Mémoire vive utilisée à fond sous vista

Question

Bonjour, jusqu'ici très content de Vista familial premium même avec ma config
Processeur Genuine Intel T2250 1,73Go
RAM 1022
je pouvais avoir récemment une douzaine de fenêtres d'ouvertes et 2 logiciels P2P à tourner tout en jouant en réseau sur le net...
Depuis peu ma mémoire vive a explosé et flirt les 92% à 98% même lorsqu'il n'y a rien d'ouvert et le démarrage est lent
Mes disques ne sont pas surchargés, même si on ne peut voir s'ils sont bien fragmentés :( ,  mon processeur ne galère pas
je viens de changer la résollution de l'affichage et des couleurs, que dalle

y-a-t'il d'autres solutions car la latence sur du traitement de texte ne m'amuse plus ? merc

Ps : ramer dans le sens du courant à toujours fait rire les crocodiles

blablate · Answer

salut,

1 go de ram avec vista c'est peut mais certainemant pas le seul fotif..
vas dans ton gestionnaire de tache et dis nous quelle est le fotif
affiche les procéssus de chaque utilisateur

vista doit etre saturé ou tu est infecté, tu pourrais commencer par faire le ménage dans vista et une bonne cure antivérole

vas dans ton panneau de configuration pui clik information et outil de perforamance, tu pourras voir l'état général de vista et néttoyer quelque truc

telecharge ccleaner aussi qui peut résoudre pas mal de truc

http://www.cleanersoft.net/fr/


apres une bonne cure antivérole

http://www.commentcamarche.net/faq/sujet 1404 securisation d un pc

https://sebsauvage.net/safehex.html

http://www.commentcamarche.net/faq/sujet 2436 securite hijackthis et logiciels de desinfection

toubabn1 · Answer

Salut,
fait un Ctrl alt suppr et donne moi la liste complète de tes processus.
Par ailleurs je pense que 1Go de RAM est un peu faible pour Vista ( et oui il est pas mal mais il bouffe bcp).
Peut etre pourrais tu penser à rajouter de la ram (1Go de + ferais pas de mal)

Tiens moi au courant pour tes process je reste à l'écoute.

A bientot.

blablate · Answer

en parlant de ram...

avec vista pro 64 bit, avec juste firewall/antivérole et firefox je tourne a 1122 mo a l'instant précis, 900 mo environ a l'install san rien....
pourtant je possede 4 go en ready boost...
je peus rajouter encore 2 go je crois..

Zaf · Answer

dans le gestionnaire de taches svchost.exe system et limewire à 40Mo
iexplorerà 30Mo dwn et msn à 20 Mo swdsvc system à16Mo 4 à 10MO etc
j'ai lancé un nettoyage mais ça a l'air de rester dans le même état
et gun ptit pb pour l'installation de cleaner

blablate · Answer

as tu  clické aficher les procéssus de tout les utilisateur dans le gstionnaire de tache?
 que t'arrive t'il avec ccleaner?

toubabn1 · Answer

regarde sur la colonne processeur (00 par défaut quand sa ne bouge pas)
et donne moi ceux qui en donne le plus.
ne me donne pas les logiciel mais les processus ( exemple : shstat.exe ou pthosttr.exe)

Tiens moi au courant.

A bientot.

Zaf · Answer

ui g cliké sur afficher le process de tous les utilisateurs (limewire vient de passer à 110Mo alors qu'il est déconnecté)
pour l'installation de cleaner il est entrain de la vérifier sur internet depuis 15min

Zaf · Answer

C'est processus inactif du system qui est à 70 et Iexplore à 10

blablate · Answer

click droit sur le procéssuce en faute et éssaye de l'arreter voir si ca va mieus
limewire ne devrais pas etre actif
tu as du etre infecté par peer to peer ca arrive souvant ou alors il y a un probleme avec ta cession administrateur mais je doute

leim · Answer

salut tout le monde j ai le meme probleme ma memoire vive est utilise a 98 % quelqu un peut il m aider svp

leim78 · Answer

j ai ashSimpl.exe a 13 mo , firefox.exe a 44 mo ,svhost.exe a 82 mo;

leim78 · Answer

j ai un rapport si sa peut aider kekun

Logfile of Spyware Terminator v2.1.1.314 (db:1.0.176.922)
Scan Time: 29/04/2008 15:48:34  length: 6566 s
Platform: VISTA (6.0.0.6001)
User: Admin
Boot Mode: Normal
Scan type: Full_Virus__Spyware_Scan
Scanned Objects: 138258 (Critical:1)
Filter: No System items, No Safe items, No Invalid items

Running Processes
Ati2evxx.exe [ATI Technologies Inc.] : C:\Windows\system32\Ati2evxx.exe
LVPrcSrv.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SLsvc.exe [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\Windows\system32\Ati2evxx.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\Windows\system32\Ati2evxx.exe
Ati2evxx.exe [ATI Technologies Inc.] : C:\Windows\system32\Ati2evxx.exe
AppleMobileDeviceService.exe [Apple, Inc.] : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
mDNSResponder.exe [Apple Inc.] : C:\Program Files\Bonjour\mDNSResponder.exe
LSSrvc.exe [Hewlett-Packard Company] : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PIFSvc.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
LVComSer.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
AluSchedulerSvc.exe [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
AluSchedulerSvc.exe [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
AluSchedulerSvc.exe [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
LVComSer.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
hpsysdrv.exe [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
OSD.exe [OsdMaestro] : C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
MOM.exe [Advanced Micro Devices Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
hpwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PIFSvc.exe [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
jusched.exe [Sun Microsystems, Inc.] : C:\Windows\system32\jusched.exe
Communications_Helper.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
Quickcam.exe [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
sidebar.exe [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sidebar.exe
msnmsgr.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
wmpnscfg.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
hpqtra08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
sidebar.exe [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sidebar.exe
iPodService.exe [Apple Inc.] : C:\Program Files\iPod\bin\iPodService.exe
CCC.exe [ATI Technologies Inc.] : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
COCIManager.exe [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
hpqste08.exe [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
usnsvc.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
conime.exe [Microsoft Corporation] : C:\Windows\system32\conime.exe
HPHC_Service.exe [Hewlett-Packard] : C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
uTorrent.exe : C:\Users\Hermann\Program Files\uTorrent\uTorrent.exe
ieuser.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\ieuser.exe

Internet Settings
R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R - HKLM\Software\Microsoft\Internet Explorer\Search, Local Page = http://www.iesearch.com/
R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = 
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName = 

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sidebar :  [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sidebar.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MsnMsgr :  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WMPNSCFG :  [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hpsysdrv :  [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KBD :  : C:\HP\KBD\KbdStub.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, OsdMaestro :  [OsdMaestro] : C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, StartCCC :  : C:\Program Files\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CLISTART.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl :  [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Health Check Scheduler :  [Hewlett-Packard] : C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SunJavaUpdateReg :  [Sun Microsystems, Inc.] : C:\Windows\system32\JUREG.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update :  [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Symantec PIF AlertEng :  [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher :  [Adobe Systems Incorporated] : C:\Program Files\ADOBE\READER 8.0\READER\READER_SL.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechCommunicationsManager :  [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LogitechQuickCamRibbon :  [Logitech Inc.] : C:\Program Files\Logitech\QuickCam\Quickcam.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, Launcher :  [soft thinks] : C:\Windows\SMINST\launcher.exe
04 - Startup: %START_PROGRAMSALL%\Startup\HP Digital Imaging Monitor.lnk [Hewlett-Packard Co.] : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

Shell Extensions
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} -  [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
 - {BB6B2374-3D79-41DB-87F4-896C91846510} -  [Microsoft Corporation] : C:\Windows\system32\emdmgmt.dll
SimpleShlExt Class - {5E2121EE-0300-11D4-8D3B-444553540000} -  : C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} -  [XSS] : C:\Windows\system32\ShellvRTF.dll
avast - {472083B0-C522-11CF-8763-00608CC02F24} -  [XSS] : C:\Windows\system32\ShellvRTF.dll
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} -  [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayerpshell.dll
Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
ALZip 7.0 Context Menu Shell Extension - {4EB37360-49E8-11D3-95B5-004033382980} -  [ESTsoft] : C:\Program Files\ESTsoft\ALZip\AZCTM.dll
iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} -  [Apple Inc.] : C:\Program Files\iTunes\iTunesMiniPlayer.dll

Protocol Handler
BackWeb GA Pluggable Protocol - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -  [Logitech Inc.] : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
 - {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
 - {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll

Services
23 - [Apple, Inc.] : C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswFsBlk.sys
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswMonFlt.sys
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswMonFlt.sys
23 - [ATI Technologies Inc.] : C:\Windows\system32\Ati2evxx.exe
23 - [ATI Technologies Inc.] : C:\Windows\system32\DRIVERS\atikmdag.sys
23 - [ATI Technologies Inc.] : C:\Windows\system32\DRIVERS\atikmdag.sys
23 - [ATI Technologies Inc.] : C:\Windows\system32\DRIVERS\atikmdag.sys
23 - [ATI Technologies Inc.] : C:\Windows\system32\DRIVERS\atikmdag.sys
23 - [Apple Inc.] : C:\Program Files\Bonjour\mDNSResponder.exe
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\bowser.sys
23 - [Microsoft Corporation] : C:\Windows\system32\Drivers\dfsc.sys
23 - [GEAR Software Inc.] : C:\Windows\system32\Drivers\GEARAspiWDM.sys
23 - [Hewlett-Packard] : C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
23 - [Realtek Semiconductor Corp.] : C:\Windows\system32\drivers\RTKVHDA.sys
23 - [Apple Inc.] : C:\Program Files\iPod\bin\iPodService.exe
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\msiscsi.sys
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23 - [Symantec Corporation] : C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
23 - [Logitech Inc.] : C:\Windows\system32\DRIVERS\LVcKap.sys
23 - [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
23 - [Logitech Inc.] : C:\Windows\system32\DRIVERS\LVPr2Mon.sys
23 - [Logitech Inc.] : C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23 - [Logitech Inc.] : C:\Windows\system32\drivers\LVUSBSta.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mssmbios.sys
23 - [Logitech Inc.] : C:\Windows\system32\DRIVERS\lv302af.sys
23 - [Logitech Inc.] : C:\Windows\system32\DRIVERS\LV302V32.SYS
23 - [Symantec Corporation] : C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
23 - [Hewlett-Packard Company] : C:\Windows\system32\DRIVERS\PS2.sys
23 - [Sonic Solutions] : C:\Windows\system32\Drivers\PxHelp20.sys
23 - [Microsoft Corporation] : C:\Windows\system32\driversdpencdd.sys
23 - [Realtek Corporation                                            ] : C:\Windows\system32\DRIVERS\Rtlh86.sys
23 - [Protection Technology (StarForce)] : C:\Windows\system32\drivers\sfdrv01.sys
23 - [Protection Technology (StarForce)] : C:\Windows\system32\drivers\sfhlp02.sys
23 - [Protection Technology] : C:\Windows\system32\drivers\sfsync02.sys
23 - [ZyDAS Technology Corporation] : C:\Windows\system32\DRIVERS\WlanBZXP.sys
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - : C:\Windows\system32\Drivers\sptd.sys
23 - [Crawler.com] : C:\Windows\system32\drivers\sp_rsdrv2.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\usnsvc.exe
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe

Threat Files
<Starware Horoscopes Toolbar> : C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20777_none_58fa301d80678af6\icardie.dll

Advanced Files Report
%SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for Windows] MD5=BC75BF8202EED4ABEEBCF154E253EEF9 SIZE=610304
%SYSDIR%\RtkAPO.dll [Realtek Semiconductor Corp.] [Realtek(r) LFX/GFX DSP component] MD5=D330BF0F8742EE1FFFC3A099CE310F9F SIZE=2156544
%COMMONFILES%\LogiShrd\LVMVFM\LVPrcSrv.exe [Logitech Inc.] [Logitech QuickCam] MD5=85C2E84BC1224C75A20B5560D5A15DB9 SIZE=141848
%PROGRAMFILES%\Bonjour\mdnsNSP.dll [Apple Inc.] [Bonjour] MD5=EDDEC321B128328BC370A5447F7F8D69 SIZE=147456
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=0BA91E1358AD25236863039BB2609A2E SIZE=2623488
%SYSDIR%\Ati2edxx.dll [ATI Technologies, Inc.] [ATI External Device Utility] MD5=1E1ACEE80B65B8BD489366297B3001E2 SIZE=43520
%SYSDIR%\atipdlxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=DAB554B6286EFF8B5E4B325CF63D965E SIZE=262144
%SYSDIR%\ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for Windows] MD5=2054CC400C9120C1C8EA3D2FFF84D648 SIZE=245760
%SYSDIR%\hpz3l4v2.dll [Hewlett-Packard Company] [Language Monitor] MD5=953D495FABF4574A97AC6644A2A427BC SIZE=117760
%SYSDIR%\spool\PRTPROCS\W32X86\hpzpp4v2.dll [Hewlett-Packard Corporation] [HP Print Processor] MD5=1B557A1718B7AF07FC35F0D29530089C SIZE=273920
%COMMONFILES%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [Apple, Inc.] [Apple Mobile Device Service] MD5=1961CB10BB48EB4D97E37DB6373E9E63 SIZE=110592
%PROGRAMFILES%\Bonjour\mDNSResponder.exe [Apple Inc.] [Bonjour] MD5=CFD4C3352E29A8B729536648466E8DF5 SIZE=229376
%PROGRAMFILES%\hp\digital imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=2E7BEE4AA776CF1C37836B26D1D29403 SIZE=131072
%PROGRAMFILES%\hp\digital imaging\bin\hpqddcmn.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=4F1EA8710CEF4CF052C81A960A4A15E5 SIZE=184320
%PROGRAMFILES%\hp\digital imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=682358F730B84B63E09C6B4EDC1DE7AE SIZE=225280
%PROGRAMFILES%\HP\Digital Imaging\bin\hpocxi08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CBD5ECDFD293FAF6D812D4D564C5BE4A SIZE=442368
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqcob08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=17A6EDDACA30C67BF44B999A54A6B187 SIZE=135168
%COMMONFILES%\LightScribe\LSSrvc.exe [Hewlett-Packard Company] [LightScribe] MD5=F34B35F6F74E28A460749DA11D1117F8 SIZE=79136
%COMMONFILES%\LightScribe\LSSProxy.dll [Hewlett-Packard Company] [LightScribe] MD5=B0EA38637D86C6BEF855801F741E5027 SIZE=110592
%COMMONFILES%\LightScribe\LSLog.dll [Hewlett-Packard Company] [LightScribe] MD5=469BD51B465887FD4C78A6A0D598902C SIZE=33280
%COMMONFILES%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollMgr.dll [Symantec Corporation] [LiveUpdate Notice] MD5=144D153F4164645C894FA6196AE4876B SIZE=1062536
%COMMONFILES%\LogiShrd\LVCOMSER\LVComSer.exe [Logitech Inc.] [Logitech QuickCam] MD5=9E41266C68C11D7101A2D18CD1F7553E SIZE=186904
%COMMONFILES%\LogiShrd\LVCOMSER\LVCSCli.dll [Logitech Inc.] [Logitech QuickCam] MD5=0449BD9136D29F23A1CA5E2F06D02B13 SIZE=453144
%COMMONFILES%\LogiShrd\LVCOMSER\LVCSPS.dll [Logitech Inc.] [Logitech QuickCam] MD5=C5401BAB271A03421D26BF83E12E6C5B SIZE=68120
%SYSDIR%\hpzinw12.dll [Hewlett-Packard] [Bidi User Mode] MD5=51C6D8BFBD4EA5B62A1BA7F4469250D3 SIZE=43520
%PROGRAMFILES%\Symantec\LiveUpdate\AluSchedulerSvc.exe [Symantec Corporation] [LiveUpdate] MD5=B5D974C1FD078A68C7536C561B031D39 SIZE=554352
%SYSDIR%\hpzipm12.dll [Hewlett-Packard] [Bidi User Mode] MD5=79834AA2FBF9FE81EEBB229024F6F7FC SIZE=53248
%COMMONFILES%\Logishrd\LVMVFM\LVPrcInj.dll [Logitech Inc.] [Logitech QuickCam] MD5=D174178E600FB80902F075BCBC7633B6 SIZE=109080
%SYSDIR%\atiumdag.dll [ATI Technologies Inc. ] [ATI Technologies Inc. Radeon DirectX Universal Driver] MD5=E01000E629ABEF94CDC82972870B08F4 SIZE=3021312
%SYSDIR%\atiumdva.dll [ATI Technologies Inc. ] [ATI Technologies Inc. Radeon Video Acceleration Universal Driver] MD5=7212FB96A06616D115B01952F68AA75B SIZE=3879936
%SYSDIR%\atitmmxx.dll [] [TMM Com Clone Control Module] MD5=6B12660D929C04A51B0854DFDF02C716 SIZE=159744
%PROGRAMFILES%\SUPERAntiSpyware\SASCTXMN.DLL []
%PROGRAMFILES%\ESTsoft\ALZip\AZCTM.dll [ESTsoft] MD5=2F1EE08FFA3AA40A6829DB05E18AD5FD SIZE=471552
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [Advanced Micro Devices Inc.] [Catalyst Control Centre] MD5=E681281D9BFC9D45D3B72532717E5880 SIZE=49152
%WINDIR%\assembly\GAC_MSIL\MOM.Implementation\2.0.2783.37195__90ba9c70f846762e\MOM.Implementation.dll [Advanced Micro Devices Inc.] [Catalyst Control Centre] MD5=77DEA55B340CBB54C8CD5B389B0CFED1 SIZE=102400
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=9A75B2986955DF78E5656F3B407E482E SIZE=32768
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=94750E71A05BD2A31E176EFDB7DDF432 SIZE=32768
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2783.37193__90ba9c70f846762e\LOG.Foundation.Implementation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=FB09616AE916F055711C40B125B8888C SIZE=61440
%WINDIR%\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.dll [Advanced Micro Devices Inc.] [Catalyst® Control Centre] MD5=2C367797AC08F9FE75AD37D71730B93C SIZE=16384
%WINDIR%\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=F1FD93B8EBDBDFD13930FA5B09426070 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\AEM.Server\2.0.2783.36901__90ba9c70f846762e\AEM.Server.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=E587CFF397258DEA5D910FED47BAB93A SIZE=45056
%WINDIR%\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=FB22886C382F670BB5998D89C527F2A2 SIZE=24576
%COMMONFILES%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll [Symantec Corporation] [LiveUpdate Notice] MD5=17FDC376B63BF61B5BE5EC2353C59412 SIZE=218760
%SYSDIR%\jusched.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U1] MD5=689C6EA7A17B3AE0F2A0151465EF311E SIZE=132760
%COMMONFILES%\LogiShrd\LComMgr\DevMngr.dll [Logitech Inc.] [Logitech] MD5=2DE831681408A9941E1AEDCBE52A53E9 SIZE=344336
%PROGRAMFILES%\Logitech\QuickCam\EFVal.dll [Logitech Inc.] [Logitech QuickCam] MD5=240736A5D9DFD33E20B792E16CC51195 SIZE=167184
%COMMONFILES%\LogiShrd\LComMgr\LogiCordless.dll [Logitech Inc.] [Logitech] MD5=FA39C92D1A4E0CD1A752353D90E31295 SIZE=138000
%COMMONFILES%\LogiShrd\LComMgr\LogiCordless4001.dll [Logitech Inc.] [Logitech] MD5=88F80780EC4C7D13BE7E0E5676C563CA SIZE=165136
%COMMONFILES%\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll [Logitech Inc.] [Logitech] MD5=EE9262156FAF7CC5163B1B70A2296BC4 SIZE=149264
%COMMONFILES%\LogiShrd\LComMgr\BRSkypePlugin.dll [Logitech Inc.] [Logitech] MD5=AC3B49EDE0412772980FB8C3ABB0F75C SIZE=228112
%COMMONFILES%\LogiShrd\LComMgr\YahooPlugin.dll [Logitech Inc.] [Logitech] MD5=79DFC5A244B17B7AFEE08873D3730CD2 SIZE=195344
%PROGRAMFILES%\Logitech\QuickCam\LAppRes.dll [Logitech Inc.] [Logitech QuickCam] MD5=B311E5BFFD75BFF016426BD9B4991FB2 SIZE=110352
%PROGRAMFILES%\Logitech\QuickCam\LogiMail.dll [Logitech Inc.] [Logitech QuickCam] MD5=44F08D49D7DD95F455E0B15A1FDBEEFB SIZE=141072
%COMMONFILES%\Logishrd\LQCVFX\COCIManagerPS.dll [Logitech Inc.] [Logitech QuickCam] MD5=6BF79B28420D6ECBBDD9D2C0608544FE SIZE=54032
%PROGRAMFILES%\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL [Apple Inc.] [iTunes] MD5=17365B8D355C062A826D45789C82733A SIZE=43520
%PROGRAMFILES%\iTunes\iTunesHelper.Resources\iTunesHelper.DLL [Apple Inc.] [iTunes] MD5=907F93073C1ADD94A7C6BC4CB1C8129E SIZE=42496
%PROGRAMFILES%\QuickTime\QTSystem\QuickTime.qts [Apple Inc.] [QuickTime] MD5=8FDDED9036E5848FB9DFDB013B6BA763 SIZE=16994304
%COMMONFILES%\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll [Apple Inc.] [iTunesMobileDevice] MD5=2A2920D0EF665A6CCE0DA9C9AAC85777 SIZE=1110016
%PROGRAMFILES%\Windows Live\Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=74F9E855A6A634C99320850758E795C0 SIZE=59728
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=555E7D305027470177611A82378F3219 SIZE=3334992
%PROGRAMFILES%\Messenger Plus! Live\Detoured.dll [] MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=50D3B341178EF2BA876507AB43FFD2C1 SIZE=1818960
%PROGRAMFILES%\Messenger Plus! Live\MPSkins.dll [Patchou] [Messenger Plus! Live] MD5=AE402088F6AA1E22299C68EDBD3AE0ED SIZE=8528
%PROGRAMFILES%\Messenger Plus! Live\MPScripts.dll [Patchou] [Messenger Plus! Live] MD5=EE272572637FE66AFF845C488F5B9BAC SIZE=8528
%PROGRAMFILES%\Messenger Plus! Live\libsndfile.dll [] MD5=00742B11F1492D15A0A8FF25E36AB9BE SIZE=370688
%PROGRAMFILES%\Messenger Plus! Live\lame_enc.dll [] MD5=75430D2F8B2E204814247D62D9445CE4 SIZE=390656
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=3978704576A121A9204F8CC49A301A9B SIZE=896512
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=1BA45CDEF852381DA4A95D056DDB4B48 SIZE=210520
%PROGRAMFILES%\HP\Digital Imaging\bin\hpquio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=354D0D3FA5CD831509CE97DAFF2174D5 SIZE=151552
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=8C30DF46F0A188F98C59D1DC39F55CD9 SIZE=47616
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtao08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B768327A1B2F192CAA67267A89AF3A31 SIZE=98304
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=472D66BB5D6DD9720B3FE85F7AC20202 SIZE=274432
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotra08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=50E83F39A898669BCD0375C6ADF77E06 SIZE=12800
%PROGRAMFILES%\HP\Digital Imaging\bin\hpodio08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=B7A8830E17757A41A3DBFCEE468E038C SIZE=1007616
%PROGRAMFILES%\HP\Digital Imaging\bin\hpotradd.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=D99A1ACF8918677F333B356C6393BC2E SIZE=77824
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqrif08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=FE181F58353FBE4D6D96276CE523D2CB SIZE=290816
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqmif08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=0E983BC4924CBE36E56D53ECE0E29CA8 SIZE=299008
%SYSDIR%\hpzipr12.dll [Hewlett-Packard] [Bidi User Mode] MD5=AF880166DAC5880219F748ED83902CB2 SIZE=33280
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqddusr.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=03BE14F5169B8B0665267B325EF454C9 SIZE=61440
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqusg.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E2B8F1EF9A74A83157427225873F5331 SIZE=401408
%SYSDIR%\hpzidr12.dll [Hewlett-Packard] [Bidi User Mode] MD5=26AE2CA34FA4342749EC1157CB1FE954 SIZE=49152
%PROGRAMFILES%\iPod\bin\iPodService.exe [Apple Inc.] [iTunes] MD5=1CB96E83FD76EB5580451CEF29E24303 SIZE=504104
%PROGRAMFILES%\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL [Apple Inc.] [iTunes] MD5=DD357E4AFDA26FA1B2304D7692E4414B SIZE=43520
%PROGRAMFILES%\iPod\bin\iPodService.Resources\iPodService.DLL [Apple Inc.] [iTunes] MD5=EA1A04BB39E2C7503D29A6E664EAC656 SIZE=42496
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\backWeb.dll [BackWeb Technologies Inc.] [BackWeb] MD5=84AFB4711D4109F29D881EA7CFC69F47 SIZE=2293804
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\bwsec.dll [BackWeb Technologies Inc.] [BackWeb bwsec] MD5=BB8BC9BC13D87B2C855B2BD50FBD1DCF SIZE=225335
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll [] MD5=F2D0AD019503C48D85C5F70771288B63 SIZE=61496
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\EN\ClientRc.dll [BackWeb Technologies Inc.] [BackWeb] MD5=9E2C13A26926EBB05015B8B41B4298C5 SIZE=172032
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll [Logitech Inc.] [Logitech Desktop Messenger] MD5=89AA5D2F5B2E5FD18D67C6A298495CB6 SIZE=28711
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\BWfiles.dll [BackWeb Technologies Inc.] [BackWeb] MD5=DAC29AD3DE12E0CAC510DE0FB1CBEC3B SIZE=159781
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll [Logitech] [Logitech Desktop Messenger] MD5=13965F4C5201DB7FCB34EF8CC05E47B5 SIZE=149008
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [ATI Technologies Inc.] [Catalyst Control Centre] MD5=25CA1677AAA3CDC99CD4FCF940886F3C SIZE=49152
%WINDIR%\assembly\GAC_MSIL\CCC.Implementation\2.0.2783.37194__90ba9c70f846762e\CCC.Implementation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=DBFFC78DD5F67664B8CACD7F23D12940 SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=ADDAEA5DB800947863318050D935ECFA SIZE=49152
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.dll [ATI Technologies Inc.] [Catalyst Control Centre] MD5=7C61336C9B31C5697E2595BE63FFD57E SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2783.36902__90ba9c70f846762e\CLI.Component.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=92A43496771ABD685274E5A8268C7299 SIZE=73728
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=194699FEE1647C41B18B691F4105C1BE SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=17702689FD07C525BDBBB7564A985021 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=F1AF8E33D2E366F5B23B5B3D9BA60EFA SIZE=16384
%WINDIR%\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=802DF710B25A29E275494FE7AD23548B SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2783.36901__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=0F3F60117B15E826425384BF9A506A3D SIZE=6656
%WINDIR%\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=4F6EEF793A77806A0D541097EC865C70 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=A9787265CA087560ADA3DDFEEC05A522 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2783.37239__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=B4EB867D4652F04863E5FE199183437F SIZE=36864
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=7B9A8909AAE7D836BCE2B28994ACDE87 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=D7D411475A7ABED7C4024067E7F9DDF7 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=CCE69BC85D019F49691C592DDCC2FA97 SIZE=45056
%WINDIR%\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=110D2A7BBFBA80AAE36B5F229FE800AD SIZE=16384
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=4468B03FF876D1FBD789F206EFD6CECB SIZE=16384
%SYSDIR%\ATIDEMGX.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=A13184E840A84319774BAF6A9908F83F SIZE=352256
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=021B281762E9FA606AA73723613A9B72 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2783.36910__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll [Advanced Mirco Devices, Inc.] [Catalyst® Control Centre] MD5=0C7DA2D7C3F713615A02EBB7AB930171 SIZE=245760
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll [Advanced Mirco Devices, Inc.] [Catalyst® Control Centre] MD5=4AB6B7BBB44A8A0ED41FAD9E3178D191 SIZE=57344
%WINDIR%\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=93D5B9634C4744FB115785081ECF9738 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=333035374D726FDED63B4BA615CBA0D8 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=9A0F0B24E97711F935D29B287B12A96E SIZE=16384
%WINDIR%\assembly\GAC_MSIL\ATIDEMOS\2.0.2783.36903__90ba9c70f846762e\ATIDEMOS.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=5FFE38660ED15F9BF768FB8D85BD4134 SIZE=65536
%WINDIR%\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=082EB93ACF2A473ECE096A6CB75CB8E6 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2783.36929__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=CBB322F62C4815E17AED33FB97F9BF59 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=AF6202A1548C6A9A126694957E2E5E74 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2783.37128__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=824E7E564E7D22C797D79D1D9AEA6293 SIZE=65536
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=0E8B49E2ED94881CC1C16E3F465B13CE SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=961A33ABE871519276DCE24CD0C77924 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2783.37064__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=A0201E6DC706E4B196611A337F467B1D SIZE=36864
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=9097D25EE7C78C5B35A79941333B99C8 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=2E7FAB502A8615B1AAB0EAB35AFBCA3B SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=8FBE6F3311D54B8E27B9433BC9D63E2F SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2783.37171__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=14C029E2912B1687D1759F6F9B0CCF4A SIZE=77824
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=258B0D7103DAB3B754F1DB7146CB1005 SIZE=65536
%WINDIR%\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=AD6F9F60D070F43B5C3D253A174CEE12 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2783.36983__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=CD47E51A4B0BDFF19E5A0CF3B5E0610F SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=DC9F7235FE9C62B18F64C167F1B0F765 SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2783.37094__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=57204D46A6399B26C97C7894D28E622E SIZE=36864
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=BAC3AB08229E083606FCEB6B3CEF4662 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2783.37072__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=23EBE5639A544A495ADA6BE55C74B161 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=5B320322F1AB6AFEFC98A4D3543B009D SIZE=53248
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2783.37114__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=70DB0E3E4C87785A355BAE9429B298B1 SIZE=32768
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=D200F6F7734FE4EEB7573BB654EF7762 SIZE=28672
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2783.37064__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=8C06EFAB8F388E354AA1686923C0EEBB SIZE=57344
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=D2EB7BC87E2AC1A14012BCC281134099 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2783.37135__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=FCD74F8D6EE3A1B7A02343295879AB47 SIZE=61440
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=8C7E9996B1852A014EC5B6457DEEF76E SIZE=49152
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2783.37072__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=2FBDAF68ECC22352A9E3BC38789B744A SIZE=65536
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=ABEDE9F7B0A7A543A9799F1D0A4B271A SIZE=45056
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2783.37204__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=82620E458212F3A3FB8853ACBC458A54 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=24A7DE6AFBC52A813490CEF348345E72 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\APM.Server\2.0.2783.36902__90ba9c70f846762e\APM.Server.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=37767020997787726B727E272D275941 SIZE=45056
%WINDIR%\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=19BBA8D09B7210A19F5A07C0C6851FD6 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2783.36937__90ba9c70f846762e\CLI.Component.Wizard.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=BE9FA3EA269A1BA04D6C0F1CCBC89B21 SIZE=471040
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=EC86AAD5219FC2883F67940C818D3DA9 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=1308C93BAC94C87D360C1D5AB32E27A7 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=8633517C5B65AF6D58A84344B03FE26E SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=0D6C9B2D323F78EED69A23668CB7B792 SIZE=24576
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2783.36943__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=BBB8844DBB202D3795DA4B143B8E8A1F SIZE=40960
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=6F5F1236A37D412D94082093DE7D9817 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2783.37212__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=DD1FA0399E5A0AF8439B1070ED435977 SIZE=483328
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2783.37143__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=0BEA6BEE852DFAA6EAA410A5EAA115AE SIZE=90112
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2783.36951__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=7E66AE784B1EE55A10F2BB7145BAA279 SIZE=1675264
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2783.36964__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=B951ABB8F951989A265BAC10E1C9AD69 SIZE=196608
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=E135A0DD7DA6A1E9045A6AC661401754 SIZE=40960
%WINDIR%\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll [ ] [Assembly imported from type library 'ATIXCodeLib'.] MD5=74A97243AB81F912EFB1E75C0233CBAE SIZE=6656
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2783.37157__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=7DED1735029523BC3B9A83E20A72174D SIZE=401408
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2783.37179__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=BFD83B26AA7A489537A93A6870AEF9EA SIZE=360448
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2783.37150__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=26FCE03ACADD0BF1419E5E2D46935685 SIZE=684032
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2783.36918__90ba9c70f846762e\CLI.Component.Dashboard.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=4A346A7C0C02BE8ACA7AFF0A4D89F62A SIZE=1507328
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=54C0A916B847F0A0227A1F2298620F18 SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=C2A5640CF0C9FF9D6FD84DE1DE43F78C SIZE=20480
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2783.36924__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=7950C09ED97F8507AE2050394BEDF7A9 SIZE=73728
%WINDIR%\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=F0481CB9450F3C3029CEA349D06D0839 SIZE=16384
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2783.37218__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll [Advanced Mirco Devices, Inc.] [Catalyst® Control Centre] MD5=EA27C33DCAD415C4982F8EDBAC81331C SIZE=135168
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2783.36971__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=A74D748F5CE324801CF6A13BC1CE703A SIZE=217088
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2783.36930__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=9124F534893AA21FCE5DEF3AF29520FF SIZE=438272
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2783.37095__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=26B5B865093095D90E5A3AFE6BDF0B28 SIZE=118784
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2783.37066__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=E31E7BB3764536DAB576CFD04BC507CC SIZE=475136
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2783.37130__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=8DB42A973F35B95C001952B812CAA149 SIZE=659456
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2783.37172__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=E8E6507A0F7CBF45C0C939141C6B0B3C SIZE=901120
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2783.37059__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll [Advanced Micro Devices, Inc.] [Catalyst® Control Centre] MD5=A81B3CA1AA29686040201556DAF73A77 SIZE=331776
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2783.37136__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=80D75ECC4E46771ABBB8488289564C23 SIZE=331776
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2783.36978__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=F48310DF397AC52EE9E3045E82DAFCA0 SIZE=589824
%WINDIR%\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2783.37074__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll [ATI Technologies Inc.] [Catalyst® Control Centre] MD5=FA9EC8AD8FF6A1151665CD31501DBE46 SIZE=794624
%COMMONFILES%\LogiShrd\LQCVFX\COCIManager.exe [Logitech Inc.] [Logitech QuickCam] MD5=71187B7B35CC86A324742A58BFC66743 SIZE=407824
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqste08.exe [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=85E7BB8A103644085C5C665481022E56 SIZE=271960
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqmfc10.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=CDBD3317D329E4F724D7F1FDF2D84380 SIZE=159744
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqtap08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=AED4CF5FDD02E0C8C3C0F4F756E07B3E SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqSTE08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=C67A515396678ED87F5BF80D1CB1D400 SIZE=176128
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsti08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=E2E02BB0B3AFECFBE489D07C1C3A28DC SIZE=237568
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqstp08.dll [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=5FABAA91CFAA5D86EE398BB38A59454B SIZE=208896
%PROGRAMFILES%\HP\Digital Imaging\bin\hpqsem08.rsc [Hewlett-Packard Co.] [hp digital imaging - hp all-in-one series] MD5=04FE282A68C9499963DDAFD2B42BF7B9 SIZE=569344
%PROGRAMFILES%\HP\Digital Imaging\bin\crm\xmlparse.dll [] [ xmlparse Dynamic Link Library] MD5=A7A0371C6C7F0A02B5668A0F504A23CB SIZE=65536
%PROGRAMFILES%\HP\Digital Imaging\bin\crm\xmltok.dll [] [ xmltok Dynamic Link Library] MD5=6906658F82DE4C3F9538B189D93597C2 SIZE=77824
%PROGRAMFILES%\Windows Live\Messenger\usnsvc.exe [Microsoft Corporation] [Messenger] MD5=9D19B042A4FD5C02195071EA2FE0C821 SIZE=98328
%SYSDIR%\conime.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=F96EBC5A624349D81DCC7600A3C5DC43 SIZE=69120
%PROGRAMFILES%\Hewlett-Packard\HP Health Check\HPHC_Service.exe [Hewlett-Packard] [HP Health Check Service] MD5=E48B80F6614D4BEFA7768B960FFEF514 SIZE=61440
%WINDIR%\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll [Hewlett-Packard] [HP Active Support Library] MD5=C6AB9DC71CE8FB2445CA14EE0FEC5ED6 SIZE=73728
%SystemDiskRoot%\hp\kbd\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\hp\kbd\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=F21E49604278F016CEDBD03DCD182111 SIZE=77824
%SystemDiskRoot%\hp\kbd\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=1F847CEB90DF6BF6E0EDAED904B1E7C8 SIZE=86016
%SystemDiskRoot%\hp\kbd\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=B78A418B41EBC30B060A202BA27F687F SIZE=2211840
%SystemDiskRoot%\hp\kbd\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=0561DE1F7D0D8BA1460719EC4781D496 SIZE=151552
%SystemDiskRoot%\hp\kbd\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company SCT DLL] MD5=17F1CFF37CB423EA05264F7174D84D60 SIZE=118784
%SystemDiskRoot%\hp\kbd\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=44AEC55B120A53A362D22A59C90CE604 SIZE=90112
%SystemDiskRoot%\hp\kbd\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=8D97E7FFB89B4824C732DBDD3A39C5B2 SIZE=90112
%SystemDiskRoot%\hp\kbd\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=179D348C1BF81399F0D1D8C155338004 SIZE=90112
%SystemDiskRoot%\hp\kbd\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=6CF34B0F4DFBF541DB299CCFAC445A04 SIZE=176128
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=57D46FEDF6BF2DDE8CD4746F0684BE58 SIZE=217088
%SystemDiskRoot%\Users\Hermann\Program Files\uTorrent\uTorrent.exe [] MD5=CA3F4554910E40A0053626C1BB66C5FE SIZE=219952
%PROGRAMFILES%\Internet Explorer\ieuser.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=5B2E1C16A2C420F60CD391B666003F14 SIZE=299520
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=E7369CA015162EF4F9E207897EF7DED8 SIZE=99328
%SYSDIR%\emdmgmt.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=BA4E96D951DDAD6AC3AF3C91D4AC68BF SIZE=564736
%PROGRAMFILES%\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [] [ACE Context Menu] MD5=3A9F70479A886DCC8E5151326156472D SIZE=73728
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=91FA8D1DB1EC243CECD4A0977C91CC6F SIZE=237568
%PROGRAMFILES%\Real\RealPlayerpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=F8C799BB63C6020BE54E4132E1866BE0 SIZE=63040
%PROGRAMFILES%\Windows Live\Messenger\fsshext.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=8BDE1F61DFBAAE7A2916170E8B75FE0F SIZE=329240
%PROGRAMFILES%\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=CB77693D6E94DA5DF7AA007B0671D42C SIZE=132392
%SYSDIR%\svchost.exe -k netsvcs []
%SYSDIR%\DRIVERS\aswFsBlk.sys [ALWIL Software] [avast! Antivirus System] MD5=838255D6EF1CA0A4F6B076F6D3425850 SIZE=20560
%SYSDIR%\DRIVERS\aswMonFlt.sys [ALWIL Software] [avast! Antivirus System] MD5=FB1A6C8826BD6454FEDC8F12E8CE63CD SIZE=50768
%SYSDIR%\DRIVERS\atikmdag.sys [ATI Technologies Inc.] [ATI Radeon Family] MD5=5098F744BB673CB85488747FD76D2635 SIZE=3076608
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted []
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted []
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork []
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=74B442B2BE1260B7588C136177CEAC66 SIZE=69632
%SYSDIR%\svchost.exe -k NetworkService []
%SYSDIR%\svchost.exe -k DcomLaunch []
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9E635AE5E8AD93E2B5989E2E23679F97 SIZE=75264
%SYSDIR%\svchost.exe -k LocalService []
%SYSDIR%\Drivers\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=5DC17164F66380CBFEFD895C18467773 SIZE=16168
%SYSDIR%\svchost.exe -k hpdevmgmt []
%SYSDIR%\drivers\RTKVHDA.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver] MD5=EDC37B918E583A5A813C53D4F5588255 SIZE=2047576
%SYSDIR%\DRIVERS\msiscsi.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=F247EEC28317F6C739C16DE420097301 SIZE=181304
%SYSDIR%\DRIVERS\LVcKap.sys [Logitech Inc.] [Logitech QuickCam] MD5=8113133EC42DD6C566908008CE913EDD SIZE=2109976
%SYSDIR%\DRIVERS\LVPr2Mon.sys [Logitech Inc.] [Logitech QuickCam] MD5=406B1D186F75B4B4832D6237859E1B00 SIZE=25624
%SYSDIR%\drivers\LVUSBSta.sys [Logitech Inc.] [Logitech QuickCam] MD5=BE5E104BE263921D6842C555DB6A5C23 SIZE=41752
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=67E55CED3FC143C82A8197988BFC1F9A SIZE=211968
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=E384487CB84BE41D09711C30CA79646C SIZE=31288
%SYSDIR%\svchost.exe -k HPZ12 []
%SYSDIR%\DRIVERS\lv302af.sys [Logitech Inc.] [Logitech QuickCam] MD5=0896002D1EFCD08859A41C9DB34AD84C SIZE=13848
%SYSDIR%\DRIVERS\LV302V32.SYS [Logitech Inc.] [Logitech QuickCam] MD5=A7598E897DA639E255AD4188FA398478 SIZE=1279000
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted []
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=390C204CED3785609AB24E9C52054A84 SIZE=19072
%SYSDIR%\Drivers\PxHelp20.sys [Sonic Solutions] [PxHelp20] MD5=49452BFCEC22F36A7A9B9C2181BC3042 SIZE=43872
%SYSDIR%\driversdpencdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9D91FE5286F748862ECFFA05F8A0710C SIZE=6144
%SYSDIR%\svchost.exe -k rpcss []
%SYSDIR%\DRIVERS\Rtlh86.sys [Realtek Corporation                                            ] [Realtek 8101E/8168/8169 PCI/PCIe Adapters                      ] MD5=71B7026D61293C1E91145BDAD11C53BF SIZE=76288
%SYSDIR%\drivers\sfdrv01.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=AAD95FE3E005489C7156FA111F744EAF SIZE=59256
%SYSDIR%\drivers\sfhlp02.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=DAAD4C099EBF5094D32C373AC1AC0F3C SIZE=13680
%SYSDIR%\drivers\sfsync02.sys [Protection Technology] [StarForce Protection System] MD5=6DC03269F4C71E4AB313C3597F42A340 SIZE=27032
%SYSDIR%\DRIVERS\WlanBZXP.sys [ZyDAS Technology Corporation] [ZD1211B 802.11 b+g USB LAN Adapter] MD5=BD6354DE4D081DE96C79BDB53F55CA82 SIZE=402944
%SYSDIR%\Drivers\sptd.sys [] SIZE=717296
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=AE59A60E67D3B3F864D2EE4E1FD4EB0C SIZE=138752
%SYSDIR%\svchost.exe -k imgsvc []
%SYSDIR%\svchost.exe -k WerSvcGroup []
%SYSDIR%\svchost.exe -k secsvcs []
%SYSDIR%\SearchIndexer.exe \Embedding []
%PROGRAMFILES%\SUPERAntiSpyware\SASKUTIL.sys []
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=24084D13982FFE48C5BF931F1E5DD707 SIZE=282112
%PROGRAMFILES%\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [Logitech Inc.] [Logitech Desktop Messenger] MD5=89AA5D2F5B2E5FD18D67C6A298495CB6 SIZE=28711
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [Microsoft Corporation] [Messenger] MD5=56319E6B4D190A2DEB4463A9CE4D4F74 SIZE=66072
%PROGRAMFILES%\Alwil Software\Avast4\AavmGuih.dll [] MD5=B298CA699B6A1A5AE76D8E80B38E7366 SIZE=188416
%PROGRAMFILES%\Alwil Software\Avast4\ashAvast.exe [] SIZE=271736
%PROGRAMFILES%\Alwil Software\Avast4\ashBug.exe [] SIZE=128376
%PROGRAMFILES%\Alwil Software\Avast4\ashCfgP.dll [] MD5=4BAEB62A50BC5CE296593FC160EA4F8A SIZE=98304
%PROGRAMFILES%\Alwil Software\Avast4\ashCfgT.dll [] MD5=06BF4C8E359355357A4494E2E19D0FFE SIZE=135168
%PROGRAMFILES%\Alwil Software\Avast4\ashChest.dll [] MD5=1C751CA084E779110776A27541E35F53 SIZE=151552
%PROGRAMFILES%\Alwil Software\Avast4\ashChest.exe [] SIZE=66936
%PROGRAMFILES%\Alwil Software\Avast4\ashCnsnt.exe [] SIZE=52088
%PROGRAMFILES%\Alwil Software\Avast4\ashLogV.exe [] SIZE=49016
%PROGRAMFILES%\Alwil Software\Avast4\ashOutXt.dll [] SIZE=202104
%PROGRAMFILES%\Alwil Software\Avast4\ashPopWz.exe [] SIZE=206200
%PROGRAMFILES%\Alwil Software\Avast4\ashQuick.exe [] SIZE=279928
%PROGRAMFILES%\Alwil Software\Avast4\ashShA64.dll [] SIZE=78152
%PROGRAMFILES%\Alwil Software\Avast4\ashSimp2.exe [] SIZE=128376
%PROGRAMFILES%\Alwil Software\Avast4\ashSimpl.exe [] SIZE=157048
%PROGRAMFILES%\Alwil Software\Avast4\ashSkPcc.exe [] MD5=7972EF8E1A993E5ECCA6D34866A3EA28 SIZE=18432
%PROGRAMFILES%\Alwil Software\Avast4\ashSkPck.exe [] MD5=441EDEF2FCD3A4CC33106E42A3619DFD SIZE=61440
%PROGRAMFILES%\Alwil Software\Avast4\ashSODBC.dll [] MD5=B093CC21ACF2E6396AD4164D1C101191 SIZE=53248
%PROGRAMFILES%\Alwil Software\Avast4\ashSXML.dll [] MD5=6F2A72367BB775F29C5B4307D926AE63 SIZE=48128
%PROGRAMFILES%\Alwil Software\Avast4\ashUpd.exe [] SIZE=66936
%PROGRAMFILES%\Alwil Software\Avast4\aswMonDS.sys [] MD5=5D21DAB328BD38D368FF00B996619B0D SIZE=706
%PROGRAMFILES%\Alwil Software\Avast4\aswMonVD.dll [] SIZE=3452
%PROGRAMFILES%\Alwil Software\Avast4\aswRawFS.dll [] MD5=1D52061EBB53917D50141FC72FC6653D SIZE=294912
%PROGRAMFILES%\Alwil Software\Avast4\aswRegSvr.exe [] MD5=3E0589CE378E6146CCBF2E3B1AD0027A SIZE=22016
%PROGRAMFILES%\Alwil Software\Avast4\aswRes.dll [] MD5=652AAB7E654497D0D4A34C37D2EA97E5 SIZE=143360
%PROGRAMFILES%\Alwil Software\Avast4\aswRunDll.exe [] SIZE=91512
%PROGRAMFILES%\Alwil Software\Avast4\AVASTSS.scr [] SIZE=95608
%PROGRAMFILES%\Alwil Software\Avast4\avCommEx.dll [] MD5=FC0367518D0E68C7AC3F54A31BEB1421 SIZE=106496
%PROGRAMFILES%\Alwil Software\Avast4\AVSSHOOK.dll [] SIZE=12152
%PROGRAMFILES%\Alwil Software\Avast4\copyx64.exe [] MD5=29FAF13A342E91288C01BB4EEFC4C023 SIZE=2560
%PROGRAMFILES%\Alwil Software\Avast4\DefTasks.xml [] SIZE=21119
%PROGRAMFILES%\Alwil Software\Avast4\sched.exe [] SIZE=66936
%PROGRAMFILES%\Alwil Software\Avast4\unacev2.dll [] MD5=A07CCC76AE1D3C6B9ED3D409C0536CF9 SIZE=75776
%PROGRAMFILES%\Alwil Software\Avast4\VisthAux.exe [] SIZE=66936
%PROGRAMFILES%\Alwil Software\Avast4\VisthLic.exe [] SIZE=51576
%PROGRAMFILES%\Alwil Software\Avast4\VisthUpd.exe [] SIZE=51576
%PROGRAMFILES%\Alwil Software\Avast4\wdp-ash-updscript.vbs [] MD5=F9FC886A1AD988706A5491CF5B17CF6C SIZE=1159
%PROGRAMFILES%\Alwil Software\Avast4\DATA\400.vps [] SIZE=13793983
%PROGRAMFILES%\Alwil Software\Avast4\DATA\aswar0.dll [] SIZE=173432
%PROGRAMFILES%\Alwil Software\Avast4\DATA\aswResp.dat []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Avast4.db [] MD5=F5CB36D7E9D3FBF6F0578A211D287C02 SIZE=52224
%PROGRAMFILES%\Alwil Software\Avast4\DATA\avast4.ini [] SIZE=10426
%PROGRAMFILES%\Alwil Software\Avast4\DATA\clnr0.dll [] SIZE=391216
%PROGRAMFILES%\Alwil Software\Avast4\DATA\dllcc0.dat [] SIZE=263672
%PROGRAMFILES%\Alwil Software\Avast4\DATA\exts0.dll [] SIZE=9080
%PROGRAMFILES%\Alwil Software\Avast4\DATA\iNews.htm [] SIZE=70766
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\00000001 [] SIZE=874504
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\00000002 [] SIZE=2872
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\00000003 [] SIZE=14856
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\00000004 [] SIZE=888328
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\00000005 [] SIZE=15368
%PROGRAMFILES%\Alwil Software\Avast4\DATA\chest\index.xml [] SIZE=1693
%PROGRAMFILES%\Alwil Software\Avast4\DATA\integ\avast.int [] SIZE=14185048
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\AshWebSv.ws []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\AshWebSv.ws.ori [] SIZE=1448
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\aswBoot.log [] SIZE=1890
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\aswMaiSv.log [] SIZE=1076
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\aswMaiSv.ori [] MD5=7C11CCD6629ED404A54A7728589E751B SIZE=1115
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\Error.log [] SIZE=83783
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\Notice.log [] SIZE=14248
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log
shield.log []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\Setup.log [] SIZE=5183966
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp104505741.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp14890751.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp154352173.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp199415009.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp207972672.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp222853684.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp228471076.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp27754868.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp31868547.tmp.mdmp [] SIZE=89821
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp38722518.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp39063017.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp46762525.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\unp60010803.tmp.mdmp []
%PROGRAMFILES%\Alwil Software\Avast4\DATA\log\Warning.log [] SIZE=111772
%PROGRAMFILES%\Alwil Software\Avast4\DATAeport\aswBoot.txt [] SIZE=188
%PROGRAMFILES%\Alwil Software\Avast4\DATAeport\avast.xsl [] SIZE=9773
%PROGRAMFILES%\Alwil Software\Avast4\DATAeport\background.gif [] SIZE=94
%PROGRAMFILES%\Alwil Software\Avast4\DATAeport\logo.gif [] SIZE=5330
%PROGRAMFILES%\Alwil Software\Avast4\DATAeport\Protection résidente.txt [] SIZE=33888
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\Bionic by SZCraftec.asws [] SIZE=1358727
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\Bionic by SZCraftec.txt [] SIZE=272
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\low res.asws [] SIZE=660838
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\silver panel.asws [] SIZE=1199983
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\SZC-KDE.asws [] SIZE=2219511
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\__snake.aswf [] SIZE=8096
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\__strike.aswf [] MD5=59C627D632093022F1ABE6219F44734E SIZE=7680
%PROGRAMFILES%\Alwil Software\Avast4\DATA\Skin\__vizer.aswf [] SIZE=6816
%PROGRAMFILES%\Alwil Software\Avast4\FRENCH\aswClnTg.htm [] SIZE=406
%PROGRAMFILES%\Alwil Software\Avast4\FRENCH\aswClnTg.txt [] SIZE=224
%PROGRAMFILES%\Alwil Software\Avast4\FRENCH\aswInfTg.htm [] SIZE=638
%PROGRAMFILES%\Alwil Software\Avast4\FRENCH\aswInfTg.txt [] SIZE=456
%PROGRAMFILES%\Alwil Software\Avast4\FRENCH\Boot.dll [] MD5=29501BCA0471D364AFBD8C3FF1700518 SIZE=17920
%PROGRAMFILES%\Alwil Software\Avast4\FRENC

blablate · Answer

salut,

Fait un scan en ligne et post le raport
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

telecharge  malwarebytes et post aussi un raport
http://www.malwarebytes.org/mbam.php

enfin telecharge hijackthis et post le raport
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis`

leim78 · Answer

voila le rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:26:43, on 01/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\schtasks.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Windows\system32\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Users\Hermann\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hermann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XPZ7E70\mbam-setup[1].exe
C:\Users\Hermann\AppData\Local\Temp\is-EQ2OK.tmp\mbam-setup[1].tmp
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O13 - Gopher Prefix: 
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3350D6-BC02-41AA-BC84-E870DD39E6F2}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

blablate · Answer

tu es infectés pas Msn pour sure...
1:)  tu as 2 antivirus il ne faut pas, désactive en 1 (norton tant qu'a faire)

2:) télécharge msnfix et lance le mode sans échec
http://www.commentcamarche.net/telecharger/telecharger 34055374 msn fix

3:) fais un scan avec asquared en sans échec
https://www.emsisoft.com/en/home/antimalware/

4:) repost un log hjks en suivant cette bonne méthode en mode sans échec aussi
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Et ça a donné quoi pour les autres scan?
post tout les rapports signalant une infection...

leim78 · Answer

le scan en ligne ne fonctionne pas avec vista et malwarebytes tourne depuis 3 heures 50

blablate · Answer

3h50 ca fait long mais bon si ca continue laisse faire, essais bitdefender comme scan en ligne
http://www.bitdefender.fr/scan_fr/scan8/ie.html

leim78 · Answer

je vien de mettre le scan de bitdefender temp estimé a 3heure 20
je pe lancer msn fix tout de suite?
je n ai que avast et spyware terminator ainsi que le pare feu windows

blablate · Answer

non attend que bidefender est fini, apres tu lanceras msnfix en sans échec
en sans échec surtout pour les scan et les rapport a part ceux en lignes comme bitdefender...

leim78 · Answer

ok je crois que les scan seront fini demain matin

leim78 · Answer

autre rapport 
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 705

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 154772
Temps écoulé: 5 hour(s), 19 minute(s), 5 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

blablate · Answer

Malwarebytes a rien trouvé, c'est une bonne chose..
n'oubli pas de faire les scan en mode sans échec surtout !

leim78 · Answer

autre rapport
BitDefender Online Scanner - Rapport virus en temps réel
  
  
 
Généré à: Thu, May 01, 2008 - 23:03:49
 

--------------------------------------------------------------------------------

 
  
  
 
Info d'analyse
  
  
 
Fichiers scannés
 110652
 
Infectés Fichiers
 0
 
  
  
 
 
  
  
 
Virus Détectés
  
  
 
Aucun virus trouvé.
 
 
  
  
 
 
  
  
 
 

--------------------------------------------------------------------------------
  
  
 
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

leim78 · Answer

Version - a-squared Anti-Malware 3.5
Dernière mise à jour : 02/05/2008 08:27:06

Paramètres des balayages :

Éléments : Mémoire, Traces, Cookies, C:\Windows\, C:\Program Files
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche

Début du balayage :	02/05/2008 08:45:03

c:\program files\messengerdiscovery 	Objets détectés : Trace.Directory.DiscoveryLive
c:\users\hermann\appdataoaming\adscleaner 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\exchange 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\input 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\internallog 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\internallog 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\hintview 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\listview 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\softinform\adscleaner 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\softinform\adscleaner\internallog 	Objets détectés : Trace.Directory.AdsCleaner
c:\program files\softinform\adscleaner trial 	Objets détectés : Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\bannerinfo.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\ads.ver 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.data 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind.add 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind.del 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles\ads.adl 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles\adsize.adl 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\pkiller.ind 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\whitepages.ind 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archiveunflag.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.dat.ind 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.datfra 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.datfrs 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.dat.lbz 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.datfra 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.datfrs 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpindid.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpindurl.dat 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\internallogpcsrvlog.txt 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\hintview\default view.htg 	Objets détectés : Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\listview\default view.stg 	Objets détectés : Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\pakiegui.dll 	Objets détectés : Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\pakieplugins.dll 	Objets détectés : Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\sitts.exe 	Objets détectés : Trace.File.AdsCleaner
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> CollectionPath 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> CompletePath 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> IncompletePath 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> TorrentPath 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646} 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> FirstRun 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> GUIMode 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> Language 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> RatesInBytes 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> Running 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> VerboseMode 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza --> UserPath 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg 	Objets détectés : Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> Checksum 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> MaximiseeOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> PositionOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> TailleOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> Checksum 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> MaximiseeOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> PositionOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> TailleOuverture 	Objets détectés : Trace.Registry.WinSOS
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> CITY 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> DATE 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> LANGUAGE 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> LAST_SCAN 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> MAIL 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> REGION 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SAVE 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SAVE EX 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SPY 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TEMP 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALHD 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALSAUVE 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALSPY 	Objets détectés : Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALTRACES 	Objets détectés : Trace.Registry.Winsos 5.0
C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Cookies\hermann@com[1].txt 	Objets détectés : Trace.TrackingCookie
C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Cookies\hermann@weborama[1].txt 	Objets détectés : Trace.TrackingCookie

Analysé

Fichiers : 	115851
Traces : 	177636
Cookies : 	125
Processus : 	18

Objets trouvés

Fichiers : 	0
Traces : 	88
Cookies : 	2
Processus : 	0
Clés du Registre : 	0

Fin du balayage :	02/05/2008 09:20:34
Temps du balayage :	0:35:31

C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Cookies\hermann@com[1].txt	Objets Supprimés Trace.TrackingCookie
C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Cookies\hermann@weborama[1].txt	Objets Supprimés Trace.TrackingCookie
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> CITY	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> DATE	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> LANGUAGE	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> LAST_SCAN	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> MAIL	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> REGION	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SAVE	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SAVE EX	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> SPY	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TEMP	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALHD	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALSAUVE	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALSPY	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WIN SOS --> TOTALTRACES	Objets Supprimés Trace.Registry.Winsos 5.0
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> Checksum	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> MaximiseeOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> PositionOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\ballon --> TailleOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> Checksum	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> MaximiseeOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> PositionOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\WINSOS\WINSOS\choixlangues --> TailleOuverture	Objets Supprimés Trace.Registry.WinSOS
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> CollectionPath	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> CompletePath	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> IncompletePath	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Downloads --> TorrentPath	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Plugins --> {9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> FirstRun	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> GUIMode	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> Language	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> RatesInBytes	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> Running	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Settings --> VerboseMode	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza\Windows --> CMainWnd.ShowCmd	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_CURRENT_USER\Software\Shareaza\Shareaza --> UserPath	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Mike`s Simple Scopes	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> Sonique Wrapper	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\AudioVis --> WMP Wrapper	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .avi	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .div	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mp3	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpeg	Objets Supprimés Trace.Registry.Shareaza Lite
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Shareaza\Shareaza\Plugins\DownloadPreview --> .mpg	Objets Supprimés Trace.Registry.Shareaza Lite
c:\users\hermann\appdataoaming\adscleaner\bannerinfo.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\ads.ver	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.data	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind.add	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\advert.ind.del	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles\ads.adl	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles\adsize.adl	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\pkiller.ind	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\whitepages.ind	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archiveunflag.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.dat.ind	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.datfra	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	humbnail.datfrs	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.dat.lbz	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.datfra	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpcont.datfrs	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpindid.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails\dpindurl.dat	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\internallogpcsrvlog.txt	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\hintview\default view.htg	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\listview\default view.stg	Objets Supprimés Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\pakiegui.dll	Objets Supprimés Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\pakieplugins.dll	Objets Supprimés Trace.File.AdsCleaner
c:\program files\softinform\adscleaner trial\sitts.exe	Objets Supprimés Trace.File.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\adblocker\initfiles	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\archive	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\diskthumbnails	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\exchange	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\input	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\data\internallog	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\internallog	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\hintview	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\adscleaner\profiles\default\listview	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\softinform\adscleaner	Objets Supprimés Trace.Directory.AdsCleaner
c:\users\hermann\appdataoaming\softinform\adscleaner\internallog	Objets Supprimés Trace.Directory.AdsCleaner
c:\program files\softinform\adscleaner trial	Objets Supprimés Trace.Directory.AdsCleaner
c:\program files\messengerdiscovery	Objets Supprimés Trace.Directory.DiscoveryLive

Objets Supprimés

Fichiers : 	0
Traces : 	88
Cookies : 	2

leim78 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:36:33, on 02/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32	askeng.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\jusched.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hp\kbd\kbd.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ESTsoft\ALZip\ALZip.exe
C:\Windows\explorer.exe
C:\Windows\system32\conime.exe
C:\Users\Hermann\Desktop\MSNFix\MSNFix\incl\catchme.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3350D6-BC02-41AA-BC84-E870DD39E6F2}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

leim78 · Answer

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 09:28:30
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:b1,4c,f9,02,0b,6c,4d,61,52,4a,9c,4f,83,f1,f4,e2,a1,99,77,93,af,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:aa,b7,53,bc,0a,33,29,6e,1c,aa,dd,3f,ff,34,03,d8,1c,86,53,6e,8a,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b3,9f,bd,14,59,0d,0f,98,e7,81,16,18,05,51,0c,02,75,..
"khjeh"=hex:77,d4,c2,53,46,04,9b,12,57,dc,96,50,c4,b1,88,d8,0c,49,49,1e,8f,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:28,0e,cb,ea,17,8b,f6,8c,d4,8c,f7,04,d3,8d,44,9a,9a,6d,03,02,36,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:b1,4c,f9,02,0b,6c,4d,61,52,4a,9c,4f,83,f1,f4,e2,a1,99,77,93,af,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:aa,b7,53,bc,0a,33,29,6e,1c,aa,dd,3f,ff,34,03,d8,1c,86,53,6e,8a,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b3,9f,bd,14,59,0d,0f,98,e7,81,16,18,05,51,0c,02,75,..
"khjeh"=hex:77,d4,c2,53,46,04,9b,12,57,dc,96,50,c4,b1,88,d8,0c,49,49,1e,8f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:28,0e,cb,ea,17,8b,f6,8c,d4,8c,f7,04,d3,8d,44,9a,9a,6d,03,02,36,..

scanning hidden registry entries ...

scanning hidden files ...

C:\Windows\SoftwareDistribution\DataStore\Logs	mp.edb 65536 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 217

file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\36\36-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v36-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v36-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ( 4640 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ( 17418 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.1 ( 1960 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.1 ( 46632 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.2 ( 5200 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\26\58-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v26-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.2 ( 31746 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\26\58-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v26-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.3 ( 3520 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\27\59-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v27-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.4 ( 5480 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\28\60-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v28-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.5 ( 4328 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\34\34-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v34-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v34-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.6 ( 3920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\35\35-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v35-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v35-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.7 ( 4176 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\37\37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.3 ( 39396 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\37\37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.8 ( 4336 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\38\38-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v38-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v38-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.9 ( 4840 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\39\39-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v39-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v39-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.10 ( 3968 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\40\40-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v40-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v40-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.11 ( 4944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\41\41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.4 ( 50124 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\41\41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.12 ( 5608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\42\42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.5 ( 46884 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\42\42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.13 ( 5264 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\43\43-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v43-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.14 ( 5864 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\44\44-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v44-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.15 ( 5656 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\50\50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.6 ( 35922 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\50\50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.16 ( 4016 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.7 ( 14556 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.17 ( 1608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.8 ( 25662 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.18 ( 2848 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.9 ( 17490 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.19 ( 1912 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.10 ( 24834 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.20 ( 2768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.11 ( 17184 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.21 ( 1928 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.12 ( 68646 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.22 ( 7672 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.13 ( 12810 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.23 ( 1416 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.14 ( 22908 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.24 ( 2560 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.15 ( 16068 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.25 ( 1768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.16 ( 66864 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.26 ( 7392 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.17 ( 13728 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.27 ( 1512 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.18 ( 18768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.28 ( 2072 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.19 ( 16032 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.29 ( 1800 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.20 ( 64092 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.30 ( 7088 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.21 ( 17490 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.31 ( 1920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.22 ( 19254 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.32 ( 2168 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.23 ( 31944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.33 ( 3552 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.24 ( 53364 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.34 ( 5944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.25 ( 16572 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.35 ( 1824 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.26 ( 22008 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.36 ( 2384 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.27 ( 16518 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.37 ( 1872 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.28 ( 98886 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.38 ( 11000 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.29 ( 15744 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.39 ( 1728 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.30 ( 14934 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.40 ( 1656 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.31 ( 17202 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.41 ( 1920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.32 ( 35454 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.42 ( 3904 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.33 ( 55704 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.43 ( 6232 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.34 ( 50484 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.44 ( 5632 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.35 ( 16194 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.45 ( 1792 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.36 ( 19578 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.46 ( 2176 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.37 ( 18678 bytes ) 
read file error: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-Do

leim78 · Answer

voila les scan

blablate · Answer

ok tu peus refaire msnfix en mode san echec,
http://www.commentcamarche.net/telecharger/telecharger 34055374 msn fix

fais aussi un coup de combofix en sans echec
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

et enfin tu scan hijackthis en sans echec et tu repost apres un raport ...

Démarrer en mode sans echec, ca sert a rien si non !!))
http://www.commentcamarche.net/faq/sujet 5004 windows xp demarrage en mode sans echec

leim78 · Answer

voila pour hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:19, on 02/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3350D6-BC02-41AA-BC84-E870DD39E6F2}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

leim78 · Answer

pour l autre 
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 17:42:36
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:b1,4c,f9,02,0b,6c,4d,61,52,4a,9c,4f,83,f1,f4,e2,a1,99,77,93,af,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:aa,b7,53,bc,0a,33,29,6e,1c,aa,dd,3f,ff,34,03,d8,1c,86,53,6e,8a,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b3,9f,bd,14,59,0d,0f,98,e7,81,16,18,05,51,0c,02,75,..
"khjeh"=hex:77,d4,c2,53,46,04,9b,12,57,dc,96,50,c4,b1,88,d8,0c,49,49,1e,8f,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:8c,e5,3a,47,bb,8e,04,98,f2,05,8c,74,bc,f4,37,7d,9d,19,12,e8,05,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:b1,4c,f9,02,0b,6c,4d,61,52,4a,9c,4f,83,f1,f4,e2,a1,99,77,93,af,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:aa,b7,53,bc,0a,33,29,6e,1c,aa,dd,3f,ff,34,03,d8,1c,86,53,6e,8a,..
"p0"="C:\Program Files\DAEMON Tools Lite\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b3,9f,bd,14,59,0d,0f,98,e7,81,16,18,05,51,0c,02,75,..
"khjeh"=hex:77,d4,c2,53,46,04,9b,12,57,dc,96,50,c4,b1,88,d8,0c,49,49,1e,8f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:28,0e,cb,ea,17,8b,f6,8c,d4,8c,f7,04,d3,8d,44,9a,9a,6d,03,02,36,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 216

file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\36\36-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v36-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v36-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ( 4640 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 ( 17418 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.1 ( 1960 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.1 ( 46632 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\59\59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.2 ( 5200 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\26\58-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v26-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.2 ( 31746 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\26\58-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v26-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.3 ( 3520 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\27\59-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v27-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v59-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.4 ( 5480 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\28\60-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v28-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.5 ( 4328 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\34\34-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v34-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v34-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.6 ( 3920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\35\35-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v35-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v35-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.7 ( 4176 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\37\37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.3 ( 39396 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\37\37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v37-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.8 ( 4336 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\38\38-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v38-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v38-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.9 ( 4840 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\39\39-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v39-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v39-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.10 ( 3968 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\40\40-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v40-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v40-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.11 ( 4944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\41\41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.4 ( 50124 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\41\41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.12 ( 5608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\42\42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.5 ( 46884 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\42\42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.13 ( 5264 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\43\43-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v43-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.14 ( 5864 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\44\44-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v44-{556FBFC4-C84C-4829-AB7E-96FFA71782BC}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.15 ( 5656 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\50\50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.6 ( 35922 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\50\50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.16 ( 4016 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.7 ( 14556 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.17 ( 1608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.8 ( 25662 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\51\51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.18 ( 2848 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.9 ( 17490 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.19 ( 1912 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.10 ( 24834 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\52\52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.20 ( 2768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.11 ( 17184 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.21 ( 1928 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.12 ( 68646 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\53\53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.22 ( 7672 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.13 ( 12810 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.23 ( 1416 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.14 ( 22908 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\54\54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v54-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.24 ( 2560 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.15 ( 16068 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.25 ( 1768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.16 ( 66864 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\55\55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v55-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.26 ( 7392 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.17 ( 13728 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.27 ( 1512 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.18 ( 18768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\56\56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v56-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.28 ( 2072 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.19 ( 16032 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.29 ( 1800 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.20 ( 64092 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\57\57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v57-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.30 ( 7088 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.21 ( 17490 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.31 ( 1920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.22 ( 19254 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\58\58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v58-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.32 ( 2168 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.23 ( 31944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v160-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.33 ( 3552 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.24 ( 53364 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\60\60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v60-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.34 ( 5944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.25 ( 16572 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v161-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.35 ( 1824 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.26 ( 22008 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\61\61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v61-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.36 ( 2384 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.27 ( 16518 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v162-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.37 ( 1872 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.28 ( 98886 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\62\62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v62-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.38 ( 11000 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.29 ( 15744 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v163-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.39 ( 1728 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.30 ( 14934 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\63\63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v63-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.40 ( 1656 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.31 ( 17202 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v164-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.41 ( 1920 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.32 ( 35454 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\64\64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v64-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.42 ( 3904 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.33 ( 55704 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v165-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.43 ( 6232 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.34 ( 50484 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\65\65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v65-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.44 ( 5632 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.35 ( 16194 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v166-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.45 ( 1792 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.36 ( 19578 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\66\66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v66-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.46 ( 2176 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.37 ( 18678 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v167-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.47 ( 2112 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\67-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v67-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v67-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.38 ( 37506 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\67\67-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v67-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v67-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.48 ( 4208 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\68\168-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v168-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v168-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.39 ( 16806 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\68\168-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v168-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v168-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.49 ( 1944 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\68\68-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v68-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v68-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.40 ( 15654 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\68\68-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v68-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v68-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.50 ( 1768 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\69\169-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v169-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.41 ( 18030 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\69\169-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v169-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.51 ( 1976 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\69\69-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v69-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v69-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.42 ( 21414 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\69\69-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v69-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v69-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.52 ( 2416 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\70\170-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v170-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v170-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.43 ( 17184 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\70\170-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v170-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v170-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.53 ( 1872 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\70\70-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v70-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v70-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.44 ( 14700 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\70\70-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v70-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v70-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.54 ( 1624 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\71\171-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v171-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.45 ( 20640 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\71\171-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v171-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.55 ( 2312 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\71\71-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v71-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v71-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.46 ( 14034 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\71\71-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v71-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v71-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.56 ( 1592 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\72\172-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v172-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v172-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.47 ( 20892 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\72\172-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v172-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v172-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.57 ( 2352 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\72\72-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v72-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v72-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.48 ( 46326 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\72\72-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v72-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v72-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.58 ( 5424 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\73\173-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v173-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v173-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.49 ( 16986 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\73\173-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v173-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v173-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.59 ( 1880 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\73\73-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v73-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v73-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.50 ( 15654 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\73\73-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v73-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v73-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.60 ( 1752 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\74\174-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v174-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v174-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.51 ( 16068 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\74\174-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v174-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v174-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.61 ( 1792 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\74\74-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v74-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v74-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.52 ( 18408 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\74\74-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v74-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v74-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.62 ( 2024 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\75\175-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v175-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.53 ( 16176 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\75\175-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v175-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.63 ( 1808 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\75\75-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v75-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v75-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.54 ( 13026 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\75\75-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v75-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v75-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.64 ( 1472 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\76\176-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v176-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v176-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.55 ( 14430 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\76\176-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v176-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v176-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.65 ( 1632 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\76\76-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v76-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v76-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.56 ( 16860 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\76\76-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v76-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v76-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.66 ( 1888 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\77\177-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v177-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v177-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.57 ( 17508 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\77\177-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v177-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v177-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.67 ( 1984 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\77\77-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v77-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v77-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.58 ( 17670 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\77\77-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v77-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v77-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.68 ( 1984 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\78\178-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v178-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v178-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.59 ( 16950 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\78\178-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v178-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v178-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.69 ( 1880 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\78\78-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v78-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v78-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.60 ( 23088 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\78\78-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v78-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v78-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.70 ( 2608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\79\179-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v179-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v179-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.61 ( 19182 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\79\179-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v179-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v179-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.71 ( 2192 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\79\79-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v79-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v79-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.62 ( 34392 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\79\79-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v79-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v79-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.72 ( 4088 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\80\180-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v180-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v180-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.63 ( 16608 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\80\180-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v180-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v180-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.73 ( 1816 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\80\80-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v80-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v80-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.64 ( 17472 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\80\80-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v80-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v80-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.74 ( 1968 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\81\181-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v181-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v181-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.65 ( 16284 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\81\181-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v181-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v181-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.75 ( 1832 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\81\81-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v81-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v81-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.66 ( 13926 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\81\81-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v81-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v81-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.76 ( 1536 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\82\182-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v182-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v182-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1.67 ( 16986 bytes ) 
file zipped: C:\Users\Hermann\AppData\Local\Microsoft\Messenger\HeRmAnN78@hotmail.fr\SharingMetadata\r-el-malino@hotmail.fr\DFSR\Staging\CS{019C7931-58E5-ACF4-CDEB-D8443060DB6C}\82\182-{431DC53A-8FF5-455F-B5E0-16CF37173E3F}-v182-{431DC53

leim78 · Answer

et voila le log de combofix
ComboFix 08-05-01.2 - Hermann 2008-05-02 18:21:33.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6001.1.1252.1.1036.18.1692 [GMT 2:00]
Endroit: C:\Users\Hermann\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Windows\system32\jusched.exe

----- BITS: Possible sites infectés -----

hxxp://ftp.hp.com
.
(((((((((((((((((((((((((((((   Fichiers créés 2008-04-02 to 2008-05-02  ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-02 15:35	---------	d-----w	C:\Users\Hermann\AppData\Roaming\uTorrent
2008-05-02 12:28	98,304	----a-w	C:\Windows\System32\CmdLineExt.dll
2008-05-02 12:19	---------	d-----w	C:\Users\Hermann\AppData\Roaming\LimeWire
2008-05-02 12:11	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-05-02 12:11	---------	d-----w	C:\Program Files\Rockstar Games
2008-05-02 09:16	---------	d-----w	C:\ProgramData\Spyware Terminator
2008-05-02 09:16	---------	d-----w	C:\Program Files\Spyware Terminator
2008-05-02 09:00	---------	d-----w	C:\Users\Hermann\AppData\Roaming\Spyware Terminator
2008-05-02 07:55	---------	d-----w	C:\Program Files\WinClamAVShield
2008-05-02 07:45	---------	d-----w	C:\Program Files\a-squared Anti-Malware
2008-05-02 07:21	---------	d-----w	C:\Users\Hermann\AppData\Roaming\SoftInform
2008-05-02 07:21	---------	d-----w	C:\Program Files\SoftInform
2008-05-01 14:26	---------	d-----w	C:\Users\Hermann\AppData\Roaming\Malwarebytes
2008-05-01 14:26	---------	d-----w	C:\Program Files\Malwarebytes' Anti-Malware
2008-05-01 14:25	---------	d-----w	C:\ProgramData\Malwarebytes
2008-05-01 14:19	---------	d-----w	C:\Program Files\Trend Micro
2008-05-01 11:50	712	----a-w	C:\Users\Hermann\AppData\Roaming\wklnhst.dat
2008-04-29 16:27	---------	d-----w	C:\Users\Hermann\AppData\Roaming\Talkback
2008-04-29 13:23	---------	d-----w	C:\Program Files\SUPERAntiSpyware
2008-04-29 12:57	---------	d-----w	C:\ProgramData\SUPERAntiSpyware.com
2008-04-29 12:56	---------	d-----w	C:\Users\Hermann\AppData\Roaming\SUPERAntiSpyware.com
2008-04-29 12:06	---------	d-----w	C:\Program Files\directx
2008-04-29 11:04	---------	d-----w	C:\Program Files\Warcraft III
2008-04-28 19:13	---------	d-----w	C:\Program Files\Microsoft Works
2008-04-24 16:26	---------	d-----w	C:\Users\Hermann\AppData\Roaming\Apple Computer
2008-04-24 16:25	---------	d-----w	C:\ProgramData\Apple Computer
2008-04-24 16:25	---------	d-----w	C:\Program Files\iTunes
2008-04-24 16:25	---------	d-----w	C:\Program Files\iPod
2008-04-24 16:24	---------	d-----w	C:\Program Files\QuickTime
2008-04-24 16:23	---------	d-----w	C:\Program Files\Apple Software Update
2008-04-24 16:21	---------	d-----w	C:\ProgramData\Apple
2008-04-24 16:21	---------	d-----w	C:\Program Files\Common Files\Apple
2008-04-23 20:07	---------	d-----w	C:\Program Files\free-downloads.net
2008-04-23 20:06	2,560	----a-w	C:\Windows\_MSRSTRT.EXE
2008-04-16 05:55	---------	d-----w	C:\Program Files\Common Files\LogiShrd
2008-04-16 05:52	---------	d-----w	C:\ProgramData\LogiShrd
2008-04-16 05:52	---------	d-----w	C:\Program Files\Logitech
2008-04-11 19:50	138,752	----a-w	C:\Windows\system32\drivers\sp_rsdrv2.sys
2008-04-11 19:42	---------	d-----w	C:\ProgramData\Lavasoft
2008-04-10 17:06	---------	d-----w	C:\Program Files\Common Files\Blizzard Entertainment
2008-04-09 14:45	---------	d-----w	C:\Program Files\Ubisoft
2008-04-09 09:42	---------	d-----w	C:\Program Files\Yahoo!
2008-04-09 09:24	---------	d-----w	C:\Program Files\Windows Mail
2008-04-07 15:28	---------	d-----w	C:\Program Files\EA GAMES
2008-04-06 07:08	---------	d-----w	C:\Program Files\DAEMON Tools Lite
2008-04-06 07:03	717,296	----a-w	C:\Windows\system32\drivers\sptd.sys
2008-04-05 11:34	0	---ha-w	C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-04-05 07:26	---------	d-----w	C:\Program Files\uTorrent
2008-04-04 16:10	174	--sha-w	C:\Program Files\desktop.ini
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Sidebar
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Photo Gallery
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Journal
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Defender
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Collaboration
2008-04-04 16:03	---------	d-----w	C:\Program Files\Windows Calendar
2008-04-04 15:45	82,432	----a-w	C:\Windows\System32\axaltocm.dll
2008-04-04 15:45	101,888	----a-w	C:\Windows\System32\ifxcardm.dll
2008-04-01 20:15	---------	d-----w	C:\Program Files\Messenger Plus! Live
2008-03-31 11:05	319,456	----a-w	C:\Windows\DIFxAPI.dll
2008-03-31 11:05	---------	d-----w	C:\Program Files\Realtek
2008-03-31 10:55	---------	d-----w	C:\Users\Hermann\AppData\Roaming\WinBatch
2008-03-29 17:32	50,768	----a-w	C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-23 09:17	---------	d-----w	C:\Program Files\Common Files\Adobe
2008-03-16 10:26	---------	d-----w	C:\Program Files\Windows Live
2008-03-11 11:27	---------	d-----w	C:\Program Files\VideoLAN
2008-03-09 12:25	---------	d-----w	C:\Users\Hermann\AppData\Roaming\vlc
2008-03-04 10:26	---------	d-----w	C:\Program Files\Common Files\InstallShield
2008-03-03 17:45	2,829	----a-w	C:\Windows\War3Unin.pif
2008-03-03 17:45	139,264	----a-w	C:\Windows\War3Unin.exe
2008-02-29 19:37	21,840	----atw	C:\Windows\System32\SIntfNT.dll
2008-02-29 19:37	17,212	----atw	C:\Windows\System32\SIntf32.dll
2008-02-29 19:37	12,067	----atw	C:\Windows\System32\SIntf16.dll
2008-02-29 07:14	19,000	----a-w	C:\Windows\System32\kd1394.dll
2008-02-29 07:11	988,216	----a-w	C:\Windows\System32\winload.exe
2008-02-29 07:11	927,288	----a-w	C:\Windows\System32\winresume.exe
2008-02-29 06:53	46,592	----a-w	C:\Windows\System32\setbcdlocale.dll
2008-02-29 06:53	40,960	----a-w	C:\Windows\System32\srclient.dll
2008-02-29 06:53	378,368	----a-w	C:\Windows\System32\srcore.dll
2008-02-29 06:35	6,656	----a-w	C:\Windows\System32\kbd106n.dll
2008-02-29 04:21	2,032,128	----a-w	C:\Windows\System32\win32k.sys
2008-02-29 04:12	318,464	----a-w	C:\Windows\System32strui.exe
2008-02-29 04:12	14,848	----a-w	C:\Windows\System32\srdelayed.exe
2008-02-22 05:05	615,992	----a-w	C:\Windows\System32\ci.dll
2008-02-22 05:01	826,880	----a-w	C:\Windows\System32\wininet.dll
2008-02-22 04:57	295,936	----a-w	C:\Windows\System32\gdi32.dll
2008-01-18 20:09	16,384	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-18 20:09	32,768	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-18 20:09	16,384	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((   Point de chargement Reg   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2008-03-24 11:48 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 09:38 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 13:13 71176]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 02:56 54936]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 11:22 517768]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OBealsched.exe" [2008-01-09 12:23 185896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-04-11 21:50 2957824]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-05-02 08:26 1962128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
"GrpConv"="grpconv -o" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2008-03-24 11:48 5724184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 22:40:10 210520]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-13 19:12:18 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E4FCBFAC-19EF-44E5-A036-485CB0BE127D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{27FB6ED0-6CFA-4800-805B-7B8B9904D797}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{134071CE-D8E7-432B-B06F-8CE33EE9B8EE}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{5E4F2BEC-E7C2-4E87-956B-60CFCDE21B07}C:\program files\limewire\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{18ED7BA4-FEF1-4DCB-835B-C982EB7678C4}C:\program files\limewire\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{92B9E409-B6DC-44EB-9579-4BBFB1004E9B}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{40EDABA8-B681-4A4B-92F7-DE3539BB296A}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{DFE5295C-3BCA-4E2E-8F45-854F498AE586}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{6E7E50F5-D6DC-424E-A805-EC922C71E5DC}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{440C66E8-5E04-4239-A21E-F301781C0CDF}C:\program files\windows sidebar\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{5D43A5EB-3BA4-413E-98B2-4AA29B0171E9}C:\program files\windows sidebar\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"{911162BB-27A8-4385-9022-F5BBCD3D7BD7}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{3827976E-8FE6-4A45-A319-47BE1B83589E}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{ADE4CAA0-430A-452C-BBBD-A1332AC66E8E}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{027A7669-15DB-45E5-9E69-345122661B6E}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{11EBCDAC-4D32-4BA3-93B5-6379988F0B20}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"= UDP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger
"UDP Query User{807B5A2F-2761-4A54-8191-03B4203F471F}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe"= TCP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger
"{9C7CAD32-6269-467D-A087-17DC48D54170}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{99609E9D-9528-4B68-9A96-51E681C4C6A2}C:\program files\bitdownload\bitdownload.exe"= UDP:C:\program files\bitdownload\bitdownload.exe:BitDownload
"UDP Query User{E4AB56DC-8DBC-425A-A30F-6D3155E38485}C:\program files\bitdownload\bitdownload.exe"= TCP:C:\program files\bitdownload\bitdownload.exe:BitDownload
"TCP Query User{E4CA437C-12AB-42A0-A9BF-ADFD68F6A5CD}C:\program files\mozilla firefox\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{ED0C63DB-1846-4A57-9509-F5B33DC6EED0}C:\program files\mozilla firefox\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{DDD4114F-3540-4631-B49C-5FF2CDE0242B}C:\program files\mozilla firefox\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{75D799C1-57CF-497D-AF46-4E94C49EAE8D}C:\program files\mozilla firefox\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{0F305B92-0BF1-4664-9A99-7731C1F7BEF0}C:\program files\windows sidebar\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{76BAEAC6-50B2-4D8F-AA3E-C159511524CD}C:\program files\windows sidebar\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{2A739031-2B90-4B7A-980A-F4D27C7FCEBC}C:\program files\warcraft iii\war3.exe"= UDP:C:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{4C614532-9F24-4DE0-B23B-356324074D09}C:\program files\warcraft iii\war3.exe"= TCP:C:\program files\warcraft iii\war3.exe:Warcraft III
"TCP Query User{D07AE4D1-3FC8-411D-A055-C9C29223461E}C:\program files\warcraft iii\war3.exe"= UDP:C:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{89E4115C-2E53-47A0-AE1E-5B471AC62F71}C:\program files\warcraft iii\war3.exe"= TCP:C:\program files\warcraft iii\war3.exe:Warcraft III
"TCP Query User{1D57DB06-6391-413D-9A58-694D57724CFA}C:\program files\screamer radio\screamer.exe"= UDP:C:\program files\screamer radio\screamer.exe:Screamer Radio
"UDP Query User{B0AEDEE1-2D70-48D7-8AEB-5F144B858416}C:\program files\screamer radio\screamer.exe"= TCP:C:\program files\screamer radio\screamer.exe:Screamer Radio
"TCP Query User{17D8812F-2851-4E6A-B77F-AC63F72397B0}C:\users\hermann\wow-2.0.0-frfr-installer-downloader.exe"= Disabled:UDP:C:\users\hermann\wow-2.0.0-frfr-installer-downloader.exe:wow-2.0.0-frfr-installer-downloader.exe
"UDP Query User{CDAC9B03-9B6B-4B5E-B0E5-19790477FF29}C:\users\hermann\wow-2.0.0-frfr-installer-downloader.exe"= Disabled:TCP:C:\users\hermann\wow-2.0.0-frfr-installer-downloader.exe:wow-2.0.0-frfr-installer-downloader.exe
"TCP Query User{527506DE-F120-4D61-9430-BA3478A7AB7C}C:\program files\utorrent\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{6ACFDFC2-C8A0-434C-9A97-B98A079CD5C9}C:\program files\utorrent\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{D814659E-A13F-4358-9DCD-B9282F271A57}C:\users\hermann\desktop\utorrent.exe"= UDP:C:\users\hermann\desktop\utorrent.exe:utorrent.exe
"UDP Query User{9A5FDE96-3822-43D1-AB6E-1BE755E31915}C:\users\hermann\desktop\utorrent.exe"= TCP:C:\users\hermann\desktop\utorrent.exe:utorrent.exe
"TCP Query User{5B4D5CF4-328A-42A7-9627-78A60F3D5942}C:\users\hermann\program files\utorrent\utorrent.exe"= UDP:C:\users\hermann\program files\utorrent\utorrent.exe:utorrent.exe
"UDP Query User{931E2520-DB3F-4E66-91D0-CF9DA3291817}C:\users\hermann\program files\utorrent\utorrent.exe"= TCP:C:\users\hermann\program files\utorrent\utorrent.exe:utorrent.exe
"TCP Query User{B4B54935-FC39-40E4-BF51-DC06B13BA4A3}C:\users\hermann\program files\utorrent\utorrent.exe"= UDP:C:\users\hermann\program files\utorrent\utorrent.exe:utorrent.exe
"UDP Query User{F3644E2F-4588-455E-A77C-781C0713D947}C:\users\hermann\program files\utorrent\utorrent.exe"= TCP:C:\users\hermann\program files\utorrent\utorrent.exe:utorrent.exe
"TCP Query User{22487B17-FB20-4A26-8435-03B100C7D2E4}C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{2A9ACB70-1338-41EC-B567-99C79B05501E}C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{010E3F87-C804-4965-B78D-2DAD78578C1C}C:\users\hermann\desktop\torrent\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe"= UDP:C:\users\hermann\desktop	orrent\worms 4 mayhem\crackld-w4m\worms 4 mayhem.exe:worms 4 mayhem.exe
"UDP Query User{6CC0445A-2B28-4B83-9CEE-8AFBC47E5EF3}C:\users\hermann\desktop\torrent\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe"= TCP:C:\users\hermann\desktop	orrent\worms 4 mayhem\crackld-w4m\worms 4 mayhem.exe:worms 4 mayhem.exe
"{EEE4C71F-60B9-4427-9627-5DAF42239118}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{CA0AC3A5-5555-47D8-BF4B-F83A828F1D1F}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{63E03C36-5125-4B73-BC7F-BFB2B4D9174C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

S1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\Windows\system32\drivers\sp_rsdrv2.sys [2008-04-11 21:50]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-08-14 00:07]
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2008-02-19 10:13]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\Windows\system32\DRIVERS\WlanBZXP.sys [2006-03-21 17:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc

*Newly Created Service* - ECACHE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-01 16:29:04 C:\Windows\Tasks\User_Feed_Synchronization-{7AEDADEC-69AE-44A0-8785-6A3A89907BEA}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 18:24:19
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-02 18:24:56
ComboFix-quarantined-files.txt  2008-05-02 16:24:46

      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
      Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.

241	--- E O F ---	2008-05-02 03:05:08

blablate · Answer

je crois que combofix l'a eu, reposte un raport hijackthis tout neuf stp...

leim78 · Answer

voila 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:47, on 02/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3350D6-BC02-41AA-BC84-E870DD39E6F2}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

blablate · Answer

Tu peus cocher et fixer cette ligne, elle est inutile
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

télacharge aussi sdfix et suis en ce tuto pour son l'utilisation
https://www.malekal.com/slenfbot-still-an-other-irc-bot/

Ensuite une fois que tu as fais ca tu refais un raport HIjackthi ...

leim78 · Answer

voila
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07:06, on 02/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3350D6-BC02-41AA-BC84-E870DD39E6F2}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

blablate · Answer

slaut

bon ca m'as pas l'air pas mal ca mais je pas sure a 100% que c'est completement propre
tu as toujours des problemes avec ton ordi ou c'est terminé?
éxplique comment c'est maintenant...

leim78 · Answer

c est bon sa fonctionne normalement le problème est résolu merci a toi blablate je ne sait pas se que j aurais fait sans toi merci encore

blablate · Answer

a bien tant mieux mais attend c'est pas fini..

1 ) il faudrait que tu recréer un point de restauration tout neuf pour pas que ça réapparaisse 
dans menu démarrer/ordinateur/propriété system/parametres systeme avancés/protection du systèm
a point de restauration tu décoches tes disques, puis appliquer/ok et tu redémarre,
une fois redémarré tu rechoche pour réactiver la restauration de ton système 

2) télécharge tools cleaner , ça va enlever les traces des logiciels de désinfection, si tu n'es pas sure de se que ca affiche avant d'éffacer poste le raport 
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

3) installe ccleaner et fait un nettoyage et une réparation avec, n'hesite pas non plus a l'utiliser tout les soir avant d'éteindre
https://www.ccleaner.com/

3) installe un vrai parefeu aussi..
http://www.commentcamarche.net/telecharger/logiciel 38 firewall

4:) tu peus cocher et fixer ces lignes dans hijackthis

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) 



O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe 

et n'utilise pas trop internet explorer si tu veus être tranquille, il vaut mieux utiliser firefox...

leim78 · Answer

c est bon j ai fait tout ce que tu a dit et maintenant c est terminer ? 
il y aurai pas un patch pour mettre le pare feu comodo en français

galaxie245 · Answer

slt tout a fait normal la memoire est utiliser pour le cache disque quand une applic demande le cache est reduit voila

leim78 · Answer

elle est de 48 % maintenant comme avant encore merci

Zaf · Answer

J'ai trouvé un petit programme permettant entre autre de récupérer de la mémoire cache
ça s'appelle Cacheman, par contre je n'ai pas de lien pour le partager :( Bon courage

Mémoire vive utilisée à fond sous vista

42 réponses

Votre réponse

Discussions similaires

Newsletters