[Résolu - Merci a Angeldark]Pub intempestives + Pc lent
Dernière réponse : dans Sécurité
Bonjour a vous,
depuis quelques temps , mon ordinateur es devennu lent, de plus j'ai des fenetres publicitaires qui apparraissent sans que je ne le veuille.
Pourriez vous m'aider a resoudre ce probleme ? je n'ai pas envie de formater l'ordinateur pour resoudre le probleme . Et puis on ma dis que ici on s'occupait bien de ce genre de probleme .
Merci encore.
( je travaille trs souvent sur l'ordinateur . )
depuis quelques temps , mon ordinateur es devennu lent, de plus j'ai des fenetres publicitaires qui apparraissent sans que je ne le veuille.
Pourriez vous m'aider a resoudre ce probleme ? je n'ai pas envie de formater l'ordinateur pour resoudre le probleme . Et puis on ma dis que ici on s'occupait bien de ce genre de probleme .
Merci encore.
( je travaille trs souvent sur l'ordinateur . )
Autres pages sur : resolu merci angeldark pub intempestives lent
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:56, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9056 bytes
Voila, merci pour le temps que tu vas me consacrer .
Scan saved at 18:12:56, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9056 bytes
Voila, merci pour le temps que tu vas me consacrer .
Re,
Télécharge Lop S&D.exe sur ton Bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Voila qui es fait :
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]
[ mar. 15/01/2008 | 19:20:47,56 ] [ ACERAL1715 ]
-------------[ Listing des dossiers dans Application Data ]------------
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
[13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
[30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
[20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
[18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
[01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
[15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
[07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
[10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
[22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
[05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
[13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
[13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
[10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
[28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
[25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
[24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
[20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
[22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
[14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
[01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
[01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
[18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
[15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
[13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
[09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
[29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
[10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
[15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
[23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
[01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
[22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
[22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
[22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[15/01/2008 19:00][--ah-----] C:\WINDOWS\tasks\AA155DE8919ADADC.job
[11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[15/01/2008|19:20] C:\Program Files\Lop SD
[15/01/2008|19:18] C:\Program Files\..
[15/01/2008|19:18] C:\Program Files\.
[15/01/2008|18:25] C:\Program Files\Mozilla Firefox
[13/01/2008|21:39] C:\Program Files\Trend Micro
[13/01/2008|15:04] C:\Program Files\World of Warcraft
[13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
[13/01/2008|14:43] C:\Program Files\Babylon
[13/01/2008|12:10] C:\Program Files\Blue comp media
[13/01/2008|12:10] C:\Program Files\Circle Developement
[13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
[13/01/2008|11:29] C:\Program Files\PandoBar
[13/01/2008|11:29] C:\Program Files\Internet Explorer
[13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
[13/01/2008|11:28] C:\Program Files\id Software
[13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
[31/12/2007|12:07] C:\Program Files\wow fun
[10/12/2007|21:56] C:\Program Files\Pando Networks
[30/11/2007|19:08] C:\Program Files\Adverts
[30/11/2007|18:36] C:\Program Files\Windows Live
[29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
[28/11/2007|23:20] C:\Program Files\VDMSound
[28/11/2007|18:34] C:\Program Files\Sony Ericsson
[28/11/2007|18:21] C:\Program Files\Fichiers communs
[28/11/2007|18:18] C:\Program Files\Visicom Media
[28/11/2007|17:53] C:\Program Files\Windows Media Player
[28/11/2007|17:52] C:\Program Files\LimeWire
[26/11/2007|21:10] C:\Program Files\Ma‹do Production
[26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
[24/11/2007|12:44] C:\Program Files\Mp3tag
[20/11/2007|22:37] C:\Program Files\Ulead Systems
[16/11/2007|18:52] C:\Program Files\GameSpy Arcade
[13/11/2007|18:00] C:\Program Files\solarus
[13/11/2007|18:00] C:\Program Files\Mixxx
[08/11/2007|20:01] C:\Program Files\Java
[05/11/2007|17:49] C:\Program Files\uninstal.log
[04/11/2007|21:19] C:\Program Files\CamStudio
[02/11/2007|19:58] C:\Program Files\AVS4YOU
[02/11/2007|17:02] C:\Program Files\WoW worldofheroes
[24/10/2007|17:29] C:\Program Files\WoW ivalice
[19/10/2007|15:20] C:\Program Files\WowCartographe
[19/10/2007|15:19] C:\Program Files\Rapidown
[18/10/2007|16:18] C:\Program Files\MSXML 4.0
[06/10/2007|12:46] C:\Program Files\Ahead
[06/10/2007|12:33] C:\Program Files\Alcohol Soft
[18/09/2007|18:42] C:\Program Files\epson
[25/08/2007|11:15] C:\Program Files\Paint.NET
[19/08/2007|13:02] C:\Program Files\MSXML 6.0
[13/08/2007|15:53] C:\Program Files\WinISO
[12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
[05/08/2007|22:48] C:\Program Files\Micro Application
[02/08/2007|10:50] C:\Program Files\WinRAR
[01/08/2007|16:13] C:\Program Files\Outlook Express
[01/08/2007|12:19] C:\Program Files\pspvideo9
[01/08/2007|00:51] C:\Program Files\AviSynth 2.5
[29/07/2007|14:02] C:\Program Files\Infogrames
[26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
[18/07/2007|22:28] C:\Program Files\DAEMON Tools
[18/07/2007|21:41] C:\Program Files\ATI Technologies
[18/07/2007|20:35] C:\Program Files\MSI
[15/07/2007|13:05] C:\Program Files\QuickTime
[15/07/2007|13:03] C:\Program Files\Apple Software Update
[10/07/2007|14:58] C:\Program Files\Movie Maker
[09/07/2007|13:17] C:\Program Files\VideoLAN
[08/07/2007|12:10] C:\Program Files\THQ
[01/07/2007|19:37] C:\Program Files\Zone Labs
[29/06/2007|21:45] C:\Program Files\WinPop
[29/06/2007|19:07] C:\Program Files\Grisoft
[27/05/2007|19:05] C:\Program Files\Messenger
[18/04/2007|19:06] C:\Program Files\MSBuild
[18/04/2007|19:02] C:\Program Files\Logitech
[18/04/2007|18:59] C:\Program Files\Reference Assemblies
[15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
[22/03/2007|16:44] C:\Program Files\Alwil Software
[21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
[27/01/2007|11:25] C:\Program Files\philips
[27/01/2007|11:03] C:\Program Files\msn gaming zone
[10/01/2007|21:40] C:\Program Files\Windows NT
[10/01/2007|14:17] C:\Program Files\Adobe
[10/01/2007|14:08] C:\Program Files\D-Link
[10/12/2006|13:32] C:\Program Files\Macromedia
[05/12/2006|17:37] C:\Program Files\Microsoft Works
[05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
[04/12/2006|21:49] C:\Program Files\MSECache
[04/12/2006|19:43] C:\Program Files\Microsoft Office
[04/12/2006|19:38] C:\Program Files\Microsoft.NET
[22/11/2006|15:04] C:\Program Files\VIA
[22/11/2006|13:06] C:\Program Files\support.com
[16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
[23/10/2006|19:56] C:\Program Files\Skype
[21/09/2006|15:32] C:\Program Files\xerox
[21/09/2006|15:32] C:\Program Files\microsoft frontpage
[21/09/2006|15:29] C:\Program Files\WindowsUpdate
[21/09/2006|15:29] C:\Program Files\Services en ligne
[21/09/2006|15:28] C:\Program Files\NetMeeting
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
[28/11/2007|18:21] C:\Program Files\Fichiers communs\..
[28/11/2007|18:21] C:\Program Files\Fichiers communs\.
[26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
[02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
[19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
[05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
[01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
[16/06/2007|10:35] C:\Program Files\Fichiers communs\System
[18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
[16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
[22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
[15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
[10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
[05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
[04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
[22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
[13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
[23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
[21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
[21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
[21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap
----------------------[ Recherche avec S_Lop ]---------------------
C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Program Files\Adverts
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AA155DE8919ADADC.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 19:59:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
/!\ [Fich:611][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 20:01:01,01 ]----------------------
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]
[ mar. 15/01/2008 | 19:20:47,56 ] [ ACERAL1715 ]
-------------[ Listing des dossiers dans Application Data ]------------
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
[13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
[30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
[20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
[18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
[01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
[15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
[07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
[10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
[22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
[05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
[13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
[13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
[10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
[28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
[25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
[24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
[20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
[22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
[14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
[01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
[01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
[18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
[15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
[13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
[09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
[29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
[10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
[15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
[23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
[01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
[22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
[22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
[22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[15/01/2008 19:00][--ah-----] C:\WINDOWS\tasks\AA155DE8919ADADC.job
[11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[15/01/2008|19:20] C:\Program Files\Lop SD
[15/01/2008|19:18] C:\Program Files\..
[15/01/2008|19:18] C:\Program Files\.
[15/01/2008|18:25] C:\Program Files\Mozilla Firefox
[13/01/2008|21:39] C:\Program Files\Trend Micro
[13/01/2008|15:04] C:\Program Files\World of Warcraft
[13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
[13/01/2008|14:43] C:\Program Files\Babylon
[13/01/2008|12:10] C:\Program Files\Blue comp media
[13/01/2008|12:10] C:\Program Files\Circle Developement
[13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
[13/01/2008|11:29] C:\Program Files\PandoBar
[13/01/2008|11:29] C:\Program Files\Internet Explorer
[13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
[13/01/2008|11:28] C:\Program Files\id Software
[13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
[31/12/2007|12:07] C:\Program Files\wow fun
[10/12/2007|21:56] C:\Program Files\Pando Networks
[30/11/2007|19:08] C:\Program Files\Adverts
[30/11/2007|18:36] C:\Program Files\Windows Live
[29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
[28/11/2007|23:20] C:\Program Files\VDMSound
[28/11/2007|18:34] C:\Program Files\Sony Ericsson
[28/11/2007|18:21] C:\Program Files\Fichiers communs
[28/11/2007|18:18] C:\Program Files\Visicom Media
[28/11/2007|17:53] C:\Program Files\Windows Media Player
[28/11/2007|17:52] C:\Program Files\LimeWire
[26/11/2007|21:10] C:\Program Files\Ma‹do Production
[26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
[24/11/2007|12:44] C:\Program Files\Mp3tag
[20/11/2007|22:37] C:\Program Files\Ulead Systems
[16/11/2007|18:52] C:\Program Files\GameSpy Arcade
[13/11/2007|18:00] C:\Program Files\solarus
[13/11/2007|18:00] C:\Program Files\Mixxx
[08/11/2007|20:01] C:\Program Files\Java
[05/11/2007|17:49] C:\Program Files\uninstal.log
[04/11/2007|21:19] C:\Program Files\CamStudio
[02/11/2007|19:58] C:\Program Files\AVS4YOU
[02/11/2007|17:02] C:\Program Files\WoW worldofheroes
[24/10/2007|17:29] C:\Program Files\WoW ivalice
[19/10/2007|15:20] C:\Program Files\WowCartographe
[19/10/2007|15:19] C:\Program Files\Rapidown
[18/10/2007|16:18] C:\Program Files\MSXML 4.0
[06/10/2007|12:46] C:\Program Files\Ahead
[06/10/2007|12:33] C:\Program Files\Alcohol Soft
[18/09/2007|18:42] C:\Program Files\epson
[25/08/2007|11:15] C:\Program Files\Paint.NET
[19/08/2007|13:02] C:\Program Files\MSXML 6.0
[13/08/2007|15:53] C:\Program Files\WinISO
[12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
[05/08/2007|22:48] C:\Program Files\Micro Application
[02/08/2007|10:50] C:\Program Files\WinRAR
[01/08/2007|16:13] C:\Program Files\Outlook Express
[01/08/2007|12:19] C:\Program Files\pspvideo9
[01/08/2007|00:51] C:\Program Files\AviSynth 2.5
[29/07/2007|14:02] C:\Program Files\Infogrames
[26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
[18/07/2007|22:28] C:\Program Files\DAEMON Tools
[18/07/2007|21:41] C:\Program Files\ATI Technologies
[18/07/2007|20:35] C:\Program Files\MSI
[15/07/2007|13:05] C:\Program Files\QuickTime
[15/07/2007|13:03] C:\Program Files\Apple Software Update
[10/07/2007|14:58] C:\Program Files\Movie Maker
[09/07/2007|13:17] C:\Program Files\VideoLAN
[08/07/2007|12:10] C:\Program Files\THQ
[01/07/2007|19:37] C:\Program Files\Zone Labs
[29/06/2007|21:45] C:\Program Files\WinPop
[29/06/2007|19:07] C:\Program Files\Grisoft
[27/05/2007|19:05] C:\Program Files\Messenger
[18/04/2007|19:06] C:\Program Files\MSBuild
[18/04/2007|19:02] C:\Program Files\Logitech
[18/04/2007|18:59] C:\Program Files\Reference Assemblies
[15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
[22/03/2007|16:44] C:\Program Files\Alwil Software
[21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
[27/01/2007|11:25] C:\Program Files\philips
[27/01/2007|11:03] C:\Program Files\msn gaming zone
[10/01/2007|21:40] C:\Program Files\Windows NT
[10/01/2007|14:17] C:\Program Files\Adobe
[10/01/2007|14:08] C:\Program Files\D-Link
[10/12/2006|13:32] C:\Program Files\Macromedia
[05/12/2006|17:37] C:\Program Files\Microsoft Works
[05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
[04/12/2006|21:49] C:\Program Files\MSECache
[04/12/2006|19:43] C:\Program Files\Microsoft Office
[04/12/2006|19:38] C:\Program Files\Microsoft.NET
[22/11/2006|15:04] C:\Program Files\VIA
[22/11/2006|13:06] C:\Program Files\support.com
[16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
[23/10/2006|19:56] C:\Program Files\Skype
[21/09/2006|15:32] C:\Program Files\xerox
[21/09/2006|15:32] C:\Program Files\microsoft frontpage
[21/09/2006|15:29] C:\Program Files\WindowsUpdate
[21/09/2006|15:29] C:\Program Files\Services en ligne
[21/09/2006|15:28] C:\Program Files\NetMeeting
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
[28/11/2007|18:21] C:\Program Files\Fichiers communs\..
[28/11/2007|18:21] C:\Program Files\Fichiers communs\.
[26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
[02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
[19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
[05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
[01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
[16/06/2007|10:35] C:\Program Files\Fichiers communs\System
[18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
[16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
[22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
[15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
[10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
[05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
[04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
[22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
[13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
[23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
[21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
[21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
[21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap
----------------------[ Recherche avec S_Lop ]---------------------
C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\Program Files\Adverts
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AA155DE8919ADADC.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 19:59:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
/!\ [Fich:611][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 20:01:01,01 ]----------------------
Ok, encore merci de m'aider si rapidement .
Voici le nouveau rapport :
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]
[ mar. 15/01/2008 | 20:49:39,53 ] [ ACERAL1715 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AA155DE8919ADADC.job
Supprimé! - C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe
Supprimé! - C:\Program Files\Adverts
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
[13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
[30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
[20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
[18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
[01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
[15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
[07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
[10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
[22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
[05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
[13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
[13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
[10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
[28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
[25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
[24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
[20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
[22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
[14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
[01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
[01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
[18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
[15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
[13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
[09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
[29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
[10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
[15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
[23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
[01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
[22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
[22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
[22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[15/01/2008|20:51] C:\Program Files\Lop SD
[15/01/2008|20:51] C:\Program Files\..
[15/01/2008|20:51] C:\Program Files\.
[15/01/2008|18:25] C:\Program Files\Mozilla Firefox
[13/01/2008|21:39] C:\Program Files\Trend Micro
[13/01/2008|15:04] C:\Program Files\World of Warcraft
[13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
[13/01/2008|14:43] C:\Program Files\Babylon
[13/01/2008|12:10] C:\Program Files\Blue comp media
[13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
[13/01/2008|11:29] C:\Program Files\PandoBar
[13/01/2008|11:29] C:\Program Files\Internet Explorer
[13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
[13/01/2008|11:28] C:\Program Files\id Software
[13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
[31/12/2007|12:07] C:\Program Files\wow fun
[10/12/2007|21:56] C:\Program Files\Pando Networks
[30/11/2007|18:36] C:\Program Files\Windows Live
[29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
[28/11/2007|23:20] C:\Program Files\VDMSound
[28/11/2007|18:34] C:\Program Files\Sony Ericsson
[28/11/2007|18:21] C:\Program Files\Fichiers communs
[28/11/2007|18:18] C:\Program Files\Visicom Media
[28/11/2007|17:53] C:\Program Files\Windows Media Player
[28/11/2007|17:52] C:\Program Files\LimeWire
[26/11/2007|21:10] C:\Program Files\Ma‹do Production
[26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
[24/11/2007|12:44] C:\Program Files\Mp3tag
[20/11/2007|22:37] C:\Program Files\Ulead Systems
[16/11/2007|18:52] C:\Program Files\GameSpy Arcade
[13/11/2007|18:00] C:\Program Files\solarus
[13/11/2007|18:00] C:\Program Files\Mixxx
[08/11/2007|20:01] C:\Program Files\Java
[05/11/2007|17:49] C:\Program Files\uninstal.log
[04/11/2007|21:19] C:\Program Files\CamStudio
[02/11/2007|19:58] C:\Program Files\AVS4YOU
[02/11/2007|17:02] C:\Program Files\WoW worldofheroes
[24/10/2007|17:29] C:\Program Files\WoW ivalice
[19/10/2007|15:20] C:\Program Files\WowCartographe
[19/10/2007|15:19] C:\Program Files\Rapidown
[18/10/2007|16:18] C:\Program Files\MSXML 4.0
[06/10/2007|12:46] C:\Program Files\Ahead
[06/10/2007|12:33] C:\Program Files\Alcohol Soft
[18/09/2007|18:42] C:\Program Files\epson
[25/08/2007|11:15] C:\Program Files\Paint.NET
[19/08/2007|13:02] C:\Program Files\MSXML 6.0
[13/08/2007|15:53] C:\Program Files\WinISO
[12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
[05/08/2007|22:48] C:\Program Files\Micro Application
[02/08/2007|10:50] C:\Program Files\WinRAR
[01/08/2007|16:13] C:\Program Files\Outlook Express
[01/08/2007|12:19] C:\Program Files\pspvideo9
[01/08/2007|00:51] C:\Program Files\AviSynth 2.5
[29/07/2007|14:02] C:\Program Files\Infogrames
[26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
[18/07/2007|22:28] C:\Program Files\DAEMON Tools
[18/07/2007|21:41] C:\Program Files\ATI Technologies
[18/07/2007|20:35] C:\Program Files\MSI
[15/07/2007|13:05] C:\Program Files\QuickTime
[15/07/2007|13:03] C:\Program Files\Apple Software Update
[10/07/2007|14:58] C:\Program Files\Movie Maker
[09/07/2007|13:17] C:\Program Files\VideoLAN
[08/07/2007|12:10] C:\Program Files\THQ
[01/07/2007|19:37] C:\Program Files\Zone Labs
[29/06/2007|21:45] C:\Program Files\WinPop
[29/06/2007|19:07] C:\Program Files\Grisoft
[27/05/2007|19:05] C:\Program Files\Messenger
[18/04/2007|19:06] C:\Program Files\MSBuild
[18/04/2007|19:02] C:\Program Files\Logitech
[18/04/2007|18:59] C:\Program Files\Reference Assemblies
[15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
[22/03/2007|16:44] C:\Program Files\Alwil Software
[21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
[27/01/2007|11:25] C:\Program Files\philips
[27/01/2007|11:03] C:\Program Files\msn gaming zone
[10/01/2007|21:40] C:\Program Files\Windows NT
[10/01/2007|14:17] C:\Program Files\Adobe
[10/01/2007|14:08] C:\Program Files\D-Link
[10/12/2006|13:32] C:\Program Files\Macromedia
[05/12/2006|17:37] C:\Program Files\Microsoft Works
[05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
[04/12/2006|21:49] C:\Program Files\MSECache
[04/12/2006|19:43] C:\Program Files\Microsoft Office
[04/12/2006|19:38] C:\Program Files\Microsoft.NET
[22/11/2006|15:04] C:\Program Files\VIA
[22/11/2006|13:06] C:\Program Files\support.com
[16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
[23/10/2006|19:56] C:\Program Files\Skype
[21/09/2006|15:32] C:\Program Files\xerox
[21/09/2006|15:32] C:\Program Files\microsoft frontpage
[21/09/2006|15:29] C:\Program Files\WindowsUpdate
[21/09/2006|15:29] C:\Program Files\Services en ligne
[21/09/2006|15:28] C:\Program Files\NetMeeting
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
[28/11/2007|18:21] C:\Program Files\Fichiers communs\..
[28/11/2007|18:21] C:\Program Files\Fichiers communs\.
[26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
[02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
[19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
[05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
[01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
[16/06/2007|10:35] C:\Program Files\Fichiers communs\System
[18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
[16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
[22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
[15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
[10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
[05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
[04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
[22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
[13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
[23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
[21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
[21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
[21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 21:11:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
/!\ [Fich:612][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 21:48:55,81 ]----------------------
Voici le nouveau rapport :
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]
[ mar. 15/01/2008 | 20:49:39,53 ] [ ACERAL1715 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\AA155DE8919ADADC.job
Supprimé! - C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Temp\bisE4.exe
Supprimé! - C:\Program Files\Adverts
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
[13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
[30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
[20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
[18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
[01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
[15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
[07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
[10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
[22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
[05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
[13/01/2008|14:49] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
[13/01/2008|12:11] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Blue comp media
[13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
[10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
[28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
[25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
[24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
[20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
[22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
[14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
[01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
[01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
[18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
[15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
[13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
[09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
[29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
[10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
[15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
[23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
[01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
[22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
[22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
[22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[14/01/2008 06:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[15/01/2008|20:51] C:\Program Files\Lop SD
[15/01/2008|20:51] C:\Program Files\..
[15/01/2008|20:51] C:\Program Files\.
[15/01/2008|18:25] C:\Program Files\Mozilla Firefox
[13/01/2008|21:39] C:\Program Files\Trend Micro
[13/01/2008|15:04] C:\Program Files\World of Warcraft
[13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
[13/01/2008|14:43] C:\Program Files\Babylon
[13/01/2008|12:10] C:\Program Files\Blue comp media
[13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
[13/01/2008|11:29] C:\Program Files\PandoBar
[13/01/2008|11:29] C:\Program Files\Internet Explorer
[13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
[13/01/2008|11:28] C:\Program Files\id Software
[13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
[31/12/2007|12:07] C:\Program Files\wow fun
[10/12/2007|21:56] C:\Program Files\Pando Networks
[30/11/2007|18:36] C:\Program Files\Windows Live
[29/11/2007|07:49] C:\Program Files\Dcads Advanced Toolbar
[28/11/2007|23:20] C:\Program Files\VDMSound
[28/11/2007|18:34] C:\Program Files\Sony Ericsson
[28/11/2007|18:21] C:\Program Files\Fichiers communs
[28/11/2007|18:18] C:\Program Files\Visicom Media
[28/11/2007|17:53] C:\Program Files\Windows Media Player
[28/11/2007|17:52] C:\Program Files\LimeWire
[26/11/2007|21:10] C:\Program Files\Ma‹do Production
[26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
[24/11/2007|12:44] C:\Program Files\Mp3tag
[20/11/2007|22:37] C:\Program Files\Ulead Systems
[16/11/2007|18:52] C:\Program Files\GameSpy Arcade
[13/11/2007|18:00] C:\Program Files\solarus
[13/11/2007|18:00] C:\Program Files\Mixxx
[08/11/2007|20:01] C:\Program Files\Java
[05/11/2007|17:49] C:\Program Files\uninstal.log
[04/11/2007|21:19] C:\Program Files\CamStudio
[02/11/2007|19:58] C:\Program Files\AVS4YOU
[02/11/2007|17:02] C:\Program Files\WoW worldofheroes
[24/10/2007|17:29] C:\Program Files\WoW ivalice
[19/10/2007|15:20] C:\Program Files\WowCartographe
[19/10/2007|15:19] C:\Program Files\Rapidown
[18/10/2007|16:18] C:\Program Files\MSXML 4.0
[06/10/2007|12:46] C:\Program Files\Ahead
[06/10/2007|12:33] C:\Program Files\Alcohol Soft
[18/09/2007|18:42] C:\Program Files\epson
[25/08/2007|11:15] C:\Program Files\Paint.NET
[19/08/2007|13:02] C:\Program Files\MSXML 6.0
[13/08/2007|15:53] C:\Program Files\WinISO
[12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
[05/08/2007|22:48] C:\Program Files\Micro Application
[02/08/2007|10:50] C:\Program Files\WinRAR
[01/08/2007|16:13] C:\Program Files\Outlook Express
[01/08/2007|12:19] C:\Program Files\pspvideo9
[01/08/2007|00:51] C:\Program Files\AviSynth 2.5
[29/07/2007|14:02] C:\Program Files\Infogrames
[26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
[18/07/2007|22:28] C:\Program Files\DAEMON Tools
[18/07/2007|21:41] C:\Program Files\ATI Technologies
[18/07/2007|20:35] C:\Program Files\MSI
[15/07/2007|13:05] C:\Program Files\QuickTime
[15/07/2007|13:03] C:\Program Files\Apple Software Update
[10/07/2007|14:58] C:\Program Files\Movie Maker
[09/07/2007|13:17] C:\Program Files\VideoLAN
[08/07/2007|12:10] C:\Program Files\THQ
[01/07/2007|19:37] C:\Program Files\Zone Labs
[29/06/2007|21:45] C:\Program Files\WinPop
[29/06/2007|19:07] C:\Program Files\Grisoft
[27/05/2007|19:05] C:\Program Files\Messenger
[18/04/2007|19:06] C:\Program Files\MSBuild
[18/04/2007|19:02] C:\Program Files\Logitech
[18/04/2007|18:59] C:\Program Files\Reference Assemblies
[15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
[22/03/2007|16:44] C:\Program Files\Alwil Software
[21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
[27/01/2007|11:25] C:\Program Files\philips
[27/01/2007|11:03] C:\Program Files\msn gaming zone
[10/01/2007|21:40] C:\Program Files\Windows NT
[10/01/2007|14:17] C:\Program Files\Adobe
[10/01/2007|14:08] C:\Program Files\D-Link
[10/12/2006|13:32] C:\Program Files\Macromedia
[05/12/2006|17:37] C:\Program Files\Microsoft Works
[05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
[04/12/2006|21:49] C:\Program Files\MSECache
[04/12/2006|19:43] C:\Program Files\Microsoft Office
[04/12/2006|19:38] C:\Program Files\Microsoft.NET
[22/11/2006|15:04] C:\Program Files\VIA
[22/11/2006|13:06] C:\Program Files\support.com
[16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
[23/10/2006|19:56] C:\Program Files\Skype
[21/09/2006|15:32] C:\Program Files\xerox
[21/09/2006|15:32] C:\Program Files\microsoft frontpage
[21/09/2006|15:29] C:\Program Files\WindowsUpdate
[21/09/2006|15:29] C:\Program Files\Services en ligne
[21/09/2006|15:28] C:\Program Files\NetMeeting
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
[28/11/2007|18:21] C:\Program Files\Fichiers communs\..
[28/11/2007|18:21] C:\Program Files\Fichiers communs\.
[26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
[02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
[19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
[05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
[01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
[16/06/2007|10:35] C:\Program Files\Fichiers communs\System
[18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
[16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
[22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
[15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
[10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
[05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
[04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
[22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
[13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
[23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
[21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
[21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
[21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 21:11:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:277][Doss:19] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
/!\ [Fich:612][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 21:48:55,81 ]----------------------
(content de vous voir toujours dispo a cette heure ci )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:42, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9056 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57:42, on 15/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9056 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O4 - HKLM\..\Run: [Online chin internet bolt] C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin\Plan less.exe
O4 - HKCU\..\Run: [TwoBrowse] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1\Bib Okay.exe
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1
C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin
C:\Program Files\Blue comp media
C:\Program Files\Dcads Advanced Toolbar
C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin
C:\Program Files\Blue comp media
C:\Program Files\Dcads Advanced Toolbar
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\BLUECO~1 moved successfully.
Folder cleanup failed. C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin scheduled to be deleted on reboot.
C:\Program Files\Blue comp media moved successfully.
C:\Program Files\Dcads Advanced Toolbar moved successfully.
Created on 01/16/2008 14:15:34
Voila![:)]( ":)")
Folder cleanup failed. C:\Documents and Settings\All Users.WINDOWS\Application Data\Bags Plus Online Chin scheduled to be deleted on reboot.
C:\Program Files\Blue comp media moved successfully.
C:\Program Files\Dcads Advanced Toolbar moved successfully.
Created on 01/16/2008 14:15:34
Voila
Voila deja l'Hijackthis : ( LopS&D es en cours )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01:56, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8467 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01:56, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8467 bytes
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Pitzy ] [ "C:\Program Files\Lop SD" ]
[ mer. 16/01/2008 | 15:02:19,78 ] [ ACERAL1715 ]
-------------[ Listing des dossiers dans Application Data ]------------
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/08/2007|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[22/11/2006|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[20/10/2006|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2006|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/10/2006|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[06/10/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/09/2006|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/09/2006|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[22/09/2006|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[21/09/2006|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\..
[13/01/2008|14:41] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.
[13/01/2008|12:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
[13/01/2008|11:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[13/01/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[12/01/2008|23:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[02/12/2007|11:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[30/11/2007|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[28/11/2007|23:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[28/11/2007|17:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[01/11/2007|20:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[01/11/2007|19:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\xnwfyhdk.mld
[30/10/2007|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm
[20/10/2007|19:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WindowsLiveInstaller
[18/09/2007|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\UDL
[01/08/2007|19:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TuneUp Software
[01/08/2007|16:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[30/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[18/07/2007|21:29] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Corporation
[15/07/2007|13:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[03/07/2007|22:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[29/06/2007|19:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[16/04/2007|18:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[29/03/2007|21:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\.zreglib
[07/02/2007|13:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[27/01/2007|10:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini
[01/01/2007|11:13] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[22/11/2006|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Support.com
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Microsoft
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\..
[13/01/2008|11:26] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\.
[10/01/2008|12:35] C:\DOCUME~1\ANNE~1.ACE\APPLIC~1\Mozilla
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[21/09/2006|17:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[21/09/2006|15:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\..
[28/11/2007|23:30] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\.
[24/09/2006|18:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/12/2006|02:14] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\.
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[21/09/2006|15:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\..
[22/11/2006|17:11] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\.
[22/11/2006|17:06] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\..
[08/07/2007|23:14] C:\DOCUME~1\patrick\APPLIC~1\.
[05/07/2007|10:31] C:\DOCUME~1\patrick\APPLIC~1\Mozilla
[16/01/2008|14:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\..
[16/01/2008|14:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\.
[13/01/2008|11:28] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Adobe
[10/01/2008|19:06] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\LimeWire
[28/11/2007|15:40] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
[25/11/2007|20:46] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Sun
[24/11/2007|12:45] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mp3tag
[20/11/2007|22:39] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ulead Systems
[22/10/2007|18:41] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\EPSON
[14/10/2007|12:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Teleca
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Mozilla
[05/08/2007|23:01] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Micro Application
[01/08/2007|19:47] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\TuneUp Software
[01/08/2007|10:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Microsoft
[18/07/2007|20:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MegauploadToolbar
[15/07/2007|15:27] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Apple Computer
[13/07/2007|17:24] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\WinRAR
[09/07/2007|13:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\vlc
[29/06/2007|19:08] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Grisoft
[10/04/2007|09:04] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\ATI
[15/03/2007|20:15] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Help
[23/02/2007|18:19] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Ahead
[01/12/2006|18:52] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Macromedia
[22/11/2006|19:59] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\MSNInstaller
[22/11/2006|19:38] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Logitech
[22/11/2006|17:48] C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[11/01/2008 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[14/01/2008 08:36][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[16/01/2008 14:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[16/01/2008|15:02] C:\Program Files\Lop SD
[16/01/2008|14:25] C:\Program Files\Mozilla Firefox
[16/01/2008|14:15] C:\Program Files\..
[16/01/2008|14:15] C:\Program Files\.
[13/01/2008|21:39] C:\Program Files\Trend Micro
[13/01/2008|15:04] C:\Program Files\World of Warcraft
[13/01/2008|14:47] C:\Program Files\L'Odyss‚e d'Abe
[13/01/2008|14:43] C:\Program Files\Babylon
[13/01/2008|12:10] C:\Program Files\Messenger Plus! Live
[13/01/2008|11:29] C:\Program Files\PandoBar
[13/01/2008|11:29] C:\Program Files\Internet Explorer
[13/01/2008|11:28] C:\Program Files\TuneUp Utilities 2007
[13/01/2008|11:28] C:\Program Files\id Software
[13/01/2008|11:28] C:\Program Files\InstallShield Installation Information
[31/12/2007|12:07] C:\Program Files\wow fun
[10/12/2007|21:56] C:\Program Files\Pando Networks
[30/11/2007|18:36] C:\Program Files\Windows Live
[28/11/2007|23:20] C:\Program Files\VDMSound
[28/11/2007|18:34] C:\Program Files\Sony Ericsson
[28/11/2007|18:21] C:\Program Files\Fichiers communs
[28/11/2007|18:18] C:\Program Files\Visicom Media
[28/11/2007|17:53] C:\Program Files\Windows Media Player
[28/11/2007|17:52] C:\Program Files\LimeWire
[26/11/2007|21:10] C:\Program Files\Ma‹do Production
[26/11/2007|20:45] C:\Program Files\Windows Live Safety Center
[24/11/2007|12:44] C:\Program Files\Mp3tag
[20/11/2007|22:37] C:\Program Files\Ulead Systems
[16/11/2007|18:52] C:\Program Files\GameSpy Arcade
[13/11/2007|18:00] C:\Program Files\solarus
[13/11/2007|18:00] C:\Program Files\Mixxx
[08/11/2007|20:01] C:\Program Files\Java
[05/11/2007|17:49] C:\Program Files\uninstal.log
[04/11/2007|21:19] C:\Program Files\CamStudio
[02/11/2007|19:58] C:\Program Files\AVS4YOU
[02/11/2007|17:02] C:\Program Files\WoW worldofheroes
[24/10/2007|17:29] C:\Program Files\WoW ivalice
[19/10/2007|15:20] C:\Program Files\WowCartographe
[19/10/2007|15:19] C:\Program Files\Rapidown
[18/10/2007|16:18] C:\Program Files\MSXML 4.0
[06/10/2007|12:46] C:\Program Files\Ahead
[06/10/2007|12:33] C:\Program Files\Alcohol Soft
[18/09/2007|18:42] C:\Program Files\epson
[25/08/2007|11:15] C:\Program Files\Paint.NET
[19/08/2007|13:02] C:\Program Files\MSXML 6.0
[13/08/2007|15:53] C:\Program Files\WinISO
[12/08/2007|18:08] C:\Program Files\Spybot - Search & Destroy
[05/08/2007|22:48] C:\Program Files\Micro Application
[02/08/2007|10:50] C:\Program Files\WinRAR
[01/08/2007|16:13] C:\Program Files\Outlook Express
[01/08/2007|12:19] C:\Program Files\pspvideo9
[01/08/2007|00:51] C:\Program Files\AviSynth 2.5
[29/07/2007|14:02] C:\Program Files\Infogrames
[26/07/2007|22:26] C:\Program Files\Windows Live Toolbar
[18/07/2007|22:28] C:\Program Files\DAEMON Tools
[18/07/2007|21:41] C:\Program Files\ATI Technologies
[18/07/2007|20:35] C:\Program Files\MSI
[15/07/2007|13:05] C:\Program Files\QuickTime
[15/07/2007|13:03] C:\Program Files\Apple Software Update
[10/07/2007|14:58] C:\Program Files\Movie Maker
[09/07/2007|13:17] C:\Program Files\VideoLAN
[08/07/2007|12:10] C:\Program Files\THQ
[01/07/2007|19:37] C:\Program Files\Zone Labs
[29/06/2007|21:45] C:\Program Files\WinPop
[29/06/2007|19:07] C:\Program Files\Grisoft
[27/05/2007|19:05] C:\Program Files\Messenger
[18/04/2007|19:06] C:\Program Files\MSBuild
[18/04/2007|19:02] C:\Program Files\Logitech
[18/04/2007|18:59] C:\Program Files\Reference Assemblies
[15/04/2007|11:33] C:\Program Files\C-Media 3D Audio
[22/03/2007|16:44] C:\Program Files\Alwil Software
[21/03/2007|19:17] C:\Program Files\Windows Media Connect 2
[27/01/2007|11:25] C:\Program Files\philips
[27/01/2007|11:03] C:\Program Files\msn gaming zone
[10/01/2007|21:40] C:\Program Files\Windows NT
[10/01/2007|14:17] C:\Program Files\Adobe
[10/01/2007|14:08] C:\Program Files\D-Link
[10/12/2006|13:32] C:\Program Files\Macromedia
[05/12/2006|17:37] C:\Program Files\Microsoft Works
[05/12/2006|17:36] C:\Program Files\Microsoft Visual Studio
[04/12/2006|21:49] C:\Program Files\MSECache
[04/12/2006|19:43] C:\Program Files\Microsoft Office
[04/12/2006|19:38] C:\Program Files\Microsoft.NET
[22/11/2006|15:04] C:\Program Files\VIA
[22/11/2006|13:06] C:\Program Files\support.com
[16/11/2006|15:35] C:\Program Files\MessengerPlus! 3
[23/10/2006|19:56] C:\Program Files\Skype
[21/09/2006|15:32] C:\Program Files\xerox
[21/09/2006|15:32] C:\Program Files\microsoft frontpage
[21/09/2006|15:29] C:\Program Files\WindowsUpdate
[21/09/2006|15:29] C:\Program Files\Services en ligne
[21/09/2006|15:28] C:\Program Files\NetMeeting
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[30/11/2007|18:18] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/11/2007|18:34] C:\Program Files\Fichiers communs\Teleca Shared
[28/11/2007|18:21] C:\Program Files\Fichiers communs\..
[28/11/2007|18:21] C:\Program Files\Fichiers communs\.
[26/11/2007|21:10] C:\Program Files\Fichiers communs\Microsoft Shared
[02/11/2007|19:58] C:\Program Files\Fichiers communs\AVSMedia
[19/08/2007|12:58] C:\Program Files\Fichiers communs\ODBC
[05/08/2007|22:48] C:\Program Files\Fichiers communs\Acronis
[01/08/2007|19:46] C:\Program Files\Fichiers communs\Wise Installation Wizard
[03/07/2007|22:35] C:\Program Files\Fichiers communs\Java
[16/06/2007|10:35] C:\Program Files\Fichiers communs\System
[18/04/2007|18:58] C:\Program Files\Fichiers communs\logishrd
[16/04/2007|18:27] C:\Program Files\Fichiers communs\Ahead
[22/03/2007|18:10] C:\Program Files\Fichiers communs\Panda Software
[15/03/2007|19:17] C:\Program Files\Fichiers communs\Blizzard Entertainment
[10/01/2007|14:17] C:\Program Files\Fichiers communs\Adobe
[10/12/2006|13:32] C:\Program Files\Fichiers communs\Macromedia
[05/12/2006|17:36] C:\Program Files\Fichiers communs\DESIGNER
[04/12/2006|18:38] C:\Program Files\Fichiers communs\newObjects
[22/11/2006|19:10] C:\Program Files\Fichiers communs\Logitech
[13/10/2006|21:16] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/10/2006|11:18] C:\Program Files\Fichiers communs\InstallShield
[23/09/2006|14:53] C:\Program Files\Fichiers communs\FotoWire
[21/09/2006|17:16] C:\Program Files\Fichiers communs\SpeechEngines
[21/09/2006|15:28] C:\Program Files\Fichiers communs\Services
[21/09/2006|15:28] C:\Program Files\Fichiers communs\MSSoap
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-16 15:14:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:284][Doss:18] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\Temp
/!\ [Fich:243][Doss:12] C:\DOCUME~1\PITZY~1.ACE\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:14:45,92 ]----------------------
Re,
Sélectionne tous les emplacements dans le cadre ci-dessous :
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bags Plus Online Chin
C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
C:\DOCUME~1\PITZY~1.ACE\APPLIC~1\Dcads Advanced Toolbar
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Ok,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:47, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8467 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:47, on 16/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8467 bytes
Re,
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
- Dites moi, je vais bientot aller m'acheter un antivirus, vous me recommanderiez lequel ? Merci en tout cas, j'espere ne pas vous avoir trop fais attendre, j'avais beaucoup de boulot ce soir :-/
Le rapport AntiVir :
AntiVir PersonalEdition Classic
Report file date: mercredi 16 janvier 2008 20:31
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACERAL1715
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 16 janvier 2008 20:31
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-1844237615-2139871995-682003330-1006\Dc97\Raphael - Hotel de l univers -album 192kbps - mp3.mp3
[0] Archive type: ACE
--> Raphael - Hotel 11 - Libre service.mp3
[WARNING] Error creating the file
--> Raphael - Hotel BT - Cela nous aurait suffi (live).mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023717.exe
[DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
[INFO] The file was moved to '47be8177.qua'!
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023718.exe
[DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
[INFO] The file was moved to '46c30ee0.qua'!
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023719.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '47be8178.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 17 janvier 2008 00:18
Used time: 3:46:53 min
The scan has been done completely.
8961 Scanning directories
243580 Files were scanned
2 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
243578 Files not concerned
1546 Archives were scanned
6 Warnings
0 Notes
Le rapport AntiVir :
AntiVir PersonalEdition Classic
Report file date: mercredi 16 janvier 2008 20:31
Scanning for 835736 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ACERAL1715
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 16 janvier 2008 20:31
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-1844237615-2139871995-682003330-1006\Dc97\Raphael - Hotel de l univers -album 192kbps - mp3.mp3
[0] Archive type: ACE
--> Raphael - Hotel 11 - Libre service.mp3
[WARNING] Error creating the file
--> Raphael - Hotel BT - Cela nous aurait suffi (live).mp3
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023717.exe
[DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
[INFO] The file was moved to '47be8177.qua'!
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023718.exe
[DETECTION] Is the Trojan horse TR/Drop.NaviP.U.5.B
[INFO] The file was moved to '46c30ee0.qua'!
C:\System Volume Information\_restore{C48A1312-F039-4DF1-A058-6C6AE4BDB870}\RP47\A0023719.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '47be8178.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 17 janvier 2008 00:18
Used time: 3:46:53 min
The scan has been done completely.
8961 Scanning directories
243580 Files were scanned
2 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
243578 Files not concerned
1546 Archives were scanned
6 Warnings
0 Notes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:26, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8218 bytes
Scan saved at 19:07:26, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8218 bytes
Re,
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-01-17 20:47:59
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.13 ----
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\bibounia@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{19DA7ED1-E8B2-382D-C279-1CEB228C7581}\01\10-{19DA7ED1-E8B2-382D-C279-1CEB228C7581}-v1-{CA7985EE-EB3A-4007-AB74-2785CFE37B9C}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\cedric_potter91@hotmail.com\DFSR\Staging\CS{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}\01\19-{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\01\82-{73986AF0-4B2E-AFA5-FB31-C6366E93F478}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v82-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\02\102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\41\41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\42\42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\44\44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\45\45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\46\46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\51\51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\j_dks1991@hotmail.com\DFSR\Staging\CS{E9C05784-5B1B-B282-E454-0967C6CDFF91}\01\10-{E9C05784-5B1B-B282-E454-0967C6CDFF91}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\01\20-{3F22DDF3-B091-37E5-3C03-12C2D380236B}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\01\11-{D0FD756C-FE81-50FE-3B14-43955D2EF697}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
Rootkit scan 2008-01-17 20:47:59
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.13 ----
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\bibounia@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{19DA7ED1-E8B2-382D-C279-1CEB228C7581}\01\10-{19DA7ED1-E8B2-382D-C279-1CEB228C7581}-v1-{CA7985EE-EB3A-4007-AB74-2785CFE37B9C}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\cedric_potter91@hotmail.com\DFSR\Staging\CS{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}\01\19-{0C9E0B21-AA95-1EB0-184C-C3BE2C788DCF}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\01\82-{73986AF0-4B2E-AFA5-FB31-C6366E93F478}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v82-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\02\102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\38\86-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v38-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\39\87-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v39-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\40\88-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\41\41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v41-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\42\42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\43\91-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v91-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\44\44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\45\45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v45-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\46\46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v46-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\47\95-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\48\96-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v48-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\49\97-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v49-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\50\98-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v50-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\51\51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\il-mio-piccolo-angelo@hotmail.com\DFSR\Staging\CS{73986AF0-4B2E-AFA5-FB31-C6366E93F478}\96\132-{1F298982-7293-4DF1-A5B6-F93E8EEAE45A}-v96-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\j_dks1991@hotmail.com\DFSR\Staging\CS{E9C05784-5B1B-B282-E454-0967C6CDFF91}\01\10-{E9C05784-5B1B-B282-E454-0967C6CDFF91}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\01\20-{3F22DDF3-B091-37E5-3C03-12C2D380236B}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\21\112-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v21-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\23\26-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v23-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\25\110-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v25-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\27\109-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v27-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v109-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\29\111-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v29-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\30\113-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v30-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\31\114-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v31-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v114-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\32\115-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v32-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\40\43-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v40-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\41\116-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v41-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\44\117-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v44-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v117-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\45\118-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v45-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\46\52-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v46-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v52-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\47\53-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v47-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v53-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\54\102-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v54-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\55\103-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v55-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v103-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\56\104-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v56-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\58\105-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v58-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v105-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\61\106-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v61-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\62\107-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v62-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\laurence.marotte@hotmail.com\DFSR\Staging\CS{3F22DDF3-B091-37E5-3C03-12C2D380236B}\64\108-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v64-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v108-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\01\11-{D0FD756C-FE81-50FE-3B14-43955D2EF697}-v1-{3F87A23D-8257-4BDE-B5D3-907CB1EB8CA8}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Pitzy.ACERAL1715\Local Settings\Application Data\Microsoft\Messenger\crazypitzy@hotmail.com\SharingMetadata\seeb607219246@aol.com\DFSR\Staging\CS{D0FD756C-FE81-50FE-3B14-43955D2EF697}\86\16-{73753995-05D0-42F3-BF27-26B4FDE00341}-v386-{4090FF1F-F352-4F5A-95BC-7F0F2FE3F2F2}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
Re,
Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.
Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
**Si le lien ne fonctionne pas, clique [#ff0000]ici**
Lance le fix (FixWareout.exe), clique sur Next puis Install.
Assure-toi que Run fixit soit bien activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Au final, poste le contenu du rapport C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.
Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
**Si le lien ne fonctionne pas, clique [#ff0000]ici**
Lance le fix (FixWareout.exe), clique sur Next puis Install.
Assure-toi que Run fixit soit bien activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
Au final, poste le contenu du rapport C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
( Je n'ai deja plus de fenetres intempestives depuis quelques temps, déja un grand merci . )
Username "Pitzy" - 17/01/2008 21:34:00 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"="lsass.exe"
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"EPSON Stylus DX3800 Series (Copie 1)"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIACE.EXE /P36 \"EPSON Stylus DX3800 Series (Copie 1)\" /O6 \"USB001\" /M \"Stylus DX3800\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2007\\MemOptimizer.exe\" autostart"
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
--------------------------------------------------------------------------
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:54:33, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8223 bytes
Username "Pitzy" - 17/01/2008 21:34:00 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"="lsass.exe"
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"EPSON Stylus DX3800 Series (Copie 1)"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIACE.EXE /P36 \"EPSON Stylus DX3800 Series (Copie 1)\" /O6 \"USB001\" /M \"Stylus DX3800\""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"="\"C:\\Program Files\\TuneUp Utilities 2007\\MemOptimizer.exe\" autostart"
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
--------------------------------------------------------------------------
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:54:33, on 17/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8223 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.13
O17 - HKLM\System\CS2\Services\Tcpip\..\{13AB14EB-0403-4C52-B40B-5822FA9FD234}: NameServer = 85.255.113.92,85.255.112.13
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:24, on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 7724 bytes
Scan saved at 13:40:24, on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P36 "EPSON Stylus DX3800 Series (Copie 1)" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.ijji.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC92BE-B0FE-4425-A3CD-6C5C41296436}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O23 - Service: a-squared Free Service (a2free) - Unknown owner - C:\PROGRA~1\A-SQUA~1\a2service.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 7724 bytes
ok ![:)]( ":)")
Télécharge ToolsCleaner sur ton Bureau.
Clique sur Recherche et laisse le scan se terminer.
Clique sur Suppression pour finaliser.
Clique sur Quitter, pour que le rapport puisse se créer.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)
Désactive puis réactive la restauration du système : Voir aide
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"![]()
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :
![]()
Désactive puis réactive la restauration du système : Voir aide
Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"
Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :
-->- Recherche:
C:\Vundofix backups: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Program Files\Lop SD: trouvé !
C:\Program Files\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\WINDOWS\Gmer.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: supprimé !
C:\Program Files\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\WINDOWS\Gmer.exe: supprimé !
C:\Vundofix backups: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Lop SD: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
C:\Vundofix backups: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: trouvé !
C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: trouvé !
C:\Program Files\Lop SD: trouvé !
C:\Program Files\Lop SD\Lop S&D.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\WINDOWS\Gmer.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Lop S&D.lnk: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\Gmer.zip: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\FixWareout.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\OtMoveIt.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\tar.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\remove.reg: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\pskill.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\LFiles.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\gzip.exe: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delsiri.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\delr.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del3.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\del2.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\clean.cmd: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Bureau\clean\cherche.cmd: supprimé !
C:\Program Files\Lop SD\Lop S&D.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\WINDOWS\Gmer.exe: supprimé !
C:\Vundofix backups: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Pitzy.ACERAL1715\Menu Démarrer\Programmes\Lop S&D: supprimé !
C:\Program Files\Lop SD: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumPb de pubs intempestives pc lent
- ForumVirus fenetres intempestives, pc lent
- ForumAdware pubs intempestives, pc lent
- ForumPc ultra lent pb pub intempestives
- ForumPc lent ouverture intempestive de fenetre
- ForumPc lent, fenetre pubs, cheval de troie
- ForumVirus pub, et pc lent
- ForumPc lent et pubs
- ForumProbleme pc lent fenetres pub intenpestives
- ForumPc lent pub pour un anti-virus bidon
- Voir plus
