Log hijack, que doit-on supprimer?
Résolu
sebouine
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
C'est la misére avec mon PC, c'est devenu une vrai charette, il avance plus et l'UC tourne à donf, j'ai essayer qques trucs mais sans résult, il me semble que kle soucis à déjà été évoqué maintes fois mais pas de solution globale apparement, donc du cas par cas mais là moi je décroche complétement!
Je vous met le log de Hijack, si qqu'un peut me donner qques conseils, d'avance merci:
Logfile of HijackThis v1.99.1
Scan saved at 22:59:25, on 29/11/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\TRENDnet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Propriétaire\Bureau\VundoFix.exe
C:\Program Files\Alwil Software\Avast4\setup\setup.ovr
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C'est la misére avec mon PC, c'est devenu une vrai charette, il avance plus et l'UC tourne à donf, j'ai essayer qques trucs mais sans résult, il me semble que kle soucis à déjà été évoqué maintes fois mais pas de solution globale apparement, donc du cas par cas mais là moi je décroche complétement!
Je vous met le log de Hijack, si qqu'un peut me donner qques conseils, d'avance merci:
Logfile of HijackThis v1.99.1
Scan saved at 22:59:25, on 29/11/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\TRENDnet\TEW-421PC_TEW-423PI\TRENDnet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Propriétaire\Bureau\VundoFix.exe
C:\Program Files\Alwil Software\Avast4\setup\setup.ovr
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- Log hijack, que doit-on supprimer?
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Supprimer liste déroulante excel - Guide
- Supprimer hiberfil.sys - Guide
- Comment supprimer une application préinstallée sur android - Guide
30 réponses
- 1
- 2
Suivant
slt,
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
___________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne : (desactiver avast pour le scan)
http://pandasoftware.fr
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
___________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne : (desactiver avast pour le scan)
http://pandasoftware.fr
VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 08:32:21 30/11/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Erreur lors du nettoyage.
HKU\S-1-5-21-1375271574-1509246193-3214227364-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\LocalService\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
Fin du rapport
Et le rapport bitdefender
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
Statistiques
Temps
01:08:38
Fichiers
192604
Directoires
5575
Secteurs de boot
2
Archives
12471
Paquets programmes
9450
Résultats
Virus identifiés
3
Fichiers infectés
16
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
16
Info sur les moteurs
Définition virus
879540
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
7
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Infecté par: Packer.FSG.A
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Supprimé
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Infecté par: Packer.FSG.A
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Supprimé
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip
Mis à jour
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Infecté par: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Infecté par: Packer.FSG.A
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Supprimé
Je me rappelle que s'était CRSS.EXE qui tournait a fond dans le gestionnaire des taches, je sais pas si il a disparu, je fais rédemarrer le pc histoire de voir à tout ça!
@ toute suite..
---------------------------------------------------------
+ Créé à: 08:32:21 30/11/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Erreur lors du nettoyage.
HKU\S-1-5-21-1375271574-1509246193-3214227364-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\LocalService\Cookies\propriétaire@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
Fin du rapport
Et le rapport bitdefender
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
Statistiques
Temps
01:08:38
Fichiers
192604
Directoires
5575
Secteurs de boot
2
Archives
12471
Paquets programmes
9450
Résultats
Virus identifiés
3
Fichiers infectés
16
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
16
Info sur les moteurs
Définition virus
879540
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
7
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Infecté par: Packer.FSG.A
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005\tmg-nav2k5.exe
Supprimé
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Infecté par: Packer.FSG.A
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip=>tmg-nav2k5.exe
Supprimé
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip
Mis à jour
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Infecté par: Trojan.Dropper.NQ
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Echec de la désinfection
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138188.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138189.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138190.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138191.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138192.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138196.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138197.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138198.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Infecté par: Trojan.Dropper.NQ
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP809\A0138206.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Infecté par: Generic.Adw.SaveNow.F5FEB660
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP826\A0139530.exe
Supprimé
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Infecté par: Packer.FSG.A
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Echec de la désinfection
C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP895\A0148789.exe
Supprimé
Je me rappelle que s'était CRSS.EXE qui tournait a fond dans le gestionnaire des taches, je sais pas si il a disparu, je fais rédemarrer le pc histoire de voir à tout ça!
@ toute suite..
Pffff, c'est pas mieux voir pire qu'avant, qqu'un sait ce qui se passe, je peux quasiment plus rien faire avec le pc, même pour surfé c infernal!
Le csrss.exe fait tourner l'UC à 100% on dirait bien?
Le csrss.exe fait tourner l'UC à 100% on dirait bien?
vire ces 4 fichiers en allant dans poste de travail puis C....
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip
Mis à jour
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
______________
refais avg antispyware car il y a eu une erreur
_______________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
____________________
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
_________________
recolle un rapport hijackthis
C:\Documents and Settings\Propriétaire\Bureau\anti-virus\Norton Anti-Virus 2005.zip
Mis à jour
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\NOCD Team Fortress 2 crack.exe
Supprimé
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Team Fortress 2 crack.exe
C:\Documents and Settings\Propriétaire\Mes documents\Downloads\Win.All Team Fortress 2 crack.exe
______________
refais avg antispyware car il y a eu une erreur
_______________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
____________________
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
_________________
recolle un rapport hijackthis
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bon voilà,
J'ai tout essayer mais tjrs pareils
VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:13:39 03/12/2007
+ Résultat de l'analyse:
Rien à signaler.
Fin du rapport
03/12/2007 a 19:19:27,27
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
C:\WINDOWS\sys???????????.exe FOUND
C:\WINDOWS\uniq FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\DRIVERS\etc\serv-u.ini FOUND
C:\WINDOWS\system32\DRIVERS\etc\conf.dll FOUND
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 03/12/2007 a 19:46:35,46
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le dernier Log hijack
Logfile of HijackThis v1.99.1
Scan saved at 20:06:46, on 03/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Voili, tjrs les mêmes soucis apparement, ya aussi MOM.exe maintenant qui turbine à donf!
Pfff, je crois que je vais faire une reinstallation systeme non?
J'ai tout essayer mais tjrs pareils
VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:13:39 03/12/2007
+ Résultat de l'analyse:
Rien à signaler.
Fin du rapport
03/12/2007 a 19:19:27,27
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\ALCXMNTR.EXE FOUND
C:\WINDOWS\sys???????????.exe FOUND
C:\WINDOWS\uniq FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\DRIVERS\etc\serv-u.ini FOUND
C:\WINDOWS\system32\DRIVERS\etc\conf.dll FOUND
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 03/12/2007 a 19:46:35,46
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
et le dernier Log hijack
Logfile of HijackThis v1.99.1
Scan saved at 20:06:46, on 03/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Voili, tjrs les mêmes soucis apparement, ya aussi MOM.exe maintenant qui turbine à donf!
Pfff, je crois que je vais faire une reinstallation systeme non?
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
_________________
fais toute la procedure clean
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {0F7A9297-7268-11D1-B81A-00A076C01B0A} (CPC View ax Control) - https://www.cartesianinc.com/Products/CPCViewAX/Sdk/CpcViewAX.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://C:\nosuch.mht!http://toolbarurl.biz/dl/adv698/x.chm::/load.exe
_________________
fais toute la procedure clean
Re bonjour,
Bien j'ai fais le necessaire mais le soucis perciste et signe, c 'est dingue ce truc! Alors voila les rapports:
Le premier c'est clean
04/12/2007 a 13:13:53,45
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Donc ça me semble propre tout ça et le second un hijack
Logfile of HijackThis v1.99.1
Scan saved at 13:22:10, on 04/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Voilà si tu vois autre chose je suis preneur, d'avance merci!
Bien j'ai fais le necessaire mais le soucis perciste et signe, c 'est dingue ce truc! Alors voila les rapports:
Le premier c'est clean
04/12/2007 a 13:13:53,45
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Donc ça me semble propre tout ça et le second un hijack
Logfile of HijackThis v1.99.1
Scan saved at 13:22:10, on 04/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Voilà si tu vois autre chose je suis preneur, d'avance merci!
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
__________________
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
____________________
tu as des virus dans ta restauration system:
désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
------------------
ton windows n'est pas a jour il faudra le mettre a jour (DEMARRER puis TOUS LES PROGRAMMES puis WINDOWS UPDATE)
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
__________________
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
____________________
tu as des virus dans ta restauration system:
désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
------------------
ton windows n'est pas a jour il faudra le mettre a jour (DEMARRER puis TOUS LES PROGRAMMES puis WINDOWS UPDATE)
Salut jlp
Alors on continu, voila les rapports
SDFix: Version 1.116
Run by Propriétaire on 05/12/2007 at 17:51
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\PROPRI~1\Bureau\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\IALMCOIN.DLL - Deleted
C:\WINDOWS\system32\TFTP2332 - Deleted
C:\WINDOWS\system32\TFTP2920 - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 17:58:29
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:1a,86,d6,23,5d,03,0d,dd,a1,f1,53,9b,79,f0,36,e1,37,c7,9d,34,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:d7,f7,11,c8,41,36,ad,ba,a5,9b,1d,aa,ff,9d,c3,20,ed,0c,7b,4a,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,40,8d,e5,f0,91,ce,5e,7b,78,e8,58,d7,d4,dd,58,08,96,..
"khjeh"=hex:15,7e,78,e8,26,d0,ea,bb,08,8a,38,48,02,c2,ff,f3,da,7e,c2,9b,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,03,92,67,61,3d,bc,b7,6c,c7,de,6b,cf,8a,fa,ed,48,62,d3,6d,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:1a,86,d6,23,5d,03,0d,dd,a1,f1,53,9b,79,f0,36,e1,37,c7,9d,34,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:d7,f7,11,c8,41,36,ad,ba,a5,9b,1d,aa,ff,9d,c3,20,ed,0c,7b,4a,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,40,8d,e5,f0,91,ce,5e,7b,78,e8,58,d7,d4,dd,58,08,96,..
"khjeh"=hex:15,7e,78,e8,26,d0,ea,bb,08,8a,38,48,02,c2,ff,f3,da,7e,c2,9b,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,03,92,67,61,3d,bc,b7,6c,c7,de,6b,cf,8a,fa,ed,48,62,d3,6d,c4,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"
scanning hidden files ...
C:\WINDOWS\Temp\_av_proI.tm~a03304
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\01\1976-{B01AF362-9D41-51A1-8164-8B3E08B102DD}-v1-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1976-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\17\1986-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v17-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1986-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1383366 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\17\1986-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v17-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1986-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 158376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\18\20-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v18-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 160 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\19\2361-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v19-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2361-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1236 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\19\2361-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v19-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2361-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 160 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1073550 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 76296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 5502 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.4 408 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 122672 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 59322 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4134 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6648 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\crevette_k@hotmail.fr\DFSR\Staging\CS{6DFF6680-0D6A-D658-7384-33730D82EA1A}\01\1963-{6DFF6680-0D6A-D658-7384-33730D82EA1A}-v1-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1963-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\22\2010-{9D002A41-1274-4307-8993-91502A4053DE}-v522-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2010-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12900 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\22\2010-{9D002A41-1274-4307-8993-91502A4053DE}-v522-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2010-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1456 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\45\2054-{9D002A41-1274-4307-8993-91502A4053DE}-v545-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2054-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11604 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\45\2054-{9D002A41-1274-4307-8993-91502A4053DE}-v545-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2054-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\68\2078-{9D002A41-1274-4307-8993-91502A4053DE}-v568-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2078-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13170 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\68\2078-{9D002A41-1274-4307-8993-91502A4053DE}-v568-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2078-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2039-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2039-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2039-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2039-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2040-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2040-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2040-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2040-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\03\1994-{9D002A41-1274-4307-8993-91502A4053DE}-v503-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1994-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12828 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\03\1994-{9D002A41-1274-4307-8993-91502A4053DE}-v503-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1994-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1448 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\1989-{9D002A41-1274-4307-8993-91502A4053DE}-v504-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1989-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11730 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\1989-{9D002A41-1274-4307-8993-91502A4053DE}-v504-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1989-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 213654 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 14952 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 1038 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 49336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\1990-{9D002A41-1274-4307-8993-91502A4053DE}-v505-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1990-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11784 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\1990-{9D002A41-1274-4307-8993-91502A4053DE}-v505-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1990-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2035-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2035-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2035-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2035-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2036-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2036-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2036-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2036-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\06\1991-{9D002A41-1274-4307-8993-91502A4053DE}-v506-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1991-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11766 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\06\1991-{9D002A41-1274-4307-8993-91502A4053DE}-v506-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1991-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\1992-{9D002A41-1274-4307-8993-91502A4053DE}-v507-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1992-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10884 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\1992-{9D002A41-1274-4307-8993-91502A4053DE}-v507-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1992-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 327450 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 22692 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 70432 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\09\1993-{9D002A41-1274-4307-8993-91502A4053DE}-v509-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1993-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11820 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\09\1993-{9D002A41-1274-4307-8993-91502A4053DE}-v509-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1993-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\11\1995-{9D002A41-1274-4307-8993-91502A4053DE}-v511-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1995-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\11\1995-{9D002A41-1274-4307-8993-91502A4053DE}-v511-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1995-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1496 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\12\1996-{9D002A41-1274-4307-8993-91502A4053DE}-v512-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1996-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11514 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\12\1996-{9D002A41-1274-4307-8993-91502A4053DE}-v512-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1996-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\1997-{9D002A41-1274-4307-8993-91502A4053DE}-v513-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1997-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11298 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\1997-{9D002A41-1274-4307-8993-91502A4053DE}-v513-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1997-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1264 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\2114-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2113-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\14\2003-{9D002A41-1274-4307-8993-91502A4053DE}-v514-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2003-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12216 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\14\2003-{9D002A41-1274-4307-8993-91502A4053DE}-v514-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2003-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1352 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\15\2004-{9D002A41-1274-4307-8993-91502A4053DE}-v515-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2004-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12126 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\15\2004-{9D002A41-1274-4307-8993-91502A4053DE}-v515-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2004-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2005-{9D002A41-1274-4307-8993-91502A4053DE}-v516-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2005-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11658 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2005-{9D002A41-1274-4307-8993-91502A4053DE}-v516-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2005-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2112-{9D002A41-1274-4307-8993-91502A4053DE}-v616-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 53778 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2112-{9D002A41-1274-4307-8993-91502A4053DE}-v616-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\17\2006-{9D002A41-1274-4307-8993-91502A4053DE}-v517-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2006-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10866 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\17\2006-{9D002A41-1274-4307-8993-91502A4053DE}-v517-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2006-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1256 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\18\2002-{9D002A41-1274-4307-8993-91502A4053DE}-v518-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2002-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\18\2002-{9D002A41-1274-4307-8993-91502A4053DE}-v518-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2002-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1248 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\19\2007-{9D002A41-1274-4307-8993-91502A4053DE}-v519-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2007-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12054 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\19\2007-{9D002A41-1274-4307-8993-91502A4053DE}-v519-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2007-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1320 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\20\2008-{9D002A41-1274-4307-8993-91502A4053DE}-v520-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2008-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10164 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\20\2008-{9D002A41-1274-4307-8993-91502A4053DE}-v520-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2008-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\21\2009-{9D002A41-1274-4307-8993-91502A4053DE}-v521-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2009-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12774 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\21\2009-{9D002A41-1274-4307-8993-91502A4053DE}-v521-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2009-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\23\2011-{9D002A41-1274-4307-8993-91502A4053DE}-v523-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2011-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13188 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\23\2011-{9D002A41-1274-4307-8993-91502A4053DE}-v523-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2011-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\24\2103-{9D002A41-1274-4307-8993-91502A4053DE}-v524-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12612 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\24\2103-{9D002A41-1274-4307-8993-91502A4053DE}-v524-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1400 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\25\2018-{9D002A41-1274-4307-8993-91502A4053DE}-v525-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2018-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\25\2018-{9D002A41-1274-4307-8993-91502A4053DE}-v525-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2018-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\26\2019-{9D002A41-1274-4307-8993-91502A4053DE}-v526-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2019-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10146 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\26\2019-{9D002A41-1274-4307-8993-91502A4053DE}-v526-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2019-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\27\2020-{9D002A41-1274-4307-8993-91502A4053DE}-v527-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2020-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11010 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\27\2020-{9D002A41-1274-4307-8993-91502A4053DE}-v527-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2020-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\28\2021-{9D002A41-1274-4307-8993-91502A4053DE}-v528-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2021-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13188 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\28\2021-{9D002A41-1274-4307-8993-91502A4053DE}-v528-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2021-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1424 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\29\2022-{9D002A41-1274-4307-8993-91502A4053DE}-v529-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2022-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13476 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\29\2022-{9D002A41-1274-4307-8993-91502A4053DE}-v529-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2022-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1504 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2016-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2016-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2016-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2016-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2017-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2017-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2017-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2017-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\31\2026-{9D002A41-1274-4307-8993-91502A4053DE}-v531-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2026-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12324 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\31\2026-{9D002A41-1274-4307-8993-91502A4053DE}-v531-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2026-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1360 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2025-{9D002A41-1274-4307-8993-91502A4053DE}-v532-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2025-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13134 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2025-{9D002A41-1274-4307-8993-91502A4053DE}-v532-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2025-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2102-{9D002A41-1274-4307-8993-91502A4053DE}-v632-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 128100 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2102-{9D002A41-1274-4307-8993-91502A4053DE}-v632-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 16368 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\33\2027-{9D002A41-1274-4307-8993-91502A4053DE}-v533-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2027-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11982 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\33\2027-{9D002A41-1274-4307-8993-91502A4053DE}-v533-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2027-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\34\2041-{9D002A41-1274-4307-8993-91502A4053DE}-v534-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2041-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10776 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\34\2041-{9D002A41-1274-4307-8993-91502A4053DE}-v534-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2041-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1184 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2030-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2030-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11568 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2030-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2030-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2031-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2031-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11568 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2031-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2031-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\36\2042-{9D002A41-1274-4307-8993-91502A4053DE}-v536-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2042-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12918 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\36\2042-{9D002A41-1274-4307-8993-91502A4053DE}-v536-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2042-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2045-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2045-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12630 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2045-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2045-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2046-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2046-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12630 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2046-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2046-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\38\2047-{9D002A41-1274-4307-8993-91502A4053DE}-v538-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2047-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12072 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\38\2047-{9D002A41-1274-4307-8993-91502A4053DE}-v538-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2047-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\39\2048-{9D002A41-1274-4307-8993-91502A4053DE}-v539-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2048-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\39\2048-{9D002A41-1274-4307-8993-91502A4053DE}-v539-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2048-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\40\2049-{9D002A41-1274-4307-8993-91502A4053DE}-v540-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2049-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11496 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\40\2049-{9D002A41-1274-4307-8993-91502A4053DE}-v540-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2049-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\41\2050-{9D002A41-1274-4307-8993-91502A4053DE}-v541-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2050-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13260 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\41\2050-{9D002A41-1274-4307-8993-91502A4053DE}-v541-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2050-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1504 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\42\2051-{9D002A41-1274-4307-8993-91502A4053DE}-v542-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2051-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12000 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\42\2051-{9D002A41-1274-4307-8993-91502A4053DE}-v542-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2051-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\43\2052-{9D002A41-1274-4307-8993-91502A4053DE}-v543-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2052-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12432 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\43\2052-{9D002A41-1274-4307-8993-91502A4053DE}-v543-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2052-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1384 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\44\2053-{9D002A41-1274-4307-8993-91502A4053DE}-v544-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2053-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12306 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\44\2053-{9D002A41-1274-4307-8993-91502A4053DE}-v544-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2053-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1368 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\46\2055-{9D002A41-1274-4307-8993-91502A4053DE}-v546-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2055-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13602 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\46\2055-{9D002A41-1274-4307-8993-91502A4053DE}-v546-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2055-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1528 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\47\2056-{9D002A41-1274-4307-8993-91502A4053DE}-v547-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2056-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12486 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\47\2056-{9D002A41-1274-4307-8993-91502A4053DE}-v547-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2056-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\48\2057-{9D002A41-1274-4307-8993-91502A4053DE}-v548-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2057-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12234 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\48\2057-{9D002A41-1274-4307-8993-91502A4053DE}-v548-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2057-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\49\2058-{9D002A41-1274-4307-8993-91502A4053DE}-v549-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2058-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12054 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\49\2058-{9D002A41-1274-4307-8993-91502A4053DE}-v549-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2058-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\50\2059-{9D002A41-1274-4307-8993-91502A4053DE}-v550-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2059-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11712 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\50\2059-{9D002A41-1274-4307-8993-91502A4053DE}-v550-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2059-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\51\2060-{9D002A41-1274-4307-8993-91502A4053DE}-v551-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2060-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11406 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\51\2060-{9D002A41-1274-4307-8993-91502A4053DE}-v551-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2060-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1256 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\52\2061-{9D002A41-1274-4307-8993-91502A4053DE}-v552-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2061-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11784 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\52\2061-{9D002A41-1274-4307-8993-91502A4053DE}-v552-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2061-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\1954-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1953-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1954-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5088 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\1954-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1953-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1954-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 552 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\2062-{9D002A41-1274-4307-8993-91502A4053DE}-v553-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10830 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\2062-{9D002A41-1274-4307-8993-91502A4053DE}-v553-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\54\2063-{9D002A41-1274-4307-8993-91502A4053DE}-v554-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10056 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\54\2063-{9D002A41-1274-4307-8993-91502A4053DE}-v554-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1120 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\55\2064-{9D002A41-1274-4307-8993-91502A4053DE}-v555-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2064-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10452 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\55\2064-{9D002A41-1274-4307-8993-91502A4053DE}-v555-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2064-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1192 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\56\2065-{9D002A41-1274-4307-8993-91502A4053DE}-v556-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2065-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10722 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\56\2065-{9D002A41-1274-4307-8993-91502A4053DE}-v556-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2065-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\57\2066-{9D002A41-1274-4307-8993-91502A4053DE}-v557-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2066-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9966 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\57\2066-{9D002A41-1274-4307-8993-91502A4053DE}-v557-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2066-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1088 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\58\2067-{9D002A41-1274-4307-8993-91502A4053DE}-v558-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2067-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13584 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\58\2067-{9D002A41-1274-4307-8993-91502A4053DE}-v558-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2067-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1512 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\59\2068-{9D002A41-1274-4307-8993-91502A4053DE}-v559-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2068-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10902 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\59\2068-{9D002A41-1274-4307-8993-91502A4053DE}-v559-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2068-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1216 bytes hidden from API
C:\Documents and Se
Alors on continu, voila les rapports
SDFix: Version 1.116
Run by Propriétaire on 05/12/2007 at 17:51
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\PROPRI~1\Bureau\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\IALMCOIN.DLL - Deleted
C:\WINDOWS\system32\TFTP2332 - Deleted
C:\WINDOWS\system32\TFTP2920 - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 17:58:29
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:1a,86,d6,23,5d,03,0d,dd,a1,f1,53,9b,79,f0,36,e1,37,c7,9d,34,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:d7,f7,11,c8,41,36,ad,ba,a5,9b,1d,aa,ff,9d,c3,20,ed,0c,7b,4a,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,40,8d,e5,f0,91,ce,5e,7b,78,e8,58,d7,d4,dd,58,08,96,..
"khjeh"=hex:15,7e,78,e8,26,d0,ea,bb,08,8a,38,48,02,c2,ff,f3,da,7e,c2,9b,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,03,92,67,61,3d,bc,b7,6c,c7,de,6b,cf,8a,fa,ed,48,62,d3,6d,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:1a,86,d6,23,5d,03,0d,dd,a1,f1,53,9b,79,f0,36,e1,37,c7,9d,34,2d,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:d7,f7,11,c8,41,36,ad,ba,a5,9b,1d,aa,ff,9d,c3,20,ed,0c,7b,4a,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,40,8d,e5,f0,91,ce,5e,7b,78,e8,58,d7,d4,dd,58,08,96,..
"khjeh"=hex:15,7e,78,e8,26,d0,ea,bb,08,8a,38,48,02,c2,ff,f3,da,7e,c2,9b,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,03,92,67,61,3d,bc,b7,6c,c7,de,6b,cf,8a,fa,ed,48,62,d3,6d,c4,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"
scanning hidden files ...
C:\WINDOWS\Temp\_av_proI.tm~a03304
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\01\1976-{B01AF362-9D41-51A1-8164-8B3E08B102DD}-v1-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1976-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\17\1986-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v17-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1986-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1383366 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\17\1986-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v17-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1986-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 158376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\18\20-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v18-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 160 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\19\2361-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v19-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2361-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1236 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\19\2361-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v19-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2361-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 160 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1073550 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 76296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 5502 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.4 408 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\24\25-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v24-{3C08F30F-6C69-4F22-B545-9D4FD8BACDCB}-v25-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 122672 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 59322 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4134 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\ckiktoukc@hotmail.com\DFSR\Staging\CS{B01AF362-9D41-51A1-8164-8B3E08B102DD}\77\1981-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1977-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1981-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6648 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\crevette_k@hotmail.fr\DFSR\Staging\CS{6DFF6680-0D6A-D658-7384-33730D82EA1A}\01\1963-{6DFF6680-0D6A-D658-7384-33730D82EA1A}-v1-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1963-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\22\2010-{9D002A41-1274-4307-8993-91502A4053DE}-v522-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2010-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12900 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\22\2010-{9D002A41-1274-4307-8993-91502A4053DE}-v522-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2010-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1456 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\45\2054-{9D002A41-1274-4307-8993-91502A4053DE}-v545-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2054-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11604 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\45\2054-{9D002A41-1274-4307-8993-91502A4053DE}-v545-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2054-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\68\2078-{9D002A41-1274-4307-8993-91502A4053DE}-v568-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2078-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13170 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\68\2078-{9D002A41-1274-4307-8993-91502A4053DE}-v568-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2078-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2039-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2039-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2039-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2039-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2040-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2040-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\00\2040-{9D002A41-1274-4307-8993-91502A4053DE}-v600-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2040-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\03\1994-{9D002A41-1274-4307-8993-91502A4053DE}-v503-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1994-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12828 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\03\1994-{9D002A41-1274-4307-8993-91502A4053DE}-v503-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1994-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1448 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\1989-{9D002A41-1274-4307-8993-91502A4053DE}-v504-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1989-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11730 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\1989-{9D002A41-1274-4307-8993-91502A4053DE}-v504-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1989-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 213654 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 14952 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 1038 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\04\712-{9D002A41-1274-4307-8993-91502A4053DE}-v704-{9D002A41-1274-4307-8993-91502A4053DE}-v712-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 49336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\1990-{9D002A41-1274-4307-8993-91502A4053DE}-v505-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1990-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11784 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\1990-{9D002A41-1274-4307-8993-91502A4053DE}-v505-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1990-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2035-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2035-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2035-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2035-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2036-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2036-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\05\2036-{9D002A41-1274-4307-8993-91502A4053DE}-v605-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2036-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\06\1991-{9D002A41-1274-4307-8993-91502A4053DE}-v506-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1991-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11766 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\06\1991-{9D002A41-1274-4307-8993-91502A4053DE}-v506-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1991-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\1992-{9D002A41-1274-4307-8993-91502A4053DE}-v507-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1992-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10884 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\1992-{9D002A41-1274-4307-8993-91502A4053DE}-v507-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1992-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 327450 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 22692 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\07\713-{9D002A41-1274-4307-8993-91502A4053DE}-v707-{9D002A41-1274-4307-8993-91502A4053DE}-v713-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 70432 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\09\1993-{9D002A41-1274-4307-8993-91502A4053DE}-v509-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1993-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11820 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\09\1993-{9D002A41-1274-4307-8993-91502A4053DE}-v509-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1993-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\11\1995-{9D002A41-1274-4307-8993-91502A4053DE}-v511-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1995-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13296 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\11\1995-{9D002A41-1274-4307-8993-91502A4053DE}-v511-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1995-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1496 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\12\1996-{9D002A41-1274-4307-8993-91502A4053DE}-v512-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1996-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11514 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\12\1996-{9D002A41-1274-4307-8993-91502A4053DE}-v512-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1996-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\1997-{9D002A41-1274-4307-8993-91502A4053DE}-v513-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1997-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11298 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\1997-{9D002A41-1274-4307-8993-91502A4053DE}-v513-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1997-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1264 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\13\2114-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2113-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\14\2003-{9D002A41-1274-4307-8993-91502A4053DE}-v514-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2003-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12216 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\14\2003-{9D002A41-1274-4307-8993-91502A4053DE}-v514-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2003-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1352 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\15\2004-{9D002A41-1274-4307-8993-91502A4053DE}-v515-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2004-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12126 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\15\2004-{9D002A41-1274-4307-8993-91502A4053DE}-v515-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2004-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2005-{9D002A41-1274-4307-8993-91502A4053DE}-v516-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2005-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11658 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2005-{9D002A41-1274-4307-8993-91502A4053DE}-v516-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2005-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2112-{9D002A41-1274-4307-8993-91502A4053DE}-v616-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 53778 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\16\2112-{9D002A41-1274-4307-8993-91502A4053DE}-v616-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\17\2006-{9D002A41-1274-4307-8993-91502A4053DE}-v517-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2006-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10866 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\17\2006-{9D002A41-1274-4307-8993-91502A4053DE}-v517-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2006-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1256 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\18\2002-{9D002A41-1274-4307-8993-91502A4053DE}-v518-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2002-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\18\2002-{9D002A41-1274-4307-8993-91502A4053DE}-v518-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2002-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1248 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\19\2007-{9D002A41-1274-4307-8993-91502A4053DE}-v519-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2007-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12054 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\19\2007-{9D002A41-1274-4307-8993-91502A4053DE}-v519-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2007-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1320 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\20\2008-{9D002A41-1274-4307-8993-91502A4053DE}-v520-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2008-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10164 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\20\2008-{9D002A41-1274-4307-8993-91502A4053DE}-v520-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2008-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\21\2009-{9D002A41-1274-4307-8993-91502A4053DE}-v521-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2009-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12774 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\21\2009-{9D002A41-1274-4307-8993-91502A4053DE}-v521-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2009-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\23\2011-{9D002A41-1274-4307-8993-91502A4053DE}-v523-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2011-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13188 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\23\2011-{9D002A41-1274-4307-8993-91502A4053DE}-v523-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2011-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\24\2103-{9D002A41-1274-4307-8993-91502A4053DE}-v524-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12612 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\24\2103-{9D002A41-1274-4307-8993-91502A4053DE}-v524-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1400 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\25\2018-{9D002A41-1274-4307-8993-91502A4053DE}-v525-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2018-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\25\2018-{9D002A41-1274-4307-8993-91502A4053DE}-v525-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2018-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\26\2019-{9D002A41-1274-4307-8993-91502A4053DE}-v526-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2019-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10146 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\26\2019-{9D002A41-1274-4307-8993-91502A4053DE}-v526-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2019-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\27\2020-{9D002A41-1274-4307-8993-91502A4053DE}-v527-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2020-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11010 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\27\2020-{9D002A41-1274-4307-8993-91502A4053DE}-v527-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2020-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\28\2021-{9D002A41-1274-4307-8993-91502A4053DE}-v528-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2021-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13188 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\28\2021-{9D002A41-1274-4307-8993-91502A4053DE}-v528-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2021-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1424 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\29\2022-{9D002A41-1274-4307-8993-91502A4053DE}-v529-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2022-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13476 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\29\2022-{9D002A41-1274-4307-8993-91502A4053DE}-v529-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2022-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1504 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2016-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2016-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2016-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2016-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2017-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2017-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\30\2017-{9D002A41-1274-4307-8993-91502A4053DE}-v530-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2017-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1128 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\31\2026-{9D002A41-1274-4307-8993-91502A4053DE}-v531-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2026-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12324 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\31\2026-{9D002A41-1274-4307-8993-91502A4053DE}-v531-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2026-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1360 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2025-{9D002A41-1274-4307-8993-91502A4053DE}-v532-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2025-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13134 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2025-{9D002A41-1274-4307-8993-91502A4053DE}-v532-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2025-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2102-{9D002A41-1274-4307-8993-91502A4053DE}-v632-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 128100 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\32\2102-{9D002A41-1274-4307-8993-91502A4053DE}-v632-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 16368 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\33\2027-{9D002A41-1274-4307-8993-91502A4053DE}-v533-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2027-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11982 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\33\2027-{9D002A41-1274-4307-8993-91502A4053DE}-v533-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2027-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\34\2041-{9D002A41-1274-4307-8993-91502A4053DE}-v534-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2041-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10776 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\34\2041-{9D002A41-1274-4307-8993-91502A4053DE}-v534-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2041-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1184 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2030-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2030-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11568 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2030-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2030-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2031-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2031-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11568 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\35\2031-{9D002A41-1274-4307-8993-91502A4053DE}-v535-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2031-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\36\2042-{9D002A41-1274-4307-8993-91502A4053DE}-v536-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2042-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12918 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\36\2042-{9D002A41-1274-4307-8993-91502A4053DE}-v536-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2042-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1416 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2045-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2045-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12630 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2045-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2045-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2046-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2046-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12630 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\37\2046-{9D002A41-1274-4307-8993-91502A4053DE}-v537-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2046-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\38\2047-{9D002A41-1274-4307-8993-91502A4053DE}-v538-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2047-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12072 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\38\2047-{9D002A41-1274-4307-8993-91502A4053DE}-v538-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2047-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\39\2048-{9D002A41-1274-4307-8993-91502A4053DE}-v539-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2048-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\39\2048-{9D002A41-1274-4307-8993-91502A4053DE}-v539-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2048-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\40\2049-{9D002A41-1274-4307-8993-91502A4053DE}-v540-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2049-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11496 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\40\2049-{9D002A41-1274-4307-8993-91502A4053DE}-v540-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2049-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\41\2050-{9D002A41-1274-4307-8993-91502A4053DE}-v541-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2050-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13260 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\41\2050-{9D002A41-1274-4307-8993-91502A4053DE}-v541-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2050-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1504 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\42\2051-{9D002A41-1274-4307-8993-91502A4053DE}-v542-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2051-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12000 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\42\2051-{9D002A41-1274-4307-8993-91502A4053DE}-v542-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2051-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\43\2052-{9D002A41-1274-4307-8993-91502A4053DE}-v543-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2052-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12432 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\43\2052-{9D002A41-1274-4307-8993-91502A4053DE}-v543-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2052-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1384 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\44\2053-{9D002A41-1274-4307-8993-91502A4053DE}-v544-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2053-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12306 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\44\2053-{9D002A41-1274-4307-8993-91502A4053DE}-v544-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2053-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1368 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\46\2055-{9D002A41-1274-4307-8993-91502A4053DE}-v546-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2055-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13602 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\46\2055-{9D002A41-1274-4307-8993-91502A4053DE}-v546-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2055-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1528 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\47\2056-{9D002A41-1274-4307-8993-91502A4053DE}-v547-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2056-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12486 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\47\2056-{9D002A41-1274-4307-8993-91502A4053DE}-v547-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2056-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\48\2057-{9D002A41-1274-4307-8993-91502A4053DE}-v548-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2057-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12234 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\48\2057-{9D002A41-1274-4307-8993-91502A4053DE}-v548-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2057-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1376 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\49\2058-{9D002A41-1274-4307-8993-91502A4053DE}-v549-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2058-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12054 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\49\2058-{9D002A41-1274-4307-8993-91502A4053DE}-v549-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2058-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\50\2059-{9D002A41-1274-4307-8993-91502A4053DE}-v550-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2059-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11712 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\50\2059-{9D002A41-1274-4307-8993-91502A4053DE}-v550-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2059-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\51\2060-{9D002A41-1274-4307-8993-91502A4053DE}-v551-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2060-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11406 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\51\2060-{9D002A41-1274-4307-8993-91502A4053DE}-v551-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2060-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1256 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\52\2061-{9D002A41-1274-4307-8993-91502A4053DE}-v552-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2061-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11784 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\52\2061-{9D002A41-1274-4307-8993-91502A4053DE}-v552-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2061-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\1954-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1953-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1954-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5088 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\1954-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1953-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v1954-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 552 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\2062-{9D002A41-1274-4307-8993-91502A4053DE}-v553-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10830 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\53\2062-{9D002A41-1274-4307-8993-91502A4053DE}-v553-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\54\2063-{9D002A41-1274-4307-8993-91502A4053DE}-v554-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10056 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\54\2063-{9D002A41-1274-4307-8993-91502A4053DE}-v554-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1120 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\55\2064-{9D002A41-1274-4307-8993-91502A4053DE}-v555-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2064-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10452 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\55\2064-{9D002A41-1274-4307-8993-91502A4053DE}-v555-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2064-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1192 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\56\2065-{9D002A41-1274-4307-8993-91502A4053DE}-v556-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2065-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10722 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\56\2065-{9D002A41-1274-4307-8993-91502A4053DE}-v556-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2065-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\57\2066-{9D002A41-1274-4307-8993-91502A4053DE}-v557-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2066-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9966 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\57\2066-{9D002A41-1274-4307-8993-91502A4053DE}-v557-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2066-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1088 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\58\2067-{9D002A41-1274-4307-8993-91502A4053DE}-v558-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2067-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13584 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\58\2067-{9D002A41-1274-4307-8993-91502A4053DE}-v558-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2067-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1512 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\59\2068-{9D002A41-1274-4307-8993-91502A4053DE}-v559-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2068-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10902 bytes hidden from API
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\cyberbob51@hotmail.com\SharingMetadata\edgar_usher@hotmail.com\DFSR\Staging\CS{B7D38CFC-6412-88D2-09E6-3F17924FEF84}\59\2068-{9D002A41-1274-4307-8993-91502A4053DE}-v559-{870405FC-6542-4755-BFAD-DE7B32D25A95}-v2068-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1216 bytes hidden from API
C:\Documents and Se
Un peu trop gros tous ça, voila la fin
...............................
DE7B32D25A95}-v2169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 800 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 617
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
File Backups: - C:\DOCUME~1\PROPRI~1\Bureau\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sat 30 Apr 2005 196 A.SHR --- "C:\BOOT.BAK"
Wed 28 Nov 2007 24 ..SH. --- "C:\WINDOWS\S6A6E4C69.tmp"
Sat 17 Jan 2004 0 A..HR --- "C:\WINDOWS\SMINST\HPCD.SYS"
Fri 3 Jun 2005 56 ..SHR --- "C:\WINDOWS\system32\EB51F55D65.sys"
Mon 23 May 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 21 Jun 2003 377,344 A..H. --- "C:\Program Files\Smart Projects\IsoBuster\Help\AHlp.exe"
Thu 29 Nov 2007 4,965 ...HR --- "C:\Documents and Settings\Propri‚taire\Application Data\SecuROM\UserData\securom_v7_01.bak"
Mon 23 May 2005 4,348 ...H. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Fri 3 Jun 2005 20 A..H. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Fri 3 Jun 2005 400 A.SH. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Finished!
Et le navilog
Search Navipromo version 3.3.6 commencé le 05/12/2007 à 18:08:53,50
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2800.1106
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Propri‚taire\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 05/12/2007 à 18:09:56,39 ***
Voili
Sinon j'ai fais la manip pour la restauration system, mais pas encore pour la mise a jour window car c'est ça le debut de l'histoire, j'ai voulu mettre a jour et là ça à déraillé, pourtant c'est une version que j'ai acheter dejà installé avec le pc en grande surface!
J'attend de tes news, merci Séb.
...............................
DE7B32D25A95}-v2169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 800 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 617
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
File Backups: - C:\DOCUME~1\PROPRI~1\Bureau\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sat 30 Apr 2005 196 A.SHR --- "C:\BOOT.BAK"
Wed 28 Nov 2007 24 ..SH. --- "C:\WINDOWS\S6A6E4C69.tmp"
Sat 17 Jan 2004 0 A..HR --- "C:\WINDOWS\SMINST\HPCD.SYS"
Fri 3 Jun 2005 56 ..SHR --- "C:\WINDOWS\system32\EB51F55D65.sys"
Mon 23 May 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 21 Jun 2003 377,344 A..H. --- "C:\Program Files\Smart Projects\IsoBuster\Help\AHlp.exe"
Thu 29 Nov 2007 4,965 ...HR --- "C:\Documents and Settings\Propri‚taire\Application Data\SecuROM\UserData\securom_v7_01.bak"
Mon 23 May 2005 4,348 ...H. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Fri 3 Jun 2005 20 A..H. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Fri 3 Jun 2005 400 A.SH. --- "C:\Documents and Settings\Propri‚taire\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Finished!
Et le navilog
Search Navipromo version 3.3.6 commencé le 05/12/2007 à 18:08:53,50
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2800.1106
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Propri‚taire\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\PROPRI~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 05/12/2007 à 18:09:56,39 ***
Voili
Sinon j'ai fais la manip pour la restauration system, mais pas encore pour la mise a jour window car c'est ça le debut de l'histoire, j'ai voulu mettre a jour et là ça à déraillé, pourtant c'est une version que j'ai acheter dejà installé avec le pc en grande surface!
J'attend de tes news, merci Séb.
combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
________________
recoller un raport hijackthis et dire les problemes
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
________________
recoller un raport hijackthis et dire les problemes
ComboFix 07-11-19.4C - Propriétaire 2007-12-05 21:04:58.2 - NTFSx86
Running from: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-05 to 2007-12-05 ))))))))))))))))))))))))))))))))))))
.
2007-12-05 18:07 <REP> d-------- C:\Program Files\Navilog1
2007-12-05 17:50 <REP> d-------- C:\WINDOWS\ERUNT
2007-11-30 08:42 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Grisoft
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Grisoft
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-30 00:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-29 21:35 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-29 20:55 <REP> d-------- C:\VundoFix Backups
2007-11-29 18:28 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-11-29 17:28 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2007-11-29 17:28 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2007-11-29 17:28 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2007-11-29 17:28 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2007-11-29 16:40 <REP> d-------- C:\Program Files\Flagship Studios
2007-11-28 14:42 <REP> d-------- C:\Program Files\SlySoft
2007-11-28 14:18 <REP> d-------- C:\Program Files\DAEMON Tools
2007-11-28 13:45 <REP> d-------- C:\WINDOWS\LastGood
2007-11-28 13:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools Pro
2007-11-28 13:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools Pro
2007-11-28 13:41 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-11-23 20:40 <REP> d-------- C:\Program Files\2K Games
2007-11-13 20:38 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2007-11-13 20:38 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-11-13 20:38 739,840 --a------ C:\WINDOWS\system32\divx.dll
2007-11-13 20:38 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-11-13 20:38 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-11-13 20:38 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2007-11-13 18:30 <REP> d-------- C:\Program Files\MSN Messenger
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 07:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-29 15:27 --------- d-----w C:\Program Files\eMule
2007-11-24 17:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-28 17:51 --------- d-----w C:\Program Files\Winamp Remote
2007-10-28 17:12 --------- d-----w C:\Program Files\Winamp
2007-10-21 08:03 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-10-21 08:03 22,328 ----a-w C:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2007-10-21 08:03 22,328 ----a-w C:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2007-10-21 08:03 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-10-21 08:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-09-28 17:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-10 11:20 81,920 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2007-09-10 11:20 233,472 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-06-10 17:39 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2007-06-10 17:39 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2006-02-23 12:52 280,576 ----a-w C:\WINDOWS\inf\TEW-421PC\MRV8335XP.sys
2006-02-23 12:52 280,576 ----a-w C:\WINDOWS\inf\TEW-421PC\MRV8335.sys
2006-02-23 12:52 212,992 ----a-w C:\WINDOWS\inf\TEW-421PC\CopyWHQLDriver.exe
2005-11-27 19:22 40,648 ----a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-11-27 19:22 40,648 ----a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-06-03 16:44 56 --sh--r C:\WINDOWS\system32\EB51F55D65.sys
.
((((((((((((((((((((((((((((( snapshot@2007-11-29_22.47.03.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 07:42:16 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2007-11-30 07:42:17 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2007-11-30 07:42:17 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2007-11-30 07:42:21 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2007-11-30 07:42:22 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2007-11-30 07:42:17 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-25 00:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
+ 2007-12-03 11:52:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2007-12-05 16:50:54 5,844,992 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
+ 2007-12-05 16:50:54 159,744 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2007-12-03 11:52:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2007-12-05 16:50:41 5,844,992 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
+ 2007-12-05 16:50:41 159,744 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2007-09-28 09:01:30 178,620 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Personal_32_1036.dat
+ 2007-09-28 09:01:30 178,620 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Personal_32_1036.dat.bak
- 2003-08-02 12:12:00 52,103 ----a-w C:\WINDOWS\system32\command.com
+ 2001-08-18 12:00:00 50,620 ----a-w C:\WINDOWS\system32\command.com
- 2007-11-29 19:42:59 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-12-05 16:56:48 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-11-29 19:42:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2007-12-05 16:56:48 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-11-29 19:42:59 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-12-05 16:56:48 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-29 21:37:00 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2007-12-05 20:04:34 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
- 2005-05-03 10:58:36 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2004-10-26 07:24:44 2,797,056 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2005-05-03 10:58:36 78,848 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2004-10-26 07:25:08 77,312 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2005-05-03 10:58:36 271,360 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2004-10-26 07:24:44 331,264 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2005-05-03 10:58:36 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2004-10-26 07:16:12 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2005-05-03 10:58:36 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2004-10-26 07:25:08 44,032 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2005-05-03 10:58:36 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2004-10-26 07:24:44 2,797,056 ----a-w C:\WINDOWS\system32\msi.dll
- 2005-05-03 10:58:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2004-10-26 07:25:08 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-03 10:58:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2004-10-26 07:24:44 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2005-05-03 10:58:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2004-10-26 07:16:12 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2005-05-03 10:58:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2004-10-26 07:25:08 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
- 2007-11-29 19:41:05 7,186,772 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-11-30 13:54:01 908,692 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-12-05 16:57:02 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_254.dat
+ 2007-12-05 16:57:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6a8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 13:42]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 16:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-11-17 12:53]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 20:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-24 02:24]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 21:37]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-12-16 21:39]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-05-13 02:22]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"LWBMOUSE"="C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE" [2001-11-09 07:47]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-08 23:02]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 05:03]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 05:03]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" []
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Wireless Configuration Utility HW.51.lnk - C:\WINDOWS\Installer\{29F15D3F-5B37-44DB-BB89-390B3AD1404E}\NewShortcut1.exe [2007-03-29 15:14:52]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\System32\drivers\sfsync03.sys
R1 oreans32;oreans32;\??\C:\WINDOWS\system32\drivers\oreans32.sys
R2 ithsgt;ithsgt;C:\WINDOWS\System32\DRIVERS\ithsgt.sys
R2 lilsgt;lilsgt;C:\WINDOWS\System32\DRIVERS\lilsgt.sys
R3 Tetris;Tetris driver;C:\WINDOWS\System32\Drivers\Tetris.sys
S2 d;d;c:\windows\system\t.exe
S3 cusbohcn;cusbohcn;\??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\cusbohcn.sys
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\System32\DRIVERS\fbxusb32.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
S3 W8335XP;802.11g Wireless PC Card/PCI Adapter;C:\WINDOWS\System32\DRIVERS\MRV8335XP.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-10 13:37:20 C:\WINDOWS\Tasks\At1.job"
- C:\Documents
"2007-11-10 13:37:20 C:\WINDOWS\Tasks\At2.job"
- C:\Documents
"2007-11-10 19:00:00 C:\WINDOWS\Tasks\At3.job"
- C:\Documents
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 21:10:17
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-12-05 21:14:53
C:\ComboFix2.txt ... 2007-11-29 22:48
.
--- E O F ---
Running from: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-05 to 2007-12-05 ))))))))))))))))))))))))))))))))))))
.
2007-12-05 18:07 <REP> d-------- C:\Program Files\Navilog1
2007-12-05 17:50 <REP> d-------- C:\WINDOWS\ERUNT
2007-11-30 08:42 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Grisoft
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Grisoft
2007-11-30 00:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-30 00:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-29 21:35 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-29 20:55 <REP> d-------- C:\VundoFix Backups
2007-11-29 18:28 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-11-29 17:28 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2007-11-29 17:28 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2007-11-29 17:28 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2007-11-29 17:28 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2007-11-29 16:40 <REP> d-------- C:\Program Files\Flagship Studios
2007-11-28 14:42 <REP> d-------- C:\Program Files\SlySoft
2007-11-28 14:18 <REP> d-------- C:\Program Files\DAEMON Tools
2007-11-28 13:45 <REP> d-------- C:\WINDOWS\LastGood
2007-11-28 13:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools Pro
2007-11-28 13:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools Pro
2007-11-28 13:41 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-11-23 20:40 <REP> d-------- C:\Program Files\2K Games
2007-11-13 20:38 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2007-11-13 20:38 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-11-13 20:38 739,840 --a------ C:\WINDOWS\system32\divx.dll
2007-11-13 20:38 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-11-13 20:38 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-11-13 20:38 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2007-11-13 18:30 <REP> d-------- C:\Program Files\MSN Messenger
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 07:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-29 15:27 --------- d-----w C:\Program Files\eMule
2007-11-24 17:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-28 17:51 --------- d-----w C:\Program Files\Winamp Remote
2007-10-28 17:12 --------- d-----w C:\Program Files\Winamp
2007-10-21 08:03 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-10-21 08:03 22,328 ----a-w C:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2007-10-21 08:03 22,328 ----a-w C:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2007-10-21 08:03 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-10-21 08:02 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-09-28 17:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 17:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-10 11:20 81,920 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2007-09-10 11:20 233,472 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-06-10 17:39 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2007-06-10 17:39 1 ----a-w C:\Documents and Settings\Propriétaire\SI.bin
2006-02-23 12:52 280,576 ----a-w C:\WINDOWS\inf\TEW-421PC\MRV8335XP.sys
2006-02-23 12:52 280,576 ----a-w C:\WINDOWS\inf\TEW-421PC\MRV8335.sys
2006-02-23 12:52 212,992 ----a-w C:\WINDOWS\inf\TEW-421PC\CopyWHQLDriver.exe
2005-11-27 19:22 40,648 ----a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-11-27 19:22 40,648 ----a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-06-03 16:44 56 --sh--r C:\WINDOWS\system32\EB51F55D65.sys
.
((((((((((((((((((((((((((((( snapshot@2007-11-29_22.47.03.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 07:42:16 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2007-11-30 07:42:17 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2007-11-30 07:42:17 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2007-11-30 07:42:21 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2007-11-30 07:42:22 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2007-11-30 07:42:17 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-25 00:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
+ 2007-12-03 11:52:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2007-12-05 16:50:54 5,844,992 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
+ 2007-12-05 16:50:54 159,744 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2007-12-03 11:52:39 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2007-12-05 16:50:41 5,844,992 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
+ 2007-12-05 16:50:41 159,744 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2007-09-28 09:01:30 178,620 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Personal_32_1036.dat
+ 2007-09-28 09:01:30 178,620 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Personal_32_1036.dat.bak
- 2003-08-02 12:12:00 52,103 ----a-w C:\WINDOWS\system32\command.com
+ 2001-08-18 12:00:00 50,620 ----a-w C:\WINDOWS\system32\command.com
- 2007-11-29 19:42:59 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-12-05 16:56:48 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-11-29 19:42:59 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2007-12-05 16:56:48 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-11-29 19:42:59 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-12-05 16:56:48 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-29 21:37:00 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2007-12-05 20:04:34 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
- 2005-05-03 10:58:36 2,890,240 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2004-10-26 07:24:44 2,797,056 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2005-05-03 10:58:36 78,848 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2004-10-26 07:25:08 77,312 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2005-05-03 10:58:36 271,360 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2004-10-26 07:24:44 331,264 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2005-05-03 10:58:36 884,736 -c--a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2004-10-26 07:16:12 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2005-05-03 10:58:36 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2004-10-26 07:25:08 44,032 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2005-05-03 10:58:36 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
+ 2004-10-26 07:24:44 2,797,056 ----a-w C:\WINDOWS\system32\msi.dll
- 2005-05-03 10:58:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2004-10-26 07:25:08 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-03 10:58:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2004-10-26 07:24:44 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2005-05-03 10:58:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2004-10-26 07:16:12 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2005-05-03 10:58:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2004-10-26 07:25:08 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
- 2007-11-29 19:41:05 7,186,772 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-11-30 13:54:01 908,692 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-12-05 16:57:02 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_254.dat
+ 2007-12-05 16:57:15 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6a8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-03 13:42]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 16:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-11-17 12:53]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 20:10]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-24 02:24]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-12-16 21:37]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-12-16 21:39]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-05-13 02:22]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"LWBMOUSE"="C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE" [2001-11-09 07:47]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-08 23:02]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 05:03]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 05:03]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" []
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Wireless Configuration Utility HW.51.lnk - C:\WINDOWS\Installer\{29F15D3F-5B37-44DB-BB89-390B3AD1404E}\NewShortcut1.exe [2007-03-29 15:14:52]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\System32\drivers\sfsync03.sys
R1 oreans32;oreans32;\??\C:\WINDOWS\system32\drivers\oreans32.sys
R2 ithsgt;ithsgt;C:\WINDOWS\System32\DRIVERS\ithsgt.sys
R2 lilsgt;lilsgt;C:\WINDOWS\System32\DRIVERS\lilsgt.sys
R3 Tetris;Tetris driver;C:\WINDOWS\System32\Drivers\Tetris.sys
S2 d;d;c:\windows\system\t.exe
S3 cusbohcn;cusbohcn;\??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\cusbohcn.sys
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\System32\DRIVERS\fbxusb32.sys
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
S3 W8335XP;802.11g Wireless PC Card/PCI Adapter;C:\WINDOWS\System32\DRIVERS\MRV8335XP.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-10 13:37:20 C:\WINDOWS\Tasks\At1.job"
- C:\Documents
"2007-11-10 13:37:20 C:\WINDOWS\Tasks\At2.job"
- C:\Documents
"2007-11-10 19:00:00 C:\WINDOWS\Tasks\At3.job"
- C:\Documents
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 21:10:17
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-12-05 21:14:53
C:\ComboFix2.txt ... 2007-11-29 22:48
.
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 21:17:13, on 05/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Alors les symptomes: petit sablier tjrs actif!!! L'UC tourne à 100% tout le temps avec MOM.exe, csrss.exe et un peu tout les autres processus chacun leurs tour appremment.
Et lorsque j'ai redémarrer le pc tout à l'heure, deux traits rouges verticaux (nouveau ça) sur l'écran lorsqu'il est noir au démarrage quoi!
ça commence à craindre là, les pages web mettent une heure à venir et si ça continue je pourrais plus posté je crois
Scan saved at 21:17:13, on 05/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Alors les symptomes: petit sablier tjrs actif!!! L'UC tourne à 100% tout le temps avec MOM.exe, csrss.exe et un peu tout les autres processus chacun leurs tour appremment.
Et lorsque j'ai redémarrer le pc tout à l'heure, deux traits rouges verticaux (nouveau ça) sur l'écran lorsqu'il est noir au démarrage quoi!
ça commence à craindre là, les pages web mettent une heure à venir et si ça continue je pourrais plus posté je crois
Salut
Est ce que tu peux arrêter quelques programmes pour voir si ça va mieux ? (si windows le permet !)
MOM.exe (carte graphique ... et pas forcémént utile !)
A+
Est ce que tu peux arrêter quelques programmes pour voir si ça va mieux ? (si windows le permet !)
MOM.exe (carte graphique ... et pas forcémént utile !)
A+
remplace avast par antivir et colle un rapport
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
Hello
AntiVir PersonalEdition Classic
Report file date: jeudi 6 décembre 2007 22:04
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: SYSTEM
Computer name: NOM-Y6G795SKGF6
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 6 décembre 2007 22:04
The scan of running processes will be started
Scan process 'MOM.exe' - '0' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'Mouse32A.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'hpztsb10.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '32' files ).
Starting the file scan:
Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\eMule\Incoming\[PC GAME NO CD] Crysis crack.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[1] Archive type: ZIP SFX (self extracting)
[INFO] The file was moved to '479c1ff2.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071204-131233-615
[DETECTION] Contains detection pattern of the HTML script virus HTML/Exploit.Mhtml
[INFO] The file was moved to '47bc2078.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: vendredi 7 décembre 2007 12:13
Used time: 14:09:11 min
The scan has been done completely.
5079 Scanning directories
201492 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
201490 Files not concerned
12114 Archives were scanned
4 Warnings
0 Notes
AntiVir PersonalEdition Classic
Report file date: jeudi 6 décembre 2007 22:04
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: SYSTEM
Computer name: NOM-Y6G795SKGF6
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 6 décembre 2007 22:04
The scan of running processes will be started
Scan process 'MOM.exe' - '0' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'LVComS.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'Mouse32A.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'hpztsb10.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'tcpsvcs.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '32' files ).
Starting the file scan:
Begin scan in 'C:\' <PRESARIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\eMule\Incoming\[PC GAME NO CD] Crysis crack.zip
[0] Archive type: ZIP
--> install.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
[1] Archive type: ZIP SFX (self extracting)
[INFO] The file was moved to '479c1ff2.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071204-131233-615
[DETECTION] Contains detection pattern of the HTML script virus HTML/Exploit.Mhtml
[INFO] The file was moved to '47bc2078.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: vendredi 7 décembre 2007 12:13
Used time: 14:09:11 min
The scan has been done completely.
5079 Scanning directories
201492 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
201490 Files not concerned
12114 Archives were scanned
4 Warnings
0 Notes
vire ce fichier dans emule: si presnet en allant dans poste de travail
C:\Program Files\eMule\Incoming\[PC GAME NO CD] Crysis crack.zip
_______________
recoller un raport hijackthis et
dire les problemes SURTOUT
C:\Program Files\eMule\Incoming\[PC GAME NO CD] Crysis crack.zip
_______________
recoller un raport hijackthis et
dire les problemes SURTOUT
Logfile of HijackThis v1.99.1
Scan saved at 00:51:14, on 08/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Propriétaire\Bureau\VundoFix.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 00:51:14, on 08/12/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\PnkBstrB.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Propriétaire\Bureau\VundoFix.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sebouine.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5CA8D349-C6E7-11D4-8166-009027DF3BB2} (France Telecom MDDK ActiveX Control) - http://accueil.ava.serveur-ava.com/stkid_data/ocx/mDKid.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: d - Unknown owner - c:\windows\system\t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\System32\PnkBstrB.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Alors les problémes pour répondre à ta demande sont toujours les mêmes:
Le petit sablier tjrs actif!!! L'UC tourne à 100% tout le temps avec MOM.exe, csrss.exe et un peu tout les autres processus chacun leurs tour appremment.
Et lorsque j'ai redémarrer le pc tout à l'heure, deux traits rouges verticaux (nouveau ça) sur l'écran lorsqu'il est noir au démarrage quoi!
Donc ça rame énormément, les pages web sont longues voir trés longues à venir, explorer plante souvent, je vois pas trop ce que je peux ajouter!
Dans certain topic, je lis que c'est un probleme de driver pour carte graphique suite à la mise à jour SP2
Le petit sablier tjrs actif!!! L'UC tourne à 100% tout le temps avec MOM.exe, csrss.exe et un peu tout les autres processus chacun leurs tour appremment.
Et lorsque j'ai redémarrer le pc tout à l'heure, deux traits rouges verticaux (nouveau ça) sur l'écran lorsqu'il est noir au démarrage quoi!
Donc ça rame énormément, les pages web sont longues voir trés longues à venir, explorer plante souvent, je vois pas trop ce que je peux ajouter!
Dans certain topic, je lis que c'est un probleme de driver pour carte graphique suite à la mise à jour SP2
- 1
- 2
Suivant
