Se connecter / S'enregistrer
Votre question

resolu mon parefeu m indique des attaques dos ;scan;short -fragments

Tags :
  • Scan
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Décembre 2007 18:26:49

bonjour, mon parfeu me dit que j ai des attaques : dos ,scan et short-framents et plus bas je peux lire intrus débloqué pouvez vous n aidez? j ai aussi un reboot du pc avec erreur serieuse j ai deja poster pour l erreur serieuse dans hadware merçi de m aidez

Autres pages sur : resolu parefeu indique attaques dos scan short fragments

6 Décembre 2007 12:54:43

:bounce:  :bounce: 
9 Décembre 2007 22:47:10

bonsoir, Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:47:04, on 09/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
F:\NERO8\Nero 8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
F:\alcool120\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
D:\visualtasktips22\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\DAEMON TOOL PRO\DAEMON Tools Pro\DTProAgent.exe
D:\vistar-glass\ViStart Glass\Limited Edition\ViStart.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Styler\Styler.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Rainmeter\Rainmeter.exe
D:\programme\eMule\eMule.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
F:\fichiers reçu\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:o s_startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VisualTaskTips] D:\visualtasktips22\VisualTaskTips\VisualTaskTips.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [TransBar] C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON TOOL PRO\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BananaScreen.lnk = ?
O4 - Startup: Raccourci vers ViStart.lnk = D:\vistar-glass\ViStart Glass\Limited Edition\ViStart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Fichiers communs\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\NERO8\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - F:\alcool120\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10319 bytes
9 Décembre 2007 23:10:06

Rien d'infectieux dans ce rapport.

Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse
10 Décembre 2007 02:05:32

merçi de m aider je ne savais pas si il fallait arreter mon anti virus et mon parefeu car j ai eu des message de mon parefeu , il fallait que j autoriser a chaque fois . sinon mon pc a rebooter est ce normal? et quand il a redemarrer combofix me disais de ne pas lancer d application mais le probleme c est que j ai des application au demarrage de xp : rocket ; styler daemon tool ect... voila c etait pour info si cela peux t aider :je colle le rapport ComboFix 07-12-09.1 - Admin 2007-12-10 1:47:55.1 - NTFSx86
Running from: F:\fichiers reçu\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\koos.exe
C:\WINDOWS\system32\kprof
C:\WINDOWS\system32\poof

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-10 to 2007-12-10 ))))))))))))))))))))))))))))))))))))
.

2007-12-09 17:27 . 2007-12-09 17:35 <REP> d-------- C:\Program Files\Iminent
2007-12-09 17:27 . 2007-12-09 17:35 <REP> d--h----- C:\Documents and Settings\All Users\Application Data\~0
2007-12-09 15:23 . 2007-12-09 15:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-09 14:22 . 2007-12-09 14:22 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-12-08 22:38 . 2007-12-09 23:29 <REP> d-------- C:\Documents and Settings\Admin\Tracing
2007-12-06 22:18 . 2007-12-06 22:18 28,672 --a------ C:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe
2007-12-06 22:18 . 2007-12-06 22:18 27,870 --a------ C:\WINDOWS\system32\icone.ico
2007-12-06 22:18 . 2007-12-06 22:18 22,016 --a------ C:\WINDOWS\system32\MSWINSCK.oca
2007-12-05 01:57 . 2007-12-05 01:57 <REP> d-------- C:\Program Files\Banana Security
2007-12-04 00:23 . 2007-12-04 00:23 <REP> d-------- C:\Documents and Settings\Admin\Contacts
2007-12-03 23:27 . 2007-12-03 23:27 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-12-03 23:27 . 2007-12-03 23:27 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-12-03 23:27 . 2007-12-03 23:27 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-12-03 22:19 . 2007-12-03 22:19 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Eset
2007-12-03 22:18 . 2007-12-03 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Eset
2007-12-03 22:07 . 2007-12-08 15:00 <REP> d-------- C:\WINDOWS\system32\Filt
2007-12-03 22:07 . 2007-12-03 22:07 <REP> d-------- C:\Program Files\Agnitum
2007-12-03 22:07 . 2007-12-03 22:07 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Agnitum
2007-12-03 22:07 . 2007-11-02 13:55 435,232 --a------ C:\WINDOWS\system32\drivers\SandBox.sys
2007-12-03 22:07 . 2007-11-02 19:14 198,416 --a------ C:\WINDOWS\system32\drivers\afw.sys
2007-12-03 22:07 . 2007-10-25 18:17 49 --a------ C:\WINDOWS\transp.gif
2007-12-03 22:06 . 2007-12-03 22:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Agnitum
2007-12-03 20:43 . 2007-12-05 19:27 <REP> d-------- C:\Documents and Settings\Admin\Application Data\SpamPal
2007-11-27 20:03 . 2007-11-27 20:03 <REP> d-------- C:\Program Files\NVIDIA Corporation
2007-11-24 18:33 . 2007-11-24 18:33 <REP> d-------- C:\WINDOWS\nview
2007-11-24 18:33 . 2007-10-04 17:14 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-11-24 18:33 . 2007-11-24 18:35 140,158 --a------ C:\WINDOWS\system32\nvapps.xml
2007-11-24 18:33 . 2007-10-04 17:14 17,525 --a------ C:\WINDOWS\system32\nvdisp.nvu
2007-11-24 18:32 . 2007-10-04 18:16 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-11-23 00:01 . 2007-11-23 00:01 <REP> d-------- C:\Program Files\Lavasoft
2007-11-21 21:00 . 2007-03-28 19:42 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-11-21 02:08 . 2007-11-21 02:08 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-21 02:08 . 2007-11-21 02:08 22,328 --a------ C:\Documents and Settings\Admin\Application Data\PnkBstrK.sys
2007-11-21 02:07 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-11-21 02:07 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2007-11-21 02:07 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2007-11-14 15:41 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-11-14 15:41 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-11-14 15:41 . 2007-05-31 19:30 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-11-14 15:41 . 2007-05-31 19:29 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-11-14 15:38 . 2007-11-14 15:38 319 --a------ C:\WINDOWS\game.ini
2007-11-14 01:39 . 2007-11-21 16:42 82,104 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-11-14 01:30 . 2005-07-12 14:25 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-11-14 01:25 . 2007-11-14 01:26 <REP> d-------- C:\WINDOWS\system32\URTTemp
2007-11-14 01:25 . 2004-07-02 17:28 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-11-14 01:25 . 2004-07-02 17:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-11-14 01:24 . 2007-01-26 02:04 196,096 --a------ C:\WINDOWS\system32\macd32.dll
2007-11-14 01:24 . 2007-01-26 02:04 138,752 --a------ C:\WINDOWS\system32\mase32.dll
2007-11-14 01:24 . 2007-01-26 02:04 136,192 --a------ C:\WINDOWS\system32\mamc32.dll
2007-11-14 01:24 . 2007-01-26 02:04 57,856 --a------ C:\WINDOWS\system32\masd32.dll
2007-11-14 01:24 . 2007-01-26 02:04 27,648 --a------ C:\WINDOWS\system32\ma32.dll
2007-11-14 01:23 . 2007-01-04 10:07 171,520 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
2007-11-14 01:23 . 2004-02-24 13:04 41,219 --a------ C:\WINDOWS\RSETPATH.exe
2007-11-14 01:23 . 2005-02-09 12:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2007-11-14 01:21 . 2007-11-14 01:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2007-11-14 01:13 . 2007-11-14 01:29 <REP> d-------- C:\Program Files\Pinnacle
2007-11-14 01:13 . 2007-11-14 01:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-11-14 01:02 . 2007-11-14 01:02 <REP> d-------- C:\Program Files\MSBuild
2007-11-14 01:02 . 2007-11-14 01:02 <REP> d-------- C:\Program Files\Microsoft Works
2007-11-14 00:58 . 2007-11-14 01:02 <REP> d-------- C:\WINDOWS\SHELLNEW
2007-11-14 00:56 . 2007-11-14 00:56 <REP> dr-h----- C:\MSOCache
2007-11-14 00:56 . 2007-11-18 17:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-14 00:33 . 2007-11-14 00:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 16:35 --------- d--h--w C:\Documents and Settings\All Users\Application Data\~0
2007-12-09 12:50 --------- d-----w C:\Program Files\Windows Live
2007-12-02 22:28 --------- d-----w C:\Documents and Settings\Admin\Application Data\vlc
2007-11-22 22:58 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-21 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-14 17:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-14 17:06 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 22:52 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-11 22:52 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-11-09 20:07 --------- d-----w C:\Documents and Settings\Admin\Application Data\FileZilla
2007-11-05 23:19 --------- d-----w C:\Program Files\id Software
2007-11-05 20:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-05 00:42 --------- d-----w C:\Documents and Settings\Admin\Application Data\Grisoft
2007-10-23 15:52 --------- d-----w C:\Program Files\Fichiers communs\Nero
2007-10-23 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2007-10-23 14:20 --------- d-----w C:\Program Files\Fichiers communs\Simple Star Shared
2007-10-23 14:20 --------- d-----w C:\Documents and Settings\Admin\Application Data\Nero
2007-10-21 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Simple Star Shared
2007-10-21 18:16 --------- d-----w C:\Documents and Settings\Admin\Application Data\Simple Star
2007-10-19 15:41 --------- d-----w C:\Documents and Settings\Admin\Application Data\Bioshock
2007-10-16 22:47 --------- d-----w C:\Program Files\AGEIA Technologies
2007-10-12 18:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\RFA_Backups
2007-09-29 16:48 1,715 ----a-w C:\Documents and Settings\Admin\Application Data\SAS7_000.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"VisualTaskTips"="D:\visualtasktips22\VisualTaskTips\VisualTaskTips.exe" [2007-08-16 04:33]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 13:30]
"TransBar"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe" [2005-06-01 20:41]
"DAEMON Tools Pro Agent"="D:\DAEMON TOOL PRO\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 14:20]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-02-21 16:59]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 08:34 C:\WINDOWS\RTHDCPL.exe]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-13 02:48]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-12-06 00:38]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57]
"NvCplDaemon"="RUNDLL32.exe" [2006-03-02 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2006-03-02 13:00 C:\WINDOWS\system32\rundll32.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-03 23:27]
"OutpostMonitor"="C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" [2007-11-03 20:44]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-03 13:30]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 12:11 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_Dlls"=c:\progra~1\agnitum\outpos~1\wl_hook.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DT HPW"=C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
"PivotSoftware"="C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
"VX3000"=C:\WINDOWS\vVX3000.exe
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
"NBKeyScan"="F:\NERO8\Nero 8\Nero BackItUp\NBKeyScan.exe"

R1 Pivot;Pivot;C:\WINDOWS\system32\drivers\pivot.sys
R1 SandBox;SandBox;C:\WINDOWS\system32\DRIVERS\SandBox.sys
R2 acssrv;Agnitum Client Security Service;C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe"
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;F:\NERO8\Nero 8\Nero BackItUp\NBService.exe
R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 afw;Agnitum firewall driver;C:\WINDOWS\system32\DRIVERS\afw.sys
R3 ASWFilt;ASWFilt;C:\WINDOWS\system32\Filt\ASWFilt.dll
R3 pivotmou;Pivot Mouse/Pointers Filter Driver;\??\C:\WINDOWS\system32\drivers\pivotmou.sys
R3 VX3000;VX-3000;C:\WINDOWS\system32\DRIVERS\VX3000.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-07 16:16:19 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- D:\tuneup 2007\SystemOptimizer.exe
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll

PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> D:\visualtasktips22\VisualTaskTips\VttHooks.dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
-> D:\vistar-glass\ViStart Glass\Limited Edition\MainHook.Dll
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
.
**************************************************************************

catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-10 01:53:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-10 1:54:15 - machine was rebooted
.
--- E O F ---
peut tu me dire si tout va bien maintenant et est ce que j avais des saloperie merçi encore chercheur ps: je crois que combofix a modifier des choses du registre c est mon parefeu qui me le disait est ce normal?
10 Décembre 2007 13:54:19

Bonjour

Combofix a fait du ménage.
C'est normal pour les modifications du registre.

$$ Télécharge
SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.e...

clean.zip
http://www.malekal.com/download/clean.zip
Décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.


$$ Redémarre en mode sans échec.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.


$$ Ouvre le dossier Clean qui se trouve sur ton bureau, et double-clic sur clean.cmd.
Choisis l'option 2
Enregistre le rapport une fois le scan terminé


$$ Double clique sur SDFix.exe et choisis Install
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
Tape Y pour lancer le script.
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire
Presse une touche pour redémarrer

Le PC va mettre du temps avant de démarrer, presse une touche lorsque "Finished" s'affiche

Ouvre le dossier SDFix et copie/colle ici le contenu du fichier "Report.txt" avec le rapport qui se trouve ici C:\rapport_clean.txt et un nouveau HijackThis.
10 Décembre 2007 14:35:35

bonjour chercheur , je ne sais pas si je vais pouvoir faire ça aujourd hui car c est mon anniversaire et je vais avoir de la visite et je prefere etre concentrer pour faire tout ça. ps: j ai vista sur une autre partition cela ne va pas poser de probleme? par contre xp legal mais pas pour vista le crack au bios ne sera pas changer? je sais que c est pas bien mais je voulais essayer avant de l acheter
11 Décembre 2007 22:51:03

:hello:  chercheur tu ma pas oublier tu n as pas repondu.....
11 Décembre 2007 23:10:17

Je ne pense pas que cela toucherasà Vista. Sauf s'il est infecté.
14 Décembre 2007 11:03:04

bonjour je n arrive pas a telecharger SDFix nod 32 le mets en quarantaine directe il ne dit qu il y a un virus win 32 Date et heure Module Objet Nom Menace Action Utilisateur Info
12/12/2007 10:45:49 AMON fichier C:\DOCUME~1\Admin\LOCALS~1\Temp\nrkst7tp.exe Win32/PrcView application mis en Quarantaine - supprimé Un évènement s'est produit sur un fichier modifié par l'application: C:\Program Files\Mozilla Firefox\firefox.exe. Le fichier a été déplacé en Quarantaine. Vous pouvez fermer cette fenêtre. alors je ne sais pas quoi faire virus ou pas et comment le telecharger sans arreter nod32??
14 Décembre 2007 22:37:26

Bonjour

SDFix comporte des puissants processus, c'est pour cela qu'il n'est pas aimé par les antivirus.

Désactive Nod32 le temps du téléchargement et de scan.
19 Décembre 2007 10:39:26

bonjour , chercheur desoler du retard j etait en deplacement je fait ça aujourd hui et je poste apres
19 Décembre 2007 11:45:15

chercheur , j ai essayer de demarrer en mode sans echec mais j ai le mode sans echec de vista alors qu il me faut celui de xp , car j ai xp et vista sur mon pc et au demarrage il me donne le choix entre vista et xp ; mais en mode sans echec je n ai que vista je ne sais pas comment il faut que je fasse pour demarrer en mode sans echec sous xp merçi ...
20 Décembre 2007 00:15:28

Bonjour

Tu vas faire la manip en mode normal, on verra ce que cela donne.

A l'écran des choix de SDFix, tu vas taper S.
Ensuite, tu taperas Y pour le ménage.

Il n'y a pas de changement pour Clean.
20 Décembre 2007 13:14:56

bonjour, j ai fait ce que tu n a dit pour clean j ai eu un nettoyage du disque et pour sdfix au redemarrage j ai eu une verification du systeme de fichiers ; je te poste les rapports . Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 20/12/2007 a 12:30:06,00

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

*** Suppression des fichiers dans C:\Program Files

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

SDFix: Version 1.118

Run by Admin on 20/12/2007 at 12:45

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found





Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-20 12:53:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\PNP0F03\4&2c575acb&0\LogConf]
"BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..
"BootConfig"=hex(8):01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:fa,46,ba,93,b7,29,00,1d,7f,3a,e0,f4,e1,7c,b8,cb,70,2e,6d,17,f0,..
"p0"="F:\alcool120\Alcohol 120\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:6a,26,e9,c3,3e,08,d4,22,4d,09,af,16,18,9e,1c,29,73,3f,4d,39,fb,..
"p0"="D:\DAEMON TOOL PRO\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,1a,82,e0,2b,b9,f3,7c,01,ee,2b,91,27,2a,3c,98,c8,1c,..
"hdf12"=hex:54,e4,a2,46,6e,49,39,c7,f1,f0,40,11,97,61,48,3b,eb,89,da,95,24,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:28,a7,a7,44,24,21,f5,c9,15,57,07,1b,58,07,75,51,99,7d,9d,2c,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,bb,8c,8c,28,b0,56,bd,c8,f7,58,c9,82,dc,3f,6a,dc,ee,..
"hdf12"=hex:54,b7,a1,0a,e4,aa,92,ca,89,f7,e3,c1,bc,45,ba,70,bf,b8,37,03,17,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:75,2d,66,3f,01,e3,dc,d1,9c,d7,6a,83,85,8c,3d,d6,e0,37,5d,36,41,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000002
"khjeh"=hex:76,8e,17,61,4f,b0,d7,ae,05,3a,03,05,a9,31,6a,48,8f,c9,0f,37,63,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0F03\4&2c575acb&0\LogConf]
"BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..
"BootConfig"=hex(8):01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:fa,46,ba,93,b7,29,00,1d,7f,3a,e0,f4,e1,7c,b8,cb,70,2e,6d,17,f0,..
"p0"="F:\alcool120\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:6a,26,e9,c3,3e,08,d4,22,4d,09,af,16,18,9e,1c,29,73,3f,4d,39,fb,..
"p0"="D:\DAEMON TOOL PRO\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,1a,82,e0,2b,b9,f3,7c,01,ee,2b,91,27,2a,3c,98,c8,1c,..
"hdf12"=hex:54,e4,a2,46,6e,49,39,c7,f1,f0,40,11,97,61,48,3b,eb,89,da,95,24,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:28,a7,a7,44,24,21,f5,c9,15,57,07,1b,58,07,75,51,99,7d,9d,2c,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,bb,8c,8c,28,b0,56,bd,c8,f7,58,c9,82,dc,3f,6a,dc,ee,..
"hdf12"=hex:54,b7,a1,0a,e4,aa,92,ca,89,f7,e3,c1,bc,45,ba,70,bf,b8,37,03,17,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:75,2d,66,3f,01,e3,dc,d1,9c,d7,6a,83,85,8c,3d,d6,e0,37,5d,36,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000002
"khjeh"=hex:76,8e,17,61,4f,b0,d7,ae,05,3a,03,05,a9,31,6a,48,8f,c9,0f,37,63,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="927BEEA63B251CD6DAC71150130A64E5FA552070E34285CA964709BF7A011F6B9AF8DF990CCAB31A051DF8204C38D01D3F351BAE1097BF8F8CCA3FA17D4BD08AFD80DBE7CE88B024847844E8A65ECD39857E18B8F010500F090B409BD7389FB9719400DDC1C6F8DAC7AE91F3E6C816AE147A53F2767C64EACD690A4F41BEC8E5CD49ACF905C27B975FAAC03EB81867E2560BD07672032836BD5A6114D6AA8B718FC884709F8A272A806A78F6AABF84B2D9A155111D1E50F761654B72181AAAAFD9CFEF29F98371D2878021042D0AB06BD1C4EBC5129993AD6327942B6B7FEE6B6E301D3FE1E3D2497112E6FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D6794A2D97226D213B555A2D97226D213B5556B8E5C9D2EC03F5A4E4B8F736085DD2D738AB7817428AE8FCB1D6A7591FDC41A0C602690C58540117DBE4D38B634F07EA2C76D20B9504162AFCCD9FA295B7CF0C99311C9120BDC611E1F762BB357EB4C45795E444713B199FA1EE0372012397E9CE685AA96EDDD8F8511BA5D4545EB5A2BCE9FD0179D1297196A1B7C1ECBA2E7AFF9C41445EDA0A23B9D9DE24EF5A4B2D95819AA18458B8AACEB74213F54749ADE4FDF7089F116E7F9B2F5D4A4895CA2870D87BBAE7FD7DD8B42AFFE949A80443F52BE2A4081C5ED3223714F91406DBA2349FCF130E647C33DEFE276A1B32AD7164E9AB0B84A450A07220EF35401C4D04D48DCBE69BB3CB382DDF569DDD6688D5FF204F7391C45544F4AA0E79E55E67CD7AF609618602E674A57A9BEB5DEC960C7D4DC78FAEC85A81818D0D1156AE71DCD0394756F5B29DC3B0C0DE00ACDED8EB2ECDBACAA555A27206E19DFD393F2D1EB2F595617D74B562E0D87BEAEC6871BB5978C146812AEB5D911CB4167C5C6012000653E2A26495A31D3524AE91161CF9D954D33CA04FEF8EEAA8AAC529B3554912A3FAFB536E831863B7A7AF9995634E60AD0125AAF5DDFB948CDD80A5224B797C3C4B53F2006EB2283E34A0DEE561A447D1DBA1440ED99495B6104F9CB0EDC3FC5275D3D9F905A2F4E423849C566939D5E8DBE687FEA9A61B8656DFE0E0238C810E9B919140B94092420C6C3769E770C7A51B0BC5F219A7A9ACCDA6C43A10428E3E7DEB3FD0D7243F05B7D0BFC2BE15E086B286A76F117BE9DE094063AA33C0668CB676007C113A38326661F77CCB1181E32403EFAD24E10C33BE6886252A3402817EFE377E85A218E848EF22BD609EE3ACF1AF84CCBC47FF14DA39F538A3DE5901F9BFAC054EB6BAAD20B6E0132D0CCBC44D8D0E97CC4D4F1D99D6EC7BF54BCF58C8E5574ED3363523D71ED82DB32D16961236D7814578CF1F92F0B9B7875BB0CDA7313C92EDD1FE5455D4261E11E4FE74E26EB"

scanning hidden files ...

C:\WINDOWS\system32\config\OP_CACHE.ATR 24 bytes
C:\WINDOWS\system32\config\OP_CACHE.IDX 12 bytes
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ......@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\01\14-{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ......@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\08\139-{B511A84C-8A46-4586-886A-7E3E60746911}-v108-{B511A84C-8A46-4586-886A-7E3E60746911}-v139-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 104 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .....@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\09\140-{B511A84C-8A46-4586-886A-7E3E60746911}-v109-{B511A84C-8A46-4586-886A-7E3E60746911}-v140-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .....@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\15\115-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v115-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ........hotmail.fr\SharingMetadata\ ......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\16\116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 930 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ........@hotmail.fr\SharingMetadata\ .........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\16\116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .........@hotmail.fr\SharingMetadata\ .........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\18\118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 804 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .........@hotmail.fr\SharingMetadata\ .........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\18\118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ..........@hotmail.fr\SharingMetadata\ .........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\21\121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5718 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ..........@hotmail.fr\SharingMetadata\ ..........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\21\121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 768 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .........@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\25\125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5250 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .......@hotmail.fr\SharingMetadata\ ..........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\25\125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 584 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .........@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\28\128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9336 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .......@hotmail.fr\SharingMetadata\ ........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\28\128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1072 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .......@hotmail.fr\SharingMetadata\ .......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\32\132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 4548 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ .........@hotmail.fr\SharingMetadata\ ......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\32\132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 544 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ........@hotmail.fr\SharingMetadata\ .........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\33\133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5556 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\ ......@hotmail.fr\SharingMetadata\..........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\33\133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 616 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.........@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\34\134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 750 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\34\134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\36\136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3342 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\36\136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 392 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\38\138-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v138-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v138-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\46\146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 732 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger........@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\46\146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 80 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\54\154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 678 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\54\154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\58\158-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v158-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\59\159-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v159-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\69\169-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v169-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.........@hotmail.fr\SharingMetadata........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\71\171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 714 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\71\171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\75\175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1776 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\............@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\75\175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 192 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\............@hotmail.fr\SharingMetadata\..........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\76\176-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v176-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v176-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...........@hotmail.fr\SharingMetadata\...........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\01\286-{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v286-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata..........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\11\285-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v11-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v285-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...........@hotmail.fr\SharingMetadata.........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\12\30-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v12-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v30-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1470 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\..........@hotmail.fr\SharingMetadata\..........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\12\30-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v12-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v30-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\..........@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\49\283-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v249-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v283-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\51\14-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v251-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 948 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\..........@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\51\14-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v251-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 112 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\52\15-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v252-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 840 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\52\15-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v252-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\..........@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\53\16-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v253-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1002 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\53\16-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v253-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 112 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\54\17-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v254-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 768 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\54\17-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v254-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.........@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\55\18-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v255-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1398 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger........@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\55\18-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v255-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\56\19-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v256-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 660 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\56\19-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v256-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.........@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\57\20-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v257-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1488 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger.....@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\57\20-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v257-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 168 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\58\21-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v258-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1164 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\58\21-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v258-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 136 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\59\22-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v259-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1128 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger.......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\59\22-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v259-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 128 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger......@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\60\23-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v260-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2118 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\60\23-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v260-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 240 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\..........@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\61\24-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v261-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 930 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\........@hotmail.fr\SharingMetadata.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\61\24-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v261-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 104 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger........@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\62\25-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v262-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1290 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\62\25-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v262-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\63\26-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v263-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1776 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger....@hotmail.fr\SharingMetadata......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\63\26-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v263-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\64\27-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v264-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1362 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\64\27-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v264-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\65\28-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v265-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 966 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\65\28-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v265-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 120 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{A7692323-C749-704F-8D91-F84A607CB8E6}\01\287-{A7692323-C749-704F-8D91-F84A607CB8E6}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v287-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 73


Remaining Services:
------------------


Rootkit huy32 Found, Use a Rootkit scanner !
Rootkit PE386 Found, Use a Rootkit scanner !
Rootkit lzx32 Found, Use a Rootkit scanner !
Rootkit msguard Found, Use a Rootkit scanner !
Rootkit runtime2 Found, Use a Rootkit scanner !
Rootkit xpdt Found, Use a Rootkit scanner !
Rootkit xpdx Found, Use a Rootkit scanner !
Rootkit symavc32 Found, Use a Rootkit scanner !
Rootkit ctl_w32 Found, Use a Rootkit scanner !

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\programme\\eMule\\eMule.exe"="D:\\programme\\eMule\\eMule.exe:*:Enabled:eMule"
"D:\\programme\\eMule\\emule\\eMule\\emule.exe"="D:\\programme\\eMule\\emule\\eMule\\emule.exe:*:Enabled:eMuleMorphXT"
"D:\\programme\\eMule\\emule\\eMule.exe"="D:\\programme\\eMule\\emule\\eMule.exe:*:Enabled:eMule"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------


Files with Hidden Attributes:

Sat 27 Oct 2007 374 ...H. --- "C:\Boot.BAK"
Sun 18 Mar 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT17.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT1A.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BIT1E.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT16.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT1B.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT18.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BIT1D.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT19.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BIT1C.tmp"

Finished!
ps: il y a un dossier ou fichier que sdfix n a pas pu ouvrir ( symbole bizzare)
20 Décembre 2007 13:18:10

et celui la il etait sur mon bureau ?? je te l envoi catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-20 12:53:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\PNP0F03\4&2c575acb&0\LogConf]
"BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..
"BootConfig"=hex(8):01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:fa,46,ba,93,b7,29,00,1d,7f,3a,e0,f4,e1,7c,b8,cb,70,2e,6d,17,f0,..
"p0"="F:\alcool120\Alcohol 120\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:6a,26,e9,c3,3e,08,d4,22,4d,09,af,16,18,9e,1c,29,73,3f,4d,39,fb,..
"p0"="D:\DAEMON TOOL PRO\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,1a,82,e0,2b,b9,f3,7c,01,ee,2b,91,27,2a,3c,98,c8,1c,..
"hdf12"=hex:54,e4,a2,46,6e,49,39,c7,f1,f0,40,11,97,61,48,3b,eb,89,da,95,24,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:28,a7,a7,44,24,21,f5,c9,15,57,07,1b,58,07,75,51,99,7d,9d,2c,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,bb,8c,8c,28,b0,56,bd,c8,f7,58,c9,82,dc,3f,6a,dc,ee,..
"hdf12"=hex:54,b7,a1,0a,e4,aa,92,ca,89,f7,e3,c1,bc,45,ba,70,bf,b8,37,03,17,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:75,2d,66,3f,01,e3,dc,d1,9c,d7,6a,83,85,8c,3d,d6,e0,37,5d,36,41,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000002
"khjeh"=hex:76,8e,17,61,4f,b0,d7,ae,05,3a,03,05,a9,31,6a,48,8f,c9,0f,37,63,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\ACPI\PNP0F03\4&2c575acb&0\LogConf]
"BasicConfigVector"=hex(a):48,00,00,00,0f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,..
"BootConfig"=hex(8):01,00,00,00,0f,00,00,00,00,00,00,00,01,00,01,00,01,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000001
"ujdew"=hex:fa,46,ba,93,b7,29,00,1d,7f,3a,e0,f4,e1,7c,b8,cb,70,2e,6d,17,f0,..
"p0"="F:\alcool120\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000000
"hdf12"=hex:6a,26,e9,c3,3e,08,d4,22,4d,09,af,16,18,9e,1c,29,73,3f,4d,39,fb,..
"p0"="D:\DAEMON TOOL PRO\DAEMON Tools Pro\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,1a,82,e0,2b,b9,f3,7c,01,ee,2b,91,27,2a,3c,98,c8,1c,..
"hdf12"=hex:54,e4,a2,46,6e,49,39,c7,f1,f0,40,11,97,61,48,3b,eb,89,da,95,24,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:28,a7,a7,44,24,21,f5,c9,15,57,07,1b,58,07,75,51,99,7d,9d,2c,e2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002]
"a0"=hex:20,01,00,00,bb,8c,8c,28,b0,56,bd,c8,f7,58,c9,82,dc,3f,6a,dc,ee,..
"hdf12"=hex:54,b7,a1,0a,e4,aa,92,ca,89,f7,e3,c1,bc,45,ba,70,bf,b8,37,03,17,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0]
"hdf12"=hex:75,2d,66,3f,01,e3,dc,d1,9c,d7,6a,83,85,8c,3d,d6,e0,37,5d,36,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000002
"khjeh"=hex:76,8e,17,61,4f,b0,d7,ae,05,3a,03,05,a9,31,6a,48,8f,c9,0f,37,63,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="927BEEA63B251CD6DAC71150130A64E5FA552070E34285CA964709BF7A011F6B9AF8DF990CCAB31A051DF8204C38D01D3F351BAE1097BF8F8CCA3FA17D4BD08AFD80DBE7CE88B024847844E8A65ECD39857E18B8F010500F090B409BD7389FB9719400DDC1C6F8DAC7AE91F3E6C816AE147A53F2767C64EACD690A4F41BEC8E5CD49ACF905C27B975FAAC03EB81867E2560BD07672032836BD5A6114D6AA8B718FC884709F8A272A806A78F6AABF84B2D9A155111D1E50F761654B72181AAAAFD9CFEF29F98371D2878021042D0AB06BD1C4EBC5129993AD6327942B6B7FEE6B6E301D3FE1E3D2497112E6FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D6794A2D97226D213B555A2D97226D213B5556B8E5C9D2EC03F5A4E4B8F736085DD2D738AB7817428AE8FCB1D6A7591FDC41A0C602690C58540117DBE4D38B634F07EA2C76D20B9504162AFCCD9FA295B7CF0C99311C9120BDC611E1F762BB357EB4C45795E444713B199FA1EE0372012397E9CE685AA96EDDD8F8511BA5D4545EB5A2BCE9FD0179D1297196A1B7C1ECBA2E7AFF9C41445EDA0A23B9D9DE24EF5A4B2D95819AA18458B8AACEB74213F54749ADE4FDF7089F116E7F9B2F5D4A4895CA2870D87BBAE7FD7DD8B42AFFE949A80443F52BE2A4081C5ED3223714F91406DBA2349FCF130E647C33DEFE276A1B32AD7164E9AB0B84A450A07220EF35401C4D04D48DCBE69BB3CB382DDF569DDD6688D5FF204F7391C45544F4AA0E79E55E67CD7AF609618602E674A57A9BEB5DEC960C7D4DC78FAEC85A81818D0D1156AE71DCD0394756F5B29DC3B0C0DE00ACDED8EB2ECDBACAA555A27206E19DFD393F2D1EB2F595617D74B562E0D87BEAEC6871BB5978C146812AEB5D911CB4167C5C6012000653E2A26495A31D3524AE91161CF9D954D33CA04FEF8EEAA8AAC529B3554912A3FAFB536E831863B7A7AF9995634E60AD0125AAF5DDFB948CDD80A5224B797C3C4B53F2006EB2283E34A0DEE561A447D1DBA1440ED99495B6104F9CB0EDC3FC5275D3D9F905A2F4E423849C566939D5E8DBE687FEA9A61B8656DFE0E0238C810E9B919140B94092420C6C3769E770C7A51B0BC5F219A7A9ACCDA6C43A10428E3E7DEB3FD0D7243F05B7D0BFC2BE15E086B286A76F117BE9DE094063AA33C0668CB676007C113A38326661F77CCB1181E32403EFAD24E10C33BE6886252A3402817EFE377E85A218E848EF22BD609EE3ACF1AF84CCBC47FF14DA39F538A3DE5901F9BFAC054EB6BAAD20B6E0132D0CCBC44D8D0E97CC4D4F1D99D6EC7BF54BCF58C8E5574ED3363523D71ED82DB32D16961236D7814578CF1F92F0B9B7875BB0CDA7313C92EDD1FE5455D4261E11E4FE74E26EB"

scanning hidden files ...

C:\WINDOWS\system32\config\OP_CACHE.ATR 24 bytes
C:\WINDOWS\system32\config\OP_CACHE.IDX 12 bytes
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\01\14-{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger.......@hotmail.fr\SharingMetadata\..........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\08\139-{B511A84C-8A46-4586-886A-7E3E60746911}-v108-{B511A84C-8A46-4586-886A-7E3E60746911}-v139-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 104 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\09\140-{B511A84C-8A46-4586-886A-7E3E60746911}-v109-{B511A84C-8A46-4586-886A-7E3E60746911}-v140-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\15\115-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v115-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v115-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\16\116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 930 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\16\116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger.....@hotmail.fr\SharingMetadata....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\18\118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 804 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\18\118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....5@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\21\121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5718 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\21\121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 768 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\25\125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5250 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger...@hotmail.fr\SharingMetadata...@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\25\125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v125-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 584 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\28\128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 9336 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\28\128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v128-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1072 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\....35@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\32\132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 4548 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger....@hotmail.fr\SharingMetadata....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\32\132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v132-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 544 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\33\133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5556 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\33\133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 616 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata.....5@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\34\134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 750 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\34\134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v134-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\36\136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3342 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\36\136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v136-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 392 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\38\138-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v138-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v138-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\46\146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 732 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\nazzareth@hotmail.fr\SharingMetadata\bleck35@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\46\146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v146-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 80 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\54\154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 678 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\........@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\54\154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\58\158-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v158-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v158-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\59\159-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v159-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v159-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\69\169-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v169-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v169-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\71\171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 714 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\71\171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v171-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\75\175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1776 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\75\175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v175-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 192 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{FE0E22B7-B819-9C16-69EE-F2AB6C9813DE}\76\176-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v176-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v176-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\01\286-{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v286-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\11\285-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v11-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v285-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\12\30-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v12-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v30-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1470 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\12\30-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v12-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v30-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\49\283-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v249-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v283-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\51\14-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v251-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 948 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\51\14-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v251-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 112 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\52\15-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v252-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 840 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\52\15-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v252-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\53\16-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v253-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1002 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\53\16-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v253-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 112 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\54\17-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v254-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 768 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\54\17-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v254-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\....3@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\55\18-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v255-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1398 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\55\18-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v255-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\......@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\56\19-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v256-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 660 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\56\19-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v256-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 72 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\57\20-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v257-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1488 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger...@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\57\20-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v257-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 168 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\58\21-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v258-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1164 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\58\21-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v258-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 136 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\59\22-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v259-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1128 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\59\22-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v259-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v22-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 128 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\60\23-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v260-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2118 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\60\23-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v260-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 240 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\61\24-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v261-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 930 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\...@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\61\24-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v261-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 104 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\62\25-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v262-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1290 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.......@hotmail.fr\SharingMetadata\......@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\62\25-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v262-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger...@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\63\26-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v263-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1776 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\...@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\63\26-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v263-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\64\27-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v264-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1362 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\64\27-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v264-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger.....@hotmail.fr\SharingMetadata\....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\65\28-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v265-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 966 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\....@hotmail.fr\SharingMetadata\.....@hotmail.fr\DFSR\Staging\CS{B4AA5B7A-3B6C-FE18-D973-3E16328C6F8E}\65\28-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v265-{D3136AF2-699B-412B-957E-F3F46971AB4C}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 120 bytes hidden from API
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\.....@hotmail.fr\SharingMetadata\.........6@hotmail.fr\DFSR\Staging\CS{A7692323-C749-704F-8D91-F84A607CB8E6}\01\287-{A7692323-C749-704F-8D91-F84A607CB8E6}-v1-{637BC4ED-8CC8-4F0B-9B05-4755DAAB5556}-v287-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 73

peut tu me dire qu est qu il ne va pas? merçi ps : hier j ai encore eu un reboot
20 Décembre 2007 22:28:53

Bonjour


Télécharge sur le bureau
Elistara
http://www.zonavirus.com/datos/descargas/78/elistara.as...
==> tout en bas de la page
=Double-clic sur Descargar ELISTRAT.EXE 14.XX (XX = numéro en cours )
=enregistrer sur le bureau
=Double-clic sur Elistrat
=Dans "Unidad" choisir son disque si pas fait ( le + souvent C:\ )
il est conseillé de se déconnecter d'internet et de désactiver l'antivirus le temps du scan
penser à le réactiver à la fin
=vérifier que Eliminar Ficheros Automaticamente est coché ( c'est fait par défaut)
=Clic Explorar
A la fin copier le rapport et le coller dans la réponse
=clic Salir
= Clic OK
= Un rapport est aussi dans C:_InfoSAT.txt.
21 Décembre 2007 17:57:14

bonjour chercheur, je poste
Fri Dec 21 17:44:09 2007
EliStartPage v15.31 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\ALCMTR.EXE --> Eliminado SpyRealtek
Eliminadas las Paginas de Inicio y de Busqueda del IE
Eliminados Ficheros Temporales del IE

Fri Dec 21 17:46:22 2007
EliStartPage v15.31 (c)2007 S.G.H. / Satinfo S.L.
--------------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Fichiers communs\BOONTY Shared\Service\BOONTY.EXE --> Eliminado, Boonty Games
C:\Program Files\Fichiers communs\Portrait Displays\Shared\PDISLIDER.OCX --> Eliminado, DollarRevenue (dldr)
C:\Program Files\Realtek\InstallShield\ALCMTR.EXE --> Eliminado, SpyRealtek
C:\WINDOWS\NIRCMD.EXE --> Eliminado, Tool-NirCmd

Nº Total de Directorios: 4270
Nº Total de Ficheros: 42535
Nº de Ficheros Analizados: 13003
Nº de Ficheros Infectados: 4
Nº de Ficheros Limpiados: 4 ps: j ai fait que pour le disque :C je ne l ai pas fait pour le disque: D et le disque :F je preferais te demander avant ; ah oui qu est ce que je fait de tout ce que j ai telecharger: clean ...ect , je les mets dans la corbeille? ou il faut les desinstallers ?
22 Décembre 2007 15:26:42

:hello:  chercheur , bon j ai fait ce que tu ma dit , je n ai pas pu enregistrer le rapport car il ne me le propose pas enfin , virus trouver 0 objets infecter 0 et objets suspects 0 voila pour kaspersky. par contre j ai des dossiers de sdfix dans windows sdfix first run et sdfix je peux les supprimer ou pas? je n ai plus de virus?
23 Décembre 2007 19:28:16

bonsoir chercheur et merçi du coup de main joyeux Noel .
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS