Sujet Précédent Sujet Suivant

PUB INTEMPESTIVES

Fermé
BIGJAUNARD - 5 déc. 2007 à 20:25
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 - 13 déc. 2007 à 20:49
Bonjour,
Des pubs intempestives apparaissent encore !

Je vous poste le résultat de navilog

Search Navipromo version 3.3.6 commencé le 05/12/2007 à 20:19:09,48

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11


*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\user\Application Data ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun fichier trouvé dans :

- C:\WINDOWS\system32
- C:\DOCUME~1\USER\LOCALS~1\APPLIC~1



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans C:\DOCUME~1\USER\LOCALS~1\APPLIC~1 *

Fichiers trouvés :

fayqzvby.exe trouvé !



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

2)Recherche Heuristique :



3)Recherche Certificats :

Certificat Egroup trouvé !


*** Analyse terminée le 05/12/2007 à 20:20:05,45 ***
A voir également:

20 réponses

Réponse 1 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
5 déc. 2007 à 21:45
Tout d'abord Bonjour et bienvenue sur le forum d'entraide COMMENT CA MARCHE

Clique sur ce lien
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
pour télécharger le fichier d'installation d'HijackThis.

Enregistre HJTInstall.exe sur ton bureau.

Double-clique sur HJTInstall.exe pour lancer le programme

Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis

Accepte la license en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement


Tutoriaux : http://pageperso.aol.fr/balltrap34/demohijack.htm (ne fixe rien pour le moment !!)
http://cybersecurite.xooit.com/t138-HijackThis-2-0-2.htm

0
Réponse 2 / 20
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
5 déc. 2007 à 21:46
salut,

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.
0
Réponse 3 / 20
BIGJAUNARD
5 déc. 2007 à 21:55
Bonjour ! merci pour votre aide ! vous êtes 2 a m'avoir répondu, donc j'ai fait ce que m'a dit la première personne!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:16, on 05/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe
C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe
C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fayqzvby] c:\documents and settings\user\local settings\application data\fayqzvby.exe fayqzvby
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O24 - Desktop Component 0: (no name) - http://www.asm-rugby.com/commun/images/goodies/pho/photoofficielle.jpg
0
Réponse 4 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
5 déc. 2007 à 22:41
ok, je volais un log hijackthis avant le desinfection !

alors tu peux desormais paser a l'etape deux de navilog

Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.


norton est mal desinstallé :

Désinstalleur Norton:
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924


poste ton rapport navilog choix 2 et un nouveau log hijackthis
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
5 déc. 2007 à 22:44
salut a tous
fayqzvby.exe =====>ce n'est pas un " nav.dat" ou autres
0
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
5 déc. 2007 à 22:58
oui je pense vu le rapport navilog mais ce qui m'inquiete plus c'est tous les processus java en cours (5 en tous + l'update)

0
Réponse 6 / 20
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
5 déc. 2007 à 23:03
ca pose un probleme??





PS:j'adore kurt cobain!!
0
Réponse 7 / 20
BIGJAUNARD
5 déc. 2007 à 23:19
Clean Navipromo version 3.3.6 commencé le 05/12/2007 à 23:10:12,76

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11

Mode suppression automatique



*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *


* Suppression dans C:\DOCUME~1\USER\LOCALS~1\APPLIC~1 *

fayqzvby.exe trouvé !
Copie fayqzvby.exe réalisé avec succès !
fayqzvby.exe supprimé !

fayqzvby.dat trouvé !
Copie fayqzvby.dat réalisé avec succès !
fayqzvby.dat supprimé !

fayqzvby_nav.dat trouvé !
Copie fayqzvby_nav.dat réalisé avec succès !
fayqzvby_nav.dat supprimé !

fayqzvby_navps.dat trouvé !
Copie fayqzvby_navps.dat réalisé avec succès !
fayqzvby_navps.dat supprimé !



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\user\Application Data ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\user\Local Settings\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche, création sauvegardes et suppression Heuristique :


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisé avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !

*** Nettoyage terminé le 05/12/2007 à 23:13:35,76 ***





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:14, on 05/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.asm-rugby.com/commun/images/goodies/pho/photoofficielle.jpg
0
Réponse 8 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
5 déc. 2007 à 23:26
Télécharge « clean.zip »
http://www.malekal.com/download/clean.zip
•- Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier dénommé "clean ".

•- Redémarre en mode sans échec. ( note bien ce que tu as à faire ).
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).


•- Ouvre le dossier « clean » qui se trouve sur ton bureau.
•- Double-clic sur « clean.cmd ».
Une fenêtre noire va apparaître, choisis l’option 2.

Clean va travailler.
•- Redémarre normalement
•- Poste qui se trouve ici C:\rapport_clean.txt.

(- Où est le rapport clean ? : « Poste de travail » / double clic sur disque « C / » double-clic sur « rapport_clean.txt » et « copier/coller le contenu » sur le forum. )






Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !


0
Réponse 9 / 20
BIGJAUNARD
6 déc. 2007 à 00:20
1)

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 05/12/2007 a 23:46:06,96

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\bdod.bin

*** Suppression des fichiers dans C:\Program Files

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !


2)

SDFix: Version 1.117

Run by user on 06/12/2007 at 00:03

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\user\Bureau\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found





Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 00:11:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\D\n\21]
"DisplayName"="\xb973\x778e"
"DeviceDesc"="\xb973\x778e"
"ProviderName"="\x27fc\21\xee18\x7c91\x286c\21\b"
"MFG"="\xc1bf\b\xe12b\x1803\x4ac"
"ReinstallString"=".10.1000.4"
"DeviceInstanceIds"=str(7):"d:\swsetup\video\sbdrv\smbus\smbusati.inf"

scanning hidden files ...

C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\26\609-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1526-{94489B22-430E-439A-8220-7C0CACF43BC2}-v609-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 107526 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\26\609-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1526-{94489B22-430E-439A-8220-7C0CACF43BC2}-v609-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 7500 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\26\609-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1526-{94489B22-430E-439A-8220-7C0CACF43BC2}-v609-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 12672 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\18\6953-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1518-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6953-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 396912 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\18\6953-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1518-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6953-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 27930 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\18\6953-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1518-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6953-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 2100 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\18\6953-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1518-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6953-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 47232 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\19\1570-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1519-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1570-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 19488 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\19\1570-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1519-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1570-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 1290 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\19\1570-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1519-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1570-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\20\1569-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1520-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1569-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 16050 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\20\1569-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1520-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1569-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 1056 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\20\1569-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1520-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1569-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1920 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\21\1574-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1521-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1574-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 76602 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\21\1574-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1521-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1574-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\21\1574-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1521-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1574-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9216 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\24\1587-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1524-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1587-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 51924 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\24\1587-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1524-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1587-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 3666 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\24\1587-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1524-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1587-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\61\6956-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1561-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6956-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 114474 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\61\6956-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1561-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6956-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 7986 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\61\6956-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1561-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6956-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 13824 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\63\1565-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1563-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1565-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 196356 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\63\1565-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1563-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1565-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 13764 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\63\1565-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1563-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1565-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 23552 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\66\1575-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1566-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1575-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 396912 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\66\1575-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1566-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1575-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 27930 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\66\1575-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1566-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1575-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 2100 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\66\1575-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1566-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1575-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 47232 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\68\1573-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1568-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1573-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 48900 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\68\1573-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1568-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1573-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 3648 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\68\1573-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1568-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1573-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5760 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\71\1627-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1571-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1627-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 51060 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\71\1627-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1571-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1627-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 3522 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\71\1627-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1571-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1627-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6136 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\27\599-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1527-{94489B22-430E-439A-8220-7C0CACF43BC2}-v599-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 51654 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\27\599-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1527-{94489B22-430E-439A-8220-7C0CACF43BC2}-v599-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 3702 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\27\599-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1527-{94489B22-430E-439A-8220-7C0CACF43BC2}-v599-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6264 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\28\1582-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1528-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1582-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 19002 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\28\1582-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1528-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1582-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 1506 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\28\1582-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1528-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1582-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\29\1588-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1529-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1588-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 74640 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\29\1588-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1529-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1588-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5340 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\29\1588-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1529-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1588-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8824 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\30\1585-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1530-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1585-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3738 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\30\1585-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1530-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1585-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 488 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\31\1586-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1531-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1586-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 4512 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\31\1586-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1531-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1586-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 512 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\32\1589-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1532-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1589-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 48414 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\32\1589-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1532-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1589-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 3360 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\32\1589-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1532-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1589-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5760 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\33\1590-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1533-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1590-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 112494 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\33\1590-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1533-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1590-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 8004 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\33\1590-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1533-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1590-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 13560 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\34\1593-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1534-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1593-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 77358 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\34\1593-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1534-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1593-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5664 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\34\1593-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1534-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1593-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9216 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\35\1538-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1535-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1538-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 85170 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\35\1538-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1535-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1538-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5844 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\35\1538-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1535-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1538-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 10240 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\48\1615-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1548-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1615-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 219504 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\48\1615-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1548-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1615-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 15654 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\48\1615-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1548-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1615-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 1020 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\48\1615-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1548-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1615-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 25984 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\76\644-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1576-{94489B22-430E-439A-8220-7C0CACF43BC2}-v644-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 219504 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\76\644-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1576-{94489B22-430E-439A-8220-7C0CACF43BC2}-v644-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 15654 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\76\644-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1576-{94489B22-430E-439A-8220-7C0CACF43BC2}-v644-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 25984 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\78\1629-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1578-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1629-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 79392 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\78\1629-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1578-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1629-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5538 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\78\1629-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1578-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1629-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9472 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\81\1630-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1581-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1630-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 74640 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\81\1630-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1581-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1630-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5340 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\81\1630-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1581-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1630-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8824 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\91\1631-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1591-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1631-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 427620 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\91\1631-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1591-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1631-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 30144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\91\1631-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1591-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1631-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.3 2172 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\91\1631-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1591-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1631-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 50944 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\96\6796-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6796-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6796-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\97\1407-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1397-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1407-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 75522 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\97\1407-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1397-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1407-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 5250 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\97\1407-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1397-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1407-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 9080 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\97\6797-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6797-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6797-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\1408-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1398-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1408-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 32826 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\1408-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1398-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1408-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 2406 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\1408-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1398-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1408-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 4088 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\2062-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1798-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 7284 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\2062-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1798-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v2062-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 816 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\98\6798-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6798-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6798-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\99\1610-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1599-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1610-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 19938 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\99\1610-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1599-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1610-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\99\2063-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1799-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 7086 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\99\2063-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v1799-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v2063-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 792 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\lily_world@hotmail.fr\DFSR\Staging\CS{D3DE77D2-A0A2-AC8C-DB3E-486CC8FBDE3B}\99\6799-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6799-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v6799-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\39\202-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v139-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v202-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11586 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\39\202-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v139-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v202-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1296 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\39\334-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v239-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v334-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12846 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\39\334-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v239-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v334-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1384 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\62\179-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v162-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v179-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3522 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\62\179-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v162-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v179-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 400 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\62\7549-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v262-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v7549-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12396 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\62\7549-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v262-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v7549-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1408 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\12\336-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v312-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v336-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13422 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\12\336-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v312-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v336-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1496 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\15\338-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v315-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v338-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9606 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\15\338-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v315-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v338-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1096 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\17\181-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v117-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v181-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\17\340-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v317-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v340-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10722 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\17\340-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v317-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v340-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1176 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\18\182-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v118-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v182-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12612 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\18\182-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v118-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v182-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1416 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\19\183-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v119-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v183-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11874 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\19\183-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v119-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v183-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\20\133-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v220-{BEB9C619-6262-41F8-BCE0-A45B67628EA9}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\20\345-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v320-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v345-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9660 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\20\345-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v320-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v345-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1088 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\21\184-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v121-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v184-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12378 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\21\184-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v121-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v184-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1352 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\21\302-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v221-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v302-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2928 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\21\302-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v221-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v302-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 328 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\22\185-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v122-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v185-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11100 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\22\185-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v122-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v185-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1232 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\22\304-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v222-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v304-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2874 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\22\304-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v222-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v304-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\186-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v123-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v186-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10758 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\186-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v123-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v186-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1224 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\251-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v223-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v251-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2712 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\251-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v223-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v251-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 312 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\346-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v323-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v346-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11100 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\23\346-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v323-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v346-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\24\187-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v124-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v187-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11424 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\24\187-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v124-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v187-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\24\353-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v324-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v353-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12090 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\24\353-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v324-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v353-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\25\188-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v125-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v188-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11532 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\25\188-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v125-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v188-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\25\306-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v225-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v306-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2928 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\25\306-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v225-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v306-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 320 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\26\189-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v126-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v189-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10596 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\26\189-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v126-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v189-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1192 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\26\253-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v226-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v253-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2550 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\26\253-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v226-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v253-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 280 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\190-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v127-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v190-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11766 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\190-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v127-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v190-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1304 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\254-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v227-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v254-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2802 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\254-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v227-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v254-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 320 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\354-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v327-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v354-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 13152 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\27\354-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v327-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v354-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1464 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\191-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v128-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v191-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11982 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\191-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v128-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v191-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\255-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v228-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v255-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2856 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\255-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v228-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v255-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 320 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\358-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v328-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v358-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 4710 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\28\358-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v328-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v358-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 496 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\29\192-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v129-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v192-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10704 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\29\192-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v129-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v192-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1192 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\29\308-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v229-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v308-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2856 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\29\308-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v229-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v308-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 312 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\30\193-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v130-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v193-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10290 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\30\193-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v130-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v193-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1144 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\30\309-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v230-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v309-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2766 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\30\309-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v230-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v309-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 312 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\31\194-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v131-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v194-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12432 bytes hidden from API
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Messenger\bougnat-63@hotmail.fr\SharingMetadata\renardjaunard@hotmail.fr\DFSR\Staging\CS{2B96A4F5-7FD4-A6A3-A197-97A359542F68}\31\194-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v131-{91A1148F-2ED9-40DE-948D-69C3FF52AA8C}-v
0
Réponse 10 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
6 déc. 2007 à 00:23
Tu vas télécharger SmitFraudFix :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Suis ces procédures:

Double-clique sur smitfraudfix.exe
Sélectionne 1 (MAIS SURTOUT PAS LE 2 JE TE DIRAIS QUAND TU POURRA LE FAIRE ) puis appuie "entrer" ensuite un rapport sera généré dans ce chemin :

C:\rapport.txt

Puis tu le colle dans ton prochain post

Remarque:

Faux positif:
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
http://www.beyondlogic.org/consulting/processutil/processutil.htm
0
Réponse 11 / 20
BIGJAUNARD
6 déc. 2007 à 00:35
SmitFraudFix v2.207

Rapport fait à 0:34:27,04, 06/12/2007
Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\CameraFixer.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\user\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\user\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="http://www.asm-rugby.com/commun/images/goodies/pho/photoofficielle.jpg"
"SubscribedURL"="http://www.asm-rugby.com/commun/images/goodies/pho/photoofficielle.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: 802.11g Wireless USB Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C0683EE-96B4-4A08-B45D-8F9EC8AB0BD0}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C0683EE-96B4-4A08-B45D-8F9EC8AB0BD0}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{4C0683EE-96B4-4A08-B45D-8F9EC8AB0BD0}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 12 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
6 déc. 2007 à 00:37
Télécharge combofix :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Double-clic sur combofix il vas te demander une question répond oui touche y puis attends que combofix soit fini il vas générer un rapport

Poste le sur le forum dans ta réponse





0
Réponse 13 / 20
BIGJAUNARD
6 déc. 2007 à 00:50
ComboFix 07-12-02.6 - user 2007-12-06 0:41:22.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.498 [GMT 1:00]
Running from: C:\Documents and Settings\user\Mes documents\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000010_.tmp.dll
C:\WINDOWS\system32\_000026_.tmp.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-05 to 2007-12-05 ))))))))))))))))))))))))))))))))))))
.

2007-12-06 00:33 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-23 23:24 . 2007-11-23 23:24 <REP> d-------- C:\Program Files\Trend Micro
2007-11-23 21:02 . 2007-11-23 21:02 <REP> d-------- C:\Documents and Settings\user\Application Data\Grisoft
2007-11-23 21:01 . 2007-11-23 21:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-23 21:01 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-23 16:18 . 2007-11-23 16:18 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-23 16:18 . 2007-11-23 16:18 1,409 --a------ C:\WINDOWS\QTFont.for
2007-11-23 13:05 . 2007-12-05 23:13 <REP> d-------- C:\Program Files\Navilog1
2007-11-15 21:31 . 2007-11-15 21:32 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 23:15 --------- d-----w C:\Documents and Settings\user\Application Data\OpenOffice.org2
2007-12-05 21:54 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-12-05 19:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-04 18:16 --------- d-----w C:\Program Files\eMule
2007-11-23 21:47 --------- d-----w C:\Program Files\Google
2007-11-23 21:44 --------- d-----w C:\Program Files\Sonic
2007-11-23 21:43 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-23 21:40 --------- d-----w C:\Program Files\Java
2007-11-23 21:37 --------- d-----w C:\Program Files\Windows Live
2007-11-23 21:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-15 20:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-20 22:01 --------- d-----w C:\Program Files\Real
2007-10-20 22:01 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2007-10-20 22:01 --------- d-----w C:\Program Files\Fichiers communs\Real
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 15:18]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-07-10 09:34]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 21:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 21:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 21:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 21:00]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 13:50]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 20:05]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-08-01 13:26]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-22 07:57]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2005-12-12 10:39]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 15:45]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 15:50]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-20 23:01]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"CameraFixer"="C:\WINDOWS\CameraFixer.exe" [2006-10-09 16:32]
"tsnpstd3"="C:\WINDOWS\tsnp325.exe" [2006-10-10 14:49]
"snp325"="C:\WINDOWS\vsnp325.exe" [2006-10-10 13:11]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
R3 SNP325;USB PC Camera (SNPSTD325);C:\WINDOWS\system32\DRIVERS\snp325.sys
R3 WN4501HLFZZ(Technology Corporation);802.11g Wireless USB Adapter(Technology Corporation);C:\WINDOWS\system32\DRIVERS\O4501U.sys
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 00:45:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????7?3?2?2??????? ???B?????????????hLC? ??????

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-12-06 0:49:20 - machine was rebooted
.
--- E O F ---
0
Réponse 14 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
6 déc. 2007 à 00:55
fait un scan ici
https://www.bitdefender.fr/

* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur j‘accepte
* Accepte le contrôle Active X et Installe le. Le scanner se charge
* La fenêtre change encore, clique sur ’cliquez ici pour scanner’
* Les signatures se chargent, etc.

tuto en image :
http://pageperso.aol.fr/rginformatique/mapage/defender.htm

copie colle le résultat ici
0
Réponse 15 / 20
BIGJAUNARD
6 déc. 2007 à 01:01
? ? ? Il n'y a pas comme sur le tuto le bouton j'accepte !
0
Réponse 16 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
6 déc. 2007 à 01:04
fait le avec IE pas avec fire fox!!
0
Réponse 17 / 20
BIGJAUNARD
6 déc. 2007 à 18:25
BitDefender Online Scanner



Rapport d'analyse généré à: Thu, Dec 06, 2007 - 07:30:04





Voie d'analyse: C:\;D:\;







Statistiques

Temps
01:08:15

Fichiers
266932

Directoires
5775

Secteurs de boot
2

Archives
941

Paquets programmes
5999




Résultats

Virus identifiés
1

Fichiers infectés
1

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
1




Info sur les moteurs

Définition virus
880430

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
14

Archive des plugins
38

Unpack des plugins
7

E-mail plugins
6

Système plugins
1




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
*;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\Documents and Settings\user\Local Settings\Application Data\{8E94F725-8C1B-4DBD-B9F5-A623113F7B57}\Pando.msi=>(Embedded CAB)=>oovooinst.exe
Infecté par: Trojan.Generic.25641

C:\Documents and Settings\user\Local Settings\Application Data\{8E94F725-8C1B-4DBD-B9F5-A623113F7B57}\Pando.msi=>(Embedded CAB)=>oovooinst.exe
Echec de la désinfection

C:\Documents and Settings\user\Local Settings\Application Data\{8E94F725-8C1B-4DBD-B9F5-A623113F7B57}\Pando.msi=>(Embedded CAB)=>oovooinst.exe
Supprimé

C:\Documents and Settings\user\Local Settings\Application Data\{8E94F725-8C1B-4DBD-B9F5-A623113F7B57}\Pando.msi=>(Embedded CAB)
Echec de la mise à jour
0
Réponse 18 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
6 déc. 2007 à 23:43
* télécharge AVG Anti-Spyware


https://www.avg.com/en-ww/free-antivirus-download

http://www.commentcamarche.net/telecharger/telechargement 218 avg antispyware
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html


Tuto : http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html


* Tu l'installes

Démarrer AVG antispyware. Cliquer sur "mise à jour", cliquer sur le bouton "Commencer la mise à jour" et attendre la fin de cette mise à jour puis, fermer le programme.

si tu n'arrives pas à le mettre à jour prends ici les Mise à jour:

http://downloads.ewido.net/avgas-signatures-full-current.exe



Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).



relance AVG AS et cliquer sur l'onglet "scanner" puis sur "Analyse complète du système".
Une fois le scan terminé, il t'affiche un rapport. Cliquer sur "configurer..." en bas a gauche et choisir "supprimer". Ensuite cliquer sur "Appliquer toutes les actions ", ça va supprimer toutes les infections détectées.
Ensuite cliquer sur "Enregistrer le rapport d'analyse" -> "enregistrer sous" et enregistrer le rapport où bon te semble, afin de me l'envoyer dans ta prochaine réponse.


Copie Et colle le rapport ici
0
Réponse 19 / 20
BIGJAUNARD
7 déc. 2007 à 20:41
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:30 07/12/2007

+ Résultat de l'analyse:



Rien à signaler.



Fin du rapport
0
Réponse 20 / 20
rudyrital Messages postés 6230 Date d'inscription lundi 14 novembre 2005 Statut Membre Dernière intervention 10 octobre 2009 131
13 déc. 2007 à 20:49
ok, ou en sont tes soucis ?
0

Discussions similaires

Cherche chanteur et titre chanson pub kinder noel 2023
Herme80 -
trekipat -

16 réponses
Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Recherche nom acteur Pub
Visu -
Lorenzo -

4 réponses
retrouver un spot publicitaire radio ?
solpauale -
Jennifer -

5 réponses