-13 18:09 --------- d-----w c:\program files\Bonjour
2008-11-13 18:09 --------- d-----w c:\program files\Apple Software Update
2008-11-13 18:09 --------- d-----w c:\program files\AoCtoEQ2logConverter-1.3
2008-11-13 18:09 --------- d-----w c:\program files\AGEIA Technologies
2008-11-13 18:09 --------- d-----w c:\program files\Advanced Combat Tracker
2008-11-13 15:02 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-10 10:11 --------- d-----w c:\documents and settings\Tribal\Application Data\teamspeak2
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-09 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\nView_Profiles
2008-10-04 15:38 --------- d-----w c:\documents and settings\Tribal\Application Data\Apple Computer
2008-10-04 15:38 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-04 15:37 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-04 15:36 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
2008-09-19 21:57 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
2008-09-19 21:57 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:57 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-19 21:57 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-19 21:57 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-16 19:27 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 07:31 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-08-29 19:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-29 06:57 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-08-26 08:11 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-20 68856]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-09 185896]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-13 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2008-08-21 267296]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Orange Connect.lnk - c:\program files\OrangeFrance\Orange Connect\Orange Connect.exe [2007-07-31 790528]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01_2k.sys [2007-03-15 37376]
S2 GtFlashSwitch;GtFlashSwitch;c:\program files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
S2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe [2004-08-19 14336]
S3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;c:\windows\system32\DRIVERS\Gtm51Irp.sys [2007-04-14 122496]
S3 GTPTSER;GT PT SER;c:\windows\system32\DRIVERS\gtptser.sys [2007-04-14 8064]
S3 GTUQBUS;GT UQ BUS;c:\windows\system32\DRIVERS\gtuqbus.sys [2007-04-14 37120]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-06-26 576680]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-11-13 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\RavMon.exe
\Shell\explore\Command - C:\RavMon.exe -e
\Shell\open\Command - C:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\RavMon.exe
\Shell\explore\Command - D:\RavMon.exe -e
\Shell\open\Command - D:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\RavMon.exe
\Shell\explore\Command - F:\RavMon.exe -e
\Shell\open\Command - F:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46da0e82-99f3-11dd-bc16-001bfcd29a05}]
\Shell\AutoRun\command - F:\RavMon.exe
\Shell\explore\Command - F:\RavMon.exe -e
\Shell\open\Command - F:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ecf-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - E:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ed1-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - D:\RavMon.exe
\Shell\explore\Command - D:\RavMon.exe -e
\Shell\open\Command - D:\RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{870b5ed3-4acb-11dd-975c-806d6172696f}]
\Shell\AutoRun\command - C:\RavMon.exe
\Shell\explore\Command - C:\RavMon.exe -e
\Shell\open\Command - C:\RavMon.exe
*Newly Created Service* - 2335DAEB
*Newly Created Service* - 705B4EB8
*Newly Created Service* - AAWSERVICE
*Newly Created Service* - BDSELFPR
*Newly Created Service* - CATCHME
*Newly Created Service* - MBAMSWISSARMY
*Newly Created Service* - PROCEXP90
*Newly Created Service* - PROFOS
*Newly Created Service* - TRUFOS
*Newly Created Service* - UXTUNEUP
.
Contenu du dossier 'Tâches planifiées'
2008-11-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-11-13 15:43]
2008-10-11 c:\windows\Tasks\LifeChatTask.job
- c:\program files\Microsoft LifeChat\LifeChat.exe [2008-08-21 10:16]
2008-11-13 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
2008-11-13 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2008-11-13 15:47]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-AdobeUpdater - c:\program files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
HKCU-Run-CurseClient - c:\program files\Curse\CurseClient.exe
HKCU-Run-nvscv32 - c:\windows\system32\drivers\nvscv32.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\Tribal\Application Data\Mozilla\Firefox\Profiles\zkwvgz8z.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p=
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-13 19:13:36
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-13 19:14:10
ComboFix-quarantined-files.txt 2008-11-13 18:13:56
Avant-CF: 53 723 238 400 octets libres
Après-CF: 54,851,039,232 octets libres
3474 --- E O F --- 2008-11-12 22:01:3
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:13:24, on 14/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~3\Office\1033\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?06f500461e5b450bb906f955c854ff84
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?06f500461e5b450bb906f955c854ff84
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{62E4931B-5BA7-4579-B96A-8D9C61F1445D}: NameServer = 193.252.19.1,193.252.19.2
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Scan saved at 01:13:24, on 14/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~3\Office\1033\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?06f500461e5b450bb906f955c854ff84
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?06f500461e5b450bb906f955c854ff84
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O17 - HKLM\System\CCS\Services\Tcpip\..\{62E4931B-5BA7-4579-B96A-8D9C61F1445D}: NameServer = 193.252.19.1,193.252.19.2
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Ok
As tu de nouveau accès à ta base de registre?
Si oui, donne moi la valeur de:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue
A+
As tu de nouveau accès à ta base de registre?
Si oui, donne moi la valeur de:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue
A+
J ai effectuer une recherche dans ma base des registres et il ne me trouve aucune ligne correspondant a se que tu ma demander .
Merci de m aider :)
Merci de m aider :)
