mon odri est de plus en plus lent!!!
Dernière réponse : dans Sécurité
bonjour a tous!
voila j'ai un probleme que je n'arrive pas a resoudre...
mon ordinateur est de plus en plus lent depuis quelque temps...je ne cache pas que je telecharge beaucoup par les forum et j'installe peut etre bocoup trop de logiciel inutile qui peuvent le ralentir... j'ai plus d'1Go de ram...je m'y connait pas tres bien en maintenance informatique... je ne veux pas formater mon disc dur j'ai deja fait plusieurs analyse antivirus cookies trojan etc.. j'ai fragmenter plusieur fois mes disc... dites moi quoi faire svp merci d'avance
voila j'ai un probleme que je n'arrive pas a resoudre...
mon ordinateur est de plus en plus lent depuis quelque temps...je ne cache pas que je telecharge beaucoup par les forum et j'installe peut etre bocoup trop de logiciel inutile qui peuvent le ralentir... j'ai plus d'1Go de ram...je m'y connait pas tres bien en maintenance informatique... je ne veux pas formater mon disc dur j'ai deja fait plusieurs analyse antivirus cookies trojan etc.. j'ai fragmenter plusieur fois mes disc... dites moi quoi faire svp merci d'avance
Autres pages sur : odri lent
Lassé par la pub ? Créez un compte
Bonjour,
Pas forcément une infection.
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Pas forcément une infection.
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
voici mon le rapport de Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58 Frost, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\windows\system32\vzjrdiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\Program Files\Sonic RecordNow!\RecordNow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [vzjrdiz] c:\windows\system32\vzjrdiz.exe vzjrdiz
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10912 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58 Frost, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\windows\system32\vzjrdiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\Program Files\Sonic RecordNow!\RecordNow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [vzjrdiz] c:\windows\system32\vzjrdiz.exe vzjrdiz
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10912 bytes
Re,
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
Re,
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Search Navipromo version 3.3.6 commencé le 19/11/2007 à 20:43:14,88
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\HP_Administrateur\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
Fichiers trouvés :
vzjrdiz.exe trouvé !
vzjrdiz.dat trouvé !
vzjrdiz_nav.dat trouvé !
vzjrdiz_navps.dat trouvé !
Fichiers suspects :
* Recherche dans C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
C:\WINDOWS\system32\vzjrdiz.dat trouvé !
C:\WINDOWS\system32\vzjrdiz_nav.dat trouvé !
3)Recherche Certificats :
Certificat Egroup trouvé !
*** Analyse terminée le 19/11/2007 à 20:44:10,26 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\HP_Administrateur\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
Fichiers trouvés :
vzjrdiz.exe trouvé !
vzjrdiz.dat trouvé !
vzjrdiz_nav.dat trouvé !
vzjrdiz_navps.dat trouvé !
Fichiers suspects :
* Recherche dans C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
C:\WINDOWS\system32\vzjrdiz.dat trouvé !
C:\WINDOWS\system32\vzjrdiz_nav.dat trouvé !
3)Recherche Certificats :
Certificat Egroup trouvé !
*** Analyse terminée le 19/11/2007 à 20:44:10,26 ***
Re,
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Clean Navipromo version 3.3.6 commencé le 19/11/2007 à 21:22:17,93
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Mode suppression automatique
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\WINDOWS\System32 *
vzjrdiz.exe trouvé !
Copie vzjrdiz.exe réalisé avec succès !
vzjrdiz.exe supprimé !
vzjrdiz.dat trouvé !
Copie vzjrdiz.dat réalisé avec succès !
vzjrdiz.dat supprimé !
vzjrdiz_nav.dat trouvé !
Copie vzjrdiz_nav.dat réalisé avec succès !
vzjrdiz_nav.dat supprimé !
vzjrdiz_navps.dat trouvé !
Copie vzjrdiz_navps.dat réalisé avec succès !
vzjrdiz_navps.dat supprimé !
C:\WINDOWS\prefetch\vzjrdiz*.pf trouvé !
Copie C:\WINDOWS\prefetch\vzjrdiz*.pf réalisé avec succès !
C:\WINDOWS\prefetch\vzjrdiz*.pf supprimé !
* Suppression dans C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1 *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\HP_Administrateur\Application Data ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Administrateur\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche, création sauvegardes et suppression Heuristique :
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisé avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
*** Fichiers suspects non supprimés par Navilog1 ***
!! Fichiers légitimes possibles, à contrôler avant suppression !!
*** Nettoyage terminé le 19/11/2007 à 21:28:45,75 ***
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Mode suppression automatique
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\WINDOWS\System32 *
vzjrdiz.exe trouvé !
Copie vzjrdiz.exe réalisé avec succès !
vzjrdiz.exe supprimé !
vzjrdiz.dat trouvé !
Copie vzjrdiz.dat réalisé avec succès !
vzjrdiz.dat supprimé !
vzjrdiz_nav.dat trouvé !
Copie vzjrdiz_nav.dat réalisé avec succès !
vzjrdiz_nav.dat supprimé !
vzjrdiz_navps.dat trouvé !
Copie vzjrdiz_navps.dat réalisé avec succès !
vzjrdiz_navps.dat supprimé !
C:\WINDOWS\prefetch\vzjrdiz*.pf trouvé !
Copie C:\WINDOWS\prefetch\vzjrdiz*.pf réalisé avec succès !
C:\WINDOWS\prefetch\vzjrdiz*.pf supprimé !
* Suppression dans C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1 *
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\HP_Administrateur\Application Data ***
*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Administrateur\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche, création sauvegardes et suppression Heuristique :
*** Sauvegarde du Registre vers dossier Backupnavi ***
sauvegarde du Registre réalisé avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
*** Fichiers suspects non supprimés par Navilog1 ***
!! Fichiers légitimes possibles, à contrôler avant suppression !!
*** Nettoyage terminé le 19/11/2007 à 21:28:45,75 ***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58 Frost, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\windows\system32\vzjrdiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\Program Files\Sonic RecordNow!\RecordNow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [vzjrdiz] c:\windows\system32\vzjrdiz.exe vzjrdiz
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZJfox000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr [...] NPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10912 bytes
Scan saved at 18:58 Frost, on 19/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\windows\system32\vzjrdiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\service.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\Program Files\Sonic RecordNow!\RecordNow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [vzjrdiz] c:\windows\system32\vzjrdiz.exe vzjrdiz
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZJfox000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr [...] NPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10912 bytes
Re,
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
SDFix: Version 1.115
Run by HP_Administrateur on 20/11/2007 at 18:47 Frost
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\HP_ADM~1\Bureau\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\iexpress.exe.tmp - Deleted
C:\WINDOWS\service.exe - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-20 19:12:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:3b,ff,67,4b,68,2f,56,99,98,5a,2e,a3,0a,e1,60,8c,12,a2,02,32,f0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:3b,ff,67,4b,68,2f,56,99,98,5a,2e,a3,0a,e1,60,8c,12,a2,02,32,f0,..
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\Temp\cch~5dd3142e7d.htp 8192 bytes
C:\WINDOWS\Temp\cch~5dd33d98ff.htp 8192 bytes
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\leptiflo3930@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{D01D790F-ED58-9DDC-6C21-8C9D2F49214B}\01\10-{D01D790F-ED58-9DDC-6C21-8C9D2F49214B}-v1-{ECBD1415-1E35-4ADF-840C-BF2290760514}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\leptiflo3930@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{D01D790F-ED58-9DDC-6C21-8C9D2F49214B}\15\18-{853314D1-94E4-49AE-8AA6-4690E9FD9CC6}-v15-{853314D1-94E4-49AE-8AA6-4690E9FD9CC6}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3536 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\leptiflo3930@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{D01D790F-ED58-9DDC-6C21-8C9D2F49214B}\16\19-{853314D1-94E4-49AE-8AA6-4690E9FD9CC6}-v16-{853314D1-94E4-49AE-8AA6-4690E9FD9CC6}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 256 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\cesar_83@hotmail.fr\DFSR\Staging\CS{6CFF6338-006D-39BC-E1D1-F3E88140CA58}\01\23-{6CFF6338-006D-39BC-E1D1-F3E88140CA58}-v1-{D10E7EB3-0875-4322-B3CB-330A26363434}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\darkange_311@hotmail.com\DFSR\Staging\CS{0AA56F4B-A4B0-F170-48A2-6325264DFACF}\01\19-{0AA56F4B-A4B0-F170-48A2-6325264DFACF}-v1-{D10E7EB3-0875-4322-B3CB-330A26363434}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\darkange_311@hotmail.com\DFSR\Staging\CS{0AA56F4B-A4B0-F170-48A2-6325264DFACF}\20\20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 59988 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\darkange_311@hotmail.com\DFSR\Staging\CS{0AA56F4B-A4B0-F170-48A2-6325264DFACF}\20\20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4242 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\darkange_311@hotmail.com\DFSR\Staging\CS{0AA56F4B-A4B0-F170-48A2-6325264DFACF}\20\20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-{D10E7EB3-0875-4322-B3CB-330A26363434}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6720 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\jessie-james83@hotmail.fr\DFSR\Staging\CS{4282BE12-7B4A-2877-6162-9FC1013FCA7E}\01\12-{4282BE12-7B4A-2877-6162-9FC1013FCA7E}-v1-{D10E7EB3-0875-4322-B3CB-330A26363434}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{9432628E-2669-D53C-F25F-07C85656C438}\01\15-{9432628E-2669-D53C-F25F-07C85656C438}-v1-{D10E7EB3-0875-4322-B3CB-330A26363434}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{9432628E-2669-D53C-F25F-07C85656C438}\16\18-{D10E7EB3-0875-4322-B3CB-330A26363434}-v16-{D10E7EB3-0875-4322-B3CB-330A26363434}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{9432628E-2669-D53C-F25F-07C85656C438}\17\17-{D10E7EB3-0875-4322-B3CB-330A26363434}-v17-{D10E7EB3-0875-4322-B3CB-330A26363434}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9498 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{9432628E-2669-D53C-F25F-07C85656C438}\17\17-{D10E7EB3-0875-4322-B3CB-330A26363434}-v17-{D10E7EB3-0875-4322-B3CB-330A26363434}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1080 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\frostwarrior@hotmail.fr\SharingMetadata\perso1002@hotmail.fr\DFSR\Staging\CS{1D6DF9BB-A1E0-2705-929F-DFBEA02FD1F0}\01\22-{1D6DF9BB-A1E0-2705-929F-DFBEA02FD1F0}-v1-{D10E7EB3-0875-4322-B3CB-330A26363434}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\le-reveur-du-83@hotmail.fr\SharingMetadata\tin0_zor@hotmail.fr\DFSR\Staging\CS{2E9E63F2-E010-A42B-57DC-CC25857BF6C9}\01\10-{2E9E63F2-E010-A42B-57DC-CC25857BF6C9}-v1-{AE08284B-54F8-4A3D-8E55-92CB0F825F04}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\le-reveur-du-83@hotmail.fr\SharingMetadata\tin0_zor@hotmail.fr\DFSR\Staging\CS{2E9E63F2-E010-A42B-57DC-CC25857BF6C9}\53\13-{C117E8CA-B747-4D5E-B04E-55C5D3B3E9BD}-v953-{3C4CFA41-E9C4-4415-82CA-1857DAB7E151}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3520 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\darkange_311@hotmail.com\DFSR\Staging\CS{ADBB5286-A385-90CA-3012-8803A881B4E7}\01\432-{ADBB5286-A385-90CA-3012-8803A881B4E7}-v1-{DF5CEA33-602F-43EE-8876-D8D1C0383BA5}-v432-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\destroydu77@msn.com\DFSR\Staging\CS{7F178487-9D6F-34EC-E205-68DB7B56E304}\01\434-{7F178487-9D6F-34EC-E205-68DB7B56E304}-v1-{DF5CEA33-602F-43EE-8876-D8D1C0383BA5}-v434-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\destroydu77@msn.com\DFSR\Staging\CS{7F178487-9D6F-34EC-E205-68DB7B56E304}\35\435-{DF5CEA33-602F-43EE-8876-D8D1C0383BA5}-v435-{DF5CEA33-602F-43EE-8876-D8D1C0383BA5}-v435-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\35\1531-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1435-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1531-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1000 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\35\1640-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1535-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1640-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1056 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\35\1709-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1235-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1709-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9408 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\35\1709-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1235-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1709-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1056 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\59\1410-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1359-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1410-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1064 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\59\1572-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1459-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1572-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1384 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\59\1732-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1259-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1732-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11478 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\59\1732-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1259-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1732-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1248 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\00\1470-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1400-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1470-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\00\1691-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1600-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1691-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1360 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\01\120-{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}-v1-{DF5CEA33-602F-43EE-8876-D8D1C0383BA5}-v120-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\01\1471-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1401-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1471-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1376 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\02\1472-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1402-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1472-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1096 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\03\1473-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1403-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1473-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1264 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\03\1692-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1603-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1692-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1088 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\03\1698-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1203-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1698-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9714 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\03\1698-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1203-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1698-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1096 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\04\1474-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1404-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1474-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\04\1699-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1204-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1699-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11658 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\04\1699-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1204-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1699-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\05\1700-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1205-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1700-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9012 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\05\1700-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1205-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1700-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 984 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\06\1701-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1206-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1701-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 7518 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\06\1701-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1206-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1701-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 856 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\07\1702-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1207-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1702-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9138 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\07\1702-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1207-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1702-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1016 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\08\1619-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1508-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1619-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1032 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\08\1697-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1208-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1697-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10236 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\08\1697-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1208-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1697-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1120 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\09\1620-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1509-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1620-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 896 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\09\1703-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1209-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1703-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11244 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\09\1703-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1209-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1703-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1232 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\10\1621-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1510-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1621-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\10\1696-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1210-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1696-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11460 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\10\1696-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1210-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1696-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\11\1475-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1411-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1475-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1304 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\11\1622-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1511-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1622-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 880 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\12\1476-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1412-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1476-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\12\1623-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1512-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1623-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1176 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\13\1492-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1413-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1492-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1344 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\13\1624-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1513-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1624-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1216 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\14\1493-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1414-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1493-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1176 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\14\1625-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1514-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1625-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1168 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\15\1494-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1415-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1494-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1640 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\15\1626-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1515-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1626-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1256 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\16\1495-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1416-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1495-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1144 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\16\1628-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1516-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1628-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 776 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\17\1496-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1417-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1496-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1112 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\17\1629-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1517-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1629-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1168 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\18\1390-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1318-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1390-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1096 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\18\1497-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1418-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1497-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1120 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\18\1694-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1518-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1694-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1360 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1299-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1219-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1299-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 666660 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1299-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1219-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1299-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 46812 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1299-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1219-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1299-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 74072 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1391-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1319-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1391-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1008 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1627-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1419-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1627-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1232 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\19\1695-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1519-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1695-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1312 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\20\1300-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1220-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1300-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 2152 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\20\1395-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1320-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1395-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\20\1499-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1420-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1499-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 952 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\20\1632-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1520-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1632-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1304 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\21\1301-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1221-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1301-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 11040 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\21\1396-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1321-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1396-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1184 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\21\1500-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1421-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1500-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 976 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\21\1633-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1521-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1633-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1248 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\22\1501-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1422-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1501-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 904 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\22\1634-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1522-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1634-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\23\1302-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1223-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1302-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3192 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\23\1502-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1423-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1502-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 8004 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\23\1502-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1423-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1502-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 928 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\23\1635-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1523-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1635-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1128 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\24\1636-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1524-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1636-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1008 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\25\1437-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1225-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1437-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3280 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\25\1637-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1525-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1637-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1176 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\26\1304-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1226-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1304-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1328 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\26\1503-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1426-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1503-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1120 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\26\1638-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1526-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1638-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1200 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\27\1305-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1227-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1305-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1288 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\27\1504-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1427-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1504-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 944 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\28\1306-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1228-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1306-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1272 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\28\1505-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1428-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1505-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1456 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\29\1307-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1229-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1307-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1176 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\29\1506-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1429-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1506-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1024 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\30\1507-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1430-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1507-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9102 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\30\1507-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1430-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1507-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1000 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\30\1704-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1230-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1704-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 8490 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\30\1704-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1230-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1704-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 952 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\31\1527-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1431-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1527-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\31\1705-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1231-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1705-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 7644 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\31\1705-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1231-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1705-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 856 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\32\1528-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1432-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1528-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1224 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\32\1706-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1232-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1706-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9156 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\32\1706-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1232-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1706-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1008 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\33\1529-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1433-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1529-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 944 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\33\1707-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1233-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1707-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10740 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\33\1707-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1233-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1707-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1192 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\34\1530-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1434-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1530-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1264 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\34\1639-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1534-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1639-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1224 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\34\1708-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1234-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1708-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 8130 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\34\1708-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1234-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1708-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 904 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\36\1532-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1436-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1532-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1112 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\36\1641-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1536-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1641-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 840 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\36\1710-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1236-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1710-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9444 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\36\1710-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1236-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1710-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1056 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\37\1654-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1537-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1654-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1296 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\37\1711-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1237-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1711-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 14052 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\37\1711-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1237-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1711-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1544 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\38\1655-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1538-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1655-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1112 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\38\1712-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1238-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1712-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10704 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\38\1712-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1238-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1712-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1144 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\39\1656-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1539-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1656-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1072 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\39\1713-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1239-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1713-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10830 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\39\1713-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1239-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1713-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1184 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\40\1657-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1540-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1657-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1144 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\40\1714-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1240-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1714-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10308 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\40\1714-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1240-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1714-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\41\1405-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1341-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1405-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1280 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\41\1533-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1441-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1533-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1400 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\41\1658-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1541-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1658-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1168 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\41\1715-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1241-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1715-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9570 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\41\1715-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1241-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1715-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1096 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1406-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1342-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1406-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10776 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1406-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1342-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1406-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1208 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1554-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1442-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1554-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1136 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1659-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1542-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1659-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1216 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1716-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1242-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1716-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10866 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\42\1716-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1242-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1716-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1240 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\43\1407-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1343-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1407-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1520 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\43\1555-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1443-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1555-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1392 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\43\1660-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1543-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1660-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1184 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\43\1717-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1243-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1717-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 10416 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\43\1717-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1243-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1717-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1152 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\44\1408-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1344-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1408-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 880 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\44\1556-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1444-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1556-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1008 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\44\1661-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1544-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1661-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1296 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\44\1718-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1244-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1718-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9552 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\44\1718-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1244-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1718-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1024 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\45\1557-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1445-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1557-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1304 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\45\1662-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1545-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1662-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1336 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\45\1719-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1245-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1719-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 11766 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\metalive@hotmail.fr\SharingMetadata\jessie-james@hotmail.fr\DFSR\Staging\CS{5635BA70-FF2D-BC0F-6C47-F35B1155F1CD}\45\1719-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1245-{4C09A56B-0E6B-4801-A5DD-9972CFD064E1}-v1719-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1320 bytes hidden from API
C:\Documents and Settings\HP_Administrateur\Local Settings\Application
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24 Frost, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10596 bytes
Scan saved at 19:24 Frost, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10596 bytes
Re,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
20/11/2007 a 21:22:58,49
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\smdat32m.sys FOUND
C:\WINDOWS\UnGins.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WhenU\" FOUND
"C:\Program Files\Need2Find\" FOUND
"C:\Program Files\Save\" FOUND
*** Fin du rapport !
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\smdat32m.sys FOUND
C:\WINDOWS\UnGins.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WhenU\" FOUND
"C:\Program Files\Need2Find\" FOUND
"C:\Program Files\Save\" FOUND
*** Fin du rapport !
Re,
On supprime![:)]( ":)")
Redémarre en mode sans échec
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport clean : C:\rapport_clean.txt
On supprime
Redémarre en mode sans échec
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport clean : C:\rapport_clean.txt
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 20/11/2007 a 23:21:14,76
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\smdat32m.sys
tentative de suppression de C:\WINDOWS\UnGins.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\WhenU\"
tentative de suppression de "C:\Program Files\Need2Find\"
tentative de suppression de "C:\Program Files\Save\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 20/11/2007 a 23:21:14,76
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\smdat32m.sys
tentative de suppression de C:\WINDOWS\UnGins.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Fichiers communs\WhenU\"
tentative de suppression de "C:\Program Files\Need2Find\"
tentative de suppression de "C:\Program Files\Save\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:46 Frost, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10170 bytes
Scan saved at 17:46 Frost, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jh...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10170 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe" O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZJfox000
O4 - HKLM\..\Run: [InstaFinderK] C:\Program Files\INSTAFINK\InstaFinderK_inst.exe
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe" O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKCU\..\Run: [Comp Clock] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1\NounBows.exe
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] p=ZJfox000
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1
C:\Program Files\Spyware-Secure
C:\Program Files\Spyware-Secure
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
C:\DOCUME~1\HP_ADM~1\APPLIC~1\CAMPSE~1 moved successfully.
Folder move failed. C:\Program Files\Spyware-Secure\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Spyware-Secure\resources\malwaresDB_1-10 scheduled to be moved on reboot.
C:\Program Files\Spyware-Secure\resources moved successfully.
Folder move failed. C:\Program Files\Spyware-Secure\nbmw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Spyware-Secure\language scheduled to be moved on reboot.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR moved successfully.
C:\Program Files\Spyware-Secure\help moved successfully.
C:\Program Files\Spyware-Secure moved successfully.
Created on 11/21/2007 18:08:55
Folder move failed. C:\Program Files\Spyware-Secure\skin scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Spyware-Secure\resources\malwaresDB_1-10 scheduled to be moved on reboot.
C:\Program Files\Spyware-Secure\resources moved successfully.
Folder move failed. C:\Program Files\Spyware-Secure\nbmw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Spyware-Secure\language scheduled to be moved on reboot.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR\images moved successfully.
C:\Program Files\Spyware-Secure\help\help_Trial_FR moved successfully.
C:\Program Files\Spyware-Secure\help moved successfully.
C:\Program Files\Spyware-Secure moved successfully.
Created on 11/21/2007 18:08:55
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:27 Frost, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 9569 bytes
Scan saved at 19:27 Frost, on 21/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/go/mypcchoice
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\Ghost Navigator2_8_1\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll,wbsys.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 9569 bytes
Il ram moins je doit avouer mais apres le probleme c'est sur mon disque dur et aussi pendant les telechargement de fichier sur internet (mozilla firefox)
pour mon disque dur le probleme est le suivant : quand j'ouvre un dossier (qui en general contient diverse video) ma souris commence a bloquer elle marche au ralenti avec quelque bloquage et ceci pendant plusieur seconde... j'ai fait plusieurs défragmentation de ce disque dur et il n'est pas rempli il lui reste 60%d'espace... je sait pas quoi faire les fichier qui en sont victime ne sont pas tous rempli de plusieur Go de video(certain ne contienent meme pas 700Mo...)
pour la suite mes telechargement par internet explorer ou mozilla firefox sont bocoup moins rapide qu'avant la je n'ai pas d'explication... mon system me dit bien que mes 1.5Go de Ram sont utiliser...
aide moi s'il te plait je ne sait plus quoi faire...
pour mon disque dur le probleme est le suivant : quand j'ouvre un dossier (qui en general contient diverse video) ma souris commence a bloquer elle marche au ralenti avec quelque bloquage et ceci pendant plusieur seconde... j'ai fait plusieurs défragmentation de ce disque dur et il n'est pas rempli il lui reste 60%d'espace... je sait pas quoi faire les fichier qui en sont victime ne sont pas tous rempli de plusieur Go de video(certain ne contienent meme pas 700Mo...)
pour la suite mes telechargement par internet explorer ou mozilla firefox sont bocoup moins rapide qu'avant la je n'ai pas d'explication... mon system me dit bien que mes 1.5Go de Ram sont utiliser...
aide moi s'il te plait je ne sait plus quoi faire...
Lassé par la pub ? Créez un compte
