Se connecter / S'enregistrer
Votre question

virus detecter par kaspersky

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Décembre 2007 18:04:33

bonjour
j'ai 1 virus voila mon raport si vous pouvez m'aider :( 



Logfile of HijackThis v1.99.1
Scan saved at 18:04:40, on 05/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe
C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\svehost.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{E4C7A3C0-669B-43EB-A4AB-2E9D450CA9E3}\setup.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Documents and Settings\HP_Administrateur\Mes documents\hijackthis\HijackThis test.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [Microsoft Updates] svehost.exe
O4 - HKLM\..\RunServices: [Microsoft Updates] svehost.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe

Autres pages sur : virus detecter kaspersky

a b 8 Sécurité
5 Décembre 2007 19:14:26

Bonjour,

L'emplacement ?
5 Décembre 2007 19:18:29

bonjourmerci de ton aide mais desoler je conais pas l'enplacement c'etais sur le scan en ligne mais mon ordinateure est tres lent est je pense que c'est a cause du crack
Contenus similaires
a b 8 Sécurité
5 Décembre 2007 19:41:28

Refais le scan en ligne puis poste le rapport.
5 Décembre 2007 19:48:40

voila



Wednesday, December 05, 2007 7:48:05 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 5/12/2007
Enregistrements dans la base antivirus Kaspersky : 443270


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Statistiques de l'analyse
Total d'objets analysés 58301
Nombre de virus trouvés 1
Nombre d'objets infectés 1 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:27:24

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.68.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.68.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010025.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010026.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010027.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002B.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010030.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010031.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy66.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_aa4.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\Working\database_565C_D4EA_5CD4_C641\dfsr.db L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\Working\database_565C_D4EA_5CD4_C641\fsr.log L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\Working\database_565C_D4EA_5CD4_C641\fsrtmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\Working\database_565C_D4EA_5CD4_C641\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows Live Contacts\bellegarde30@hotmail.fr\real\members.stg L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Windows Live Contacts\bellegarde30@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Historique\History.IE5\MSHist012007120520071206\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\gun2.exe Infecté : Backdoor.Win32.Rbot.esi ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\~DF897.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\~DF8E8.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\~DFEC84.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\~DFEC92.tmp
a b 8 Sécurité
5 Décembre 2007 19:55:07

Supprime ce fichier :
C:\Documents and Settings\HP_Administrateur\Local Settings\Temp\gun2.exe
5 Décembre 2007 19:58:03

je le trouve pas
5 Décembre 2007 20:10:22

voila je les suprimer
a b 8 Sécurité
6 Décembre 2007 18:20:13

On va faire une vérifocation.

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
    6 Décembre 2007 19:00:21

    SDFix: Version 1.117

    Run by HP_Administrateur on 06/12/2007 at 18:35

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:


    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...


    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\WINDOWS\system32\svehost.exe - Deleted




    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-06 18:48:49
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ESENT]
    "EventMessageFile"=str(2):"C:\WINDOWS\system32\esent.dll"
    "CategoryMessageFile"=str(2):"C:\WINDOWS\system32\esent.dll"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:ae,11,82,9c,a8,c0,0f,6e,12,48,44,47,30,bb,21,fa,9c,6c,ed,51,ed,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "h0"=dword:00000000
    "khjeh"=hex:ae,11,82,9c,a8,c0,0f,6e,12,48,44,47,30,bb,21,fa,9c,6c,ed,51,ed,..

    scanning hidden registry entries ...

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B60B79F5-94F2-9446-CB5D-6E796A502FF0}]
    "papblhljmocaednakaincbnnbeodlhdn"=hex:6a,61,6e,6d,67,63,69,6e,63,67,63,6e,6e,70,63,69,6b,61,67,62,00,..
    "oafbbnnomjfpkhlgabombkacnnnbfl"=hex:6b,61,63,6c,66,6d,6d,6c,68,64,6d,69,66,61,6c,66,62,64,61,62,63,..

    scanning hidden files ...

    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\chamakh-30@hotmail.fr\DFSR\Staging\CS{582C92B4-978D-3C27-FD95-F33CF7B72179}\01\24-{582C92B4-978D-3C27-FD95-F33CF7B72179}-v1-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v24-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\entos@hotmail.fr\DFSR\Staging\CS{EFC15607-8FB1-1E15-D806-8E4DAF228ED7}\01\23-{EFC15607-8FB1-1E15-D806-8E4DAF228ED7}-v1-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v23-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\01\16-{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}-v1-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\20\11-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v20-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1416 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\20\11-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v20-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\21\12-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v21-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1632 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\21\12-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v21-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\22\13-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v22-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 660 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\22\13-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v22-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 80 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\23\14-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v23-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 732 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\23\14-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v23-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 80 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\24\15-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v24-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3126 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\24\15-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v24-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v15-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 320 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\25\16-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v25-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2208 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\25\16-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v25-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 264 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\26\17-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v26-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3756 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\26\17-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v26-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 408 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\27\18-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v27-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 822 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\27\18-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v27-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\29\20-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v29-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1308 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\bellegarde30@hotmail.fr\SharingMetadata\matrix_2532@hotmail.com\DFSR\Staging\CS{9CDAAD6C-03AC-14CC-51B0-EA225EAA8E6B}\29\20-{201EBD95-70AB-4C85-9CA3-2B77BD784E36}-v29-{1C7BADED-4581-43C6-9659-82EC056FC6F4}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 144 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\anwar69latrik@hotmail.fr\DFSR\Staging\CS{C313FEA7-590C-4D69-B8A5-0EF777A8D2AD}\01\70-{C313FEA7-590C-4D69-B8A5-0EF777A8D2AD}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v70-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\barcatvt@hotmail.fr\DFSR\Staging\CS{85621ED1-3D94-44FA-C7E3-2E06767B9742}\01\10-{85621ED1-3D94-44FA-C7E3-2E06767B9742}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\chamakh-30@hotmail.fr\DFSR\Staging\CS{97D951FA-42EF-03DE-80A0-358182970107}\01\17-{97D951FA-42EF-03DE-80A0-358182970107}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\01\104-{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v104-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\01\901-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v901-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v901-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\33\118-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v933-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1380 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\33\118-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v933-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v118-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\35\119-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v935-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v119-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1362 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\35\119-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v935-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v119-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\36\936-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v936-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v936-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\38\938-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v938-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v938-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 256 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\40\131-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v940-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v131-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1884 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\40\131-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v940-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v131-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 296 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\42\121-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v942-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1308 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\42\121-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v942-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v121-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\43\943-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v943-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v943-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\83\106-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v883-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1380 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\83\106-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v883-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v106-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\86\107-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v886-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1362 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\86\107-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v886-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v107-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\87\887-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v887-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v887-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 200 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\91\891-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v891-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v891-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 256 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\95\116-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v895-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1884 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\95\116-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v895-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v116-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 296 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\99\113-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v899-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1308 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\frangin_elg@hotmail.fr\DFSR\Staging\CS{5FCDAA4A-48E5-B7FE-3A30-457F7F69EF25}\99\113-{E626EBB5-C33F-4F4A-AEB4-F354FF5BC134}-v899-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v113-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\01\37-{D756B622-3C20-27A6-93AB-596985A069C6}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v37-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\17\49-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v17-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 156 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\17\49-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v17-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\18\28-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v18-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1506 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\18\28-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v18-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 184 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\19\29-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v19-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v29-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 80 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\20\42-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v20-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3144 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\20\42-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v20-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 360 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\21\43-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v21-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2280 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\21\43-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v21-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 272 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\22\44-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v22-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 3810 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\22\44-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v22-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v44-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 416 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\23\45-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v23-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v45-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1686 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\23\45-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v23-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v45-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 304 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\26\32-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v26-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v32-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 660 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\jeff-du-19@hotmail.fr\DFSR\Staging\CS{D756B622-3C20-27A6-93AB-596985A069C6}\26\32-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v26-{B07A43D0-D229-476A-9B89-5D90056B2A8F}-v32-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\julienperraud@msn.com\DFSR\Staging\CS{9E1DE59B-8EE0-BFF0-3C72-CBD0DD6636BB}\01\18-{9E1DE59B-8EE0-BFF0-3C72-CBD0DD6636BB}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\julienperraud@msn.com\DFSR\Staging\CS{9E1DE59B-8EE0-BFF0-3C72-CBD0DD6636BB}\44\49-{E0AB10C3-EEF1-4382-A726-3018B996AE02}-v44-{E0AB10C3-EEF1-4382-A726-3018B996AE02}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\julienperraud@msn.com\DFSR\Staging\CS{9E1DE59B-8EE0-BFF0-3C72-CBD0DD6636BB}\45\48-{E0AB10C3-EEF1-4382-A726-3018B996AE02}-v45-{E0AB10C3-EEF1-4382-A726-3018B996AE02}-v48-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\01\21-{D834ED28-4679-AD9F-FAA9-4EA228F6E805}-v1-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v21-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\02\102-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v102-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1704 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\02\102-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v102-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v102-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 256 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\21\28-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v21-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 50700 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\21\28-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v21-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v28-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5632 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\22\25-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v22-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 4782 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\22\25-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v22-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v25-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 512 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\23\26-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v23-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 822 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\23\26-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v23-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v26-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 96 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\24\27-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v24-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 12126 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\24\27-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v24-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 1360 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\29\38-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v29-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v38-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\30\39-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v30-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v39-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\33\42-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v33-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v42-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 256 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\37\36-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v37-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v36-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 2892 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\37\36-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v37-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v36-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 384 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\48\76-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v48-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v76-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 5610 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\48\76-{A41FC245-5834-4D8B-BB53-BD32A94BCD9A}-v48-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v76-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 600 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\94\94-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v94-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v94-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\95\95-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v95-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v95-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\96\96-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v96-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v96-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\97\97-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v97-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v97-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\98\98-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v98-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 1254 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\98\98-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v98-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v98-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 152 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\99\99-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v99-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v99-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 714 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\cjcode187@hotmail.fr\SharingMetadata\only_kekette@hotmail.fr\DFSR\Staging\CS{D834ED28-4679-AD9F-FAA9-4EA228F6E805}\99\99-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v99-{3DA51711-C19D-42F6-BAFC-1C02C9B80F96}-v99-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 88 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\01\11-{13971AE0-DDC0-5181-1263-F392A3ED39D3}-v1-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\11\12-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v11-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 32682 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\11\12-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v11-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3648 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\13\13-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v13-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 64272 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\13\13-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v13-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 7160 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\16-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 63516 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\16-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4422 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\16-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 7056 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\18-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 63516 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\18-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4422 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\15\18-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v15-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 7056 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\17\20-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v17-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 63084 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\17\20-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v17-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2 4512 bytes hidden from API
    C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Microsoft\Messenger\sosso_30@hotmail.fr\SharingMetadata\kital82@hotmail.com\DFSR\Staging\CS{13971AE0-DDC0-5181-1263-F392A3ED39D3}\17\20-{60D757B8-4718-4DA7-9094-9C2166FBDB6C}-v17-{E199051D-B76B-4BA4-AA71-27836772DDEF}-v20-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 7024 bytes hidden from API

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 106


    Remaining Services:
    ------------------



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL France"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:D isabled:Windows© NetMeeting©"
    "C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"
    "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
    "C:\\Program Files\\lphant\\eLePhantClient.exe"="C:\\Program Files\\lphant\\eLePhantClient.exe:*:Enabled:lphant Client"
    "C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:D isabled:LimeWire swarmed installer"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\Tvants\\Tvants.exe"="C:\\Program Files\\Tvants\\Tvants.exe:*:Enabled:TVAnts"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\\Documents and Settings\\HP_Administrateur\\Mes documents\\utorrent.exe"="C:\\Documents and Settings\\HP_Administrateur\\Mes documents\\utorrent.exe:*:Enabled:æTorrent"
    "C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
    "C:\\Documents and Settings\\HP_Administrateur\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\HP_Administrateur\\Application Data\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\\Program Files\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\ppmate.exe:*:Enabled:p PMate"
    "C:\\Program Files\\PPMate\\ppamnet.exe"="C:\\Program Files\\PPMate\\ppamnet.exe:*:Enabled:p PMate"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
    "C:\\Program Files\\KiSS Technology\\KiSS PC-Link\\KiSS PC-Link.exe"="C:\\Program Files\\KiSS Technology\\KiSS PC-Link\\KiSS PC-Link.exe:*:Enabled:Server Application For KiSS PC-LINK"
    "C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:p ando"
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\\Program Files\\Counter-Strike 1.6\\hl.exe"="C:\\Program Files\\Counter-Strike 1.6\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
    "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"
    "C:\\Documents and Settings\\HP_Administrateur\\Local Settings\\Temp\\PES2008.exe"="C:\\Documents and Settings\\HP_Administrateur\\Local Settings\\Temp\\PES2008.exe:*:Enabled:p ro Evolution Soccer 2008"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    Remaining Files:
    ---------------

    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Tue 30 Jan 2007 211 A.SHR --- "C:\BOOT.BAK"
    Sat 10 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Fichiers communs\Motorola Shared\MotPCSDrivers\difxapi.dll"
    Wed 19 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\778fd2fc3fe6b905e366b5ddbba384c8\BIT1.tmp"

    Finished!
    a b 8 Sécurité
    6 Décembre 2007 21:14:13

    Reposte un rapport Hijackthis.
    6 Décembre 2007 21:31:41

    Logfile of HijackThis v1.99.1
    Scan saved at 11:43:18, on 07/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\HP\KBD\KBD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\HP_Administrateur\Mes documents\hijackthis\HijackThis test.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe

    7 Décembre 2007 15:46:35

    AntiVir PersonalEdition Classic
    Report file date: vendredi 7 décembre 2007 14:35

    Scanning for 963427 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number:
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: HP_Administrateur
    Computer name:

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
    ANTIVIR2.VDF : 7.0.1.30 1575424 Bytes 30/11/2007 12:42:40
    ANTIVIR3.VDF : 7.0.1.59 110592 Bytes 07/12/2007 12:42:40
    AVEWIN32.DLL : 7.6.0.40 3064320 Bytes 07/12/2007 12:42:42
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

    Configuration settings for the scan:
    Jobname..........................: Local Drives
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: E:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: vendredi 7 décembre 2007 14:35

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
    Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
    Scan process 'kbd.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
    Scan process 'lxcgcoms.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'ezprint.exe' - '1' Module(s) have been scanned
    Scan process 'lxcgmon.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
    Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
    Scan process 'arpwrmsg.exe' - '1' Module(s) have been scanned
    Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'HPBootOp.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
    Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'dllhost.exe' - '1' Module(s) have been scanned
    Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
    Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'ehSched.exe' - '1' Module(s) have been scanned
    Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
    Scan process 'arservice.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    51 processes with 51 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!
    Boot sector 'F:\'
    [NOTE] In the drive 'F:\' no data medium is inserted!
    Boot sector 'G:\'
    [NOTE] In the drive 'G:\' no data medium is inserted!
    Boot sector 'H:\'
    [NOTE] In the drive 'H:\' no data medium is inserted!
    Boot sector 'I:\'
    [NOTE] In the drive 'I:\' no data medium is inserted!

    Starting to scan the registry.
    The registry was scanned ( '46' files ).


    Starting the file scan:

    Begin scan in 'C:\' <HP_PAVILION>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\HP_Administrateur\Local Settings\Temporary Internet Files\Content.IE5\IBDYFOVU\ad2[1].htm
    [DETECTION] Contains suspicious code HEUR/Exploit.HTML
    [INFO] The file was moved to '478b4ea6.qua'!
    C:\SDFix\backups\backups.zip
    [0] Archive type: ZIP
    --> backups/svehost.exe
    [DETECTION] Contains detection pattern of the worm WORM/Rbot.937984.24
    [INFO] The file was moved to '47bc5494.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <HP_RECOVERY>
    Begin scan in 'F:\'
    Search path F:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'G:\'
    Search path G:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'H:\'
    Search path H:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'I:\'
    Search path I:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'E:\'
    Search path E:\ could not be opened!
    Le périphérique n'est pas prêt.



    End of the scan: vendredi 7 décembre 2007 15:31
    Used time: 56:41 min

    The scan has been done completely.

    9520 Scanning directories
    532528 Files were scanned
    1 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    2 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    532527 Files not concerned
    16679 Archives were scanned
    3 Warnings
    0 Notes
    a b 8 Sécurité
    7 Décembre 2007 17:47:26

    Reposte un rapport Hijackthis.
    7 Décembre 2007 17:51:25

    Logfile of HijackThis v1.99.1
    Scan saved at 17:51:51, on 07/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\EA Sports\EA SPORTS online\SportsWrapper.exe
    C:\Program Files\EA Sports\EA SPORTS online\SportsWrapper.exe
    C:\Program Files\EA Sports\EA SPORTS online\ATLJabber.exe
    C:\Program Files\EA Sports\EA SPORTS online\SportsWrapper.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\HP_Administrateur\Mes documents\hijackthis\HijackThis test.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe

    a b 8 Sécurité
    8 Décembre 2007 10:44:49

    C'est mieux ?
    8 Décembre 2007 10:47:25

    oui il est moin lent mais je fais quoi des virus qui sont en quarentaine
    a b 8 Sécurité
    8 Décembre 2007 10:56:03

    Tu peux les supprimer si tu veux.
    8 Décembre 2007 11:29:49

    ok donc mon ordi est clean
    a b 8 Sécurité
    8 Décembre 2007 11:34:13

    Je pense oui.
    8 Décembre 2007 22:04:48

    re
    merci pour l'aide mais j'ai encore des probleme deja la je me suis encore fais infecter lol est maintenant j'ai un truc bizare qui ma dit pour proteger votre ordinateure windows va fermer inter explorer.
    a b 8 Sécurité
    8 Décembre 2007 22:09:28

    Un screen ?
    8 Décembre 2007 22:32:09

    desoler j'ai oublier de faire 1 screen mais si tu ve je pe te donner le lien du site qui ma infecter c'etais soit disant un site pour regarder les matches de foot.
    la je suis entrain de faire 1 scan antivir
    a b 8 Sécurité
    9 Décembre 2007 17:43:37

    Je veux un screen :) 
    9 Décembre 2007 18:09:55

    ba c'est bon j'ai plus le truc qui me ferme internet explorer est j'ai fais 1 scan antivir j'ai pas d'infection donc je crois que ces bon ?
    a b 8 Sécurité
    15 Décembre 2007 12:56:11

    Tu a fait une recherche sur le problème sur Internet ?
    15 Décembre 2007 12:57:16

    non mais ta l'heure j'ai telecharger 1 fichier avec 11infection mais je les pas ouvert.
    a b 8 Sécurité
    15 Décembre 2007 13:08:23

    C'est quoi le rapport avec ma question ?
    Arrête de télécharger n'importe quoi aussi...
    16 Décembre 2007 20:56:59

    cayes deja j'ai plus le message est je pense plus etre infecté si tu peus me confirmer sa :sweat: 

    Logfile of HijackThis v1.99.1
    Scan saved at 20:58:16, on 16/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcgPSWX.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\HP\KBD\KBD.EXE
    c:\windows\system\hpsysdrv.exe
    C:\Program Files\Thoosje Sidebar V2.0\Thoosje Sidebar .exe
    C:\Documents and Settings\HP_Administrateur\Mes documents\8713-TrueTransparency\TrueTransparency\TrueTransparency.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\HP_Administrateur\Mes documents\hijackthis\HijackThis test.exe.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe

    a b 8 Sécurité
    16 Décembre 2007 21:51:33

    C'est ok.
    16 Décembre 2007 21:52:39

    ok merci pour ton aide
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS