sahinwila
-
Compteur de contenus
54 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par sahinwila
-
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, Voici ce que j'ai fait : - réactivé la restauration - téléchargé CCLEANER et exécuté le "Nettoyeur" avec les options cochées par défaut - nettoyé les fichiers trouvés - désactivé l'antivirus - scan Kaspersky en ligne (choix poste de travail puis sauvé le rapport) - réactivé l'antivirus Et voici le résultat : ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Saturday, October 11, 2008 5:33:22 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.84.2 Dernière mise à jour de la base antivirus Kaspersky : 10/10/2008 Enregistrements dans la base antivirus Kaspersky : 1166183 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: C:\ D:\ Statistiques de l'analyse: Total d'objets analysés: 155820 Nombre de virus trouvés: 4 Nombre d'objets infectés: 20 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 07:26:56 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\sentinel\2.1\gwhashs.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Application Data\Acronis\TrueImageHome\Logs\7CC0726B-F071-4717-8A91-C6E5E6C06091.log L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Application Data\Calendrier Xtra\Jours.edb L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/avira.exe Infecté : Backdoor.Win32.Poison.cpb ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe RAR: infecté - 7 ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe Rsrc-Package: infecté - 2 ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe Rsrc-Package: infecté - 2 ignoré C:\Documents and Settings\Myriam1\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Historique\History.IE5\MSHist012008101120081012\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\Perflib_Perfdata_555c.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\Perflib_Perfdata_6f4.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\Perflib_Perfdata_bac.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\~DFBD5E.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\ntuser.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\films convertis\ashampoo burning studio SERIAL Multilang\Asampoo burning\ashampoo_burningstudio802_sm.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\films convertis\ashampoo burning studio SERIAL Multilang\Asampoo burning\ashampoo_burningstudio802_sm.exe NSIS: infecté - 1 ignoré C:\films convertis\ashb802\Asampoo burning\ashampoo_burningstudio802_sm.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\films convertis\ashb802\Asampoo burning\ashampoo_burningstudio802_sm.exe NSIS: infecté - 1 ignoré C:\films convertis\Super_Jeux_de_Letters_2.iso/AUTORUN.EXE Infecté : Backdoor.Win32.VB.sl ignoré C:\films convertis\Super_Jeux_de_Letters_2.iso ISOimage: infecté - 1 ignoré C:\Program Files\Miramar\PC MACLAN\APPLS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\APPLS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\COMMENTS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\COMMENTS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\DISKDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\DISKDB.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\FLDIRDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\FLDIRDB.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\GRPMEMS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\GRPMEMS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\ICONS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\ICONS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\USERGRP.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\USERGRP.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\VOLDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\VOLDB.idx L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\4c2b889e4a32a5cb8b7f8c7474bdfc59PSK_NAMES L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\4c2b889e4a32a5cb8b7f8c7474bdfc59PSK_NAMES2 L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\MshConf\scoffset.bin.incr L'objet est verrouillé ignoré C:\RECYCLER\NPROTECT\NPROTECT.LOG L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1843\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\pfirewall.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\slpd.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edbtmp.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\FAHlog.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\temp\Perflib_Perfdata_4c8.dat L'objet est verrouillé ignoré C:\WINDOWS\temp\Perflib_Perfdata_630.dat L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré Analyse terminée. Merci d'avance. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Voilà, j'ai effectué le nettoyage comme tu me l'as indiqué. J'ai supprimé le répertoire : C:\Documents and Settings\Myriam1\films convertis\ il ne me sert à rien J'ai supprimé les cookies également. Je n'ai pas réactivé la restauration du système. Merci. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir. Le voici : ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Tuesday, October 07, 2008 11:24:42 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.84.2 Dernière mise à jour de la base antivirus Kaspersky : 7/10/2008 Enregistrements dans la base antivirus Kaspersky : 1159766 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: C:\ D:\ Statistiques de l'analyse: Total d'objets analysés: 165524 Nombre de virus trouvés: 8 Nombre d'objets infectés: 57 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 07:59:51 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\sentinel\2.1\gwhashs.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Application Data\Acronis\TrueImageHome\Logs\7CC0726B-F071-4717-8A91-C6E5E6C06091.log L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Application Data\Calendrier Xtra\Jours.edb L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/premium.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/security.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe/avira.exe Infecté : Backdoor.Win32.Poison.cpb ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\Avira Antivir Premium Security Suite Incl RegPatch.exe RAR: infecté - 7 ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\premium.exe Rsrc-Package: infecté - 2 ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe/data0000.cab/file.exe Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe/data0000.cab Infecté : Trojan-Downloader.Win32.Injecter.ahh ignoré C:\Documents and Settings\Myriam1\Bureau\Alert virus !\Avira Antivir Premium Security Suite Incl RegPatch (2)\security.exe Rsrc-Package: infecté - 2 ignoré C:\Documents and Settings\Myriam1\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\films convertis\Magic Video Converter 8.0.10.25 serial incl\MagicVideoConverter.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.afqj ignoré C:\Documents and Settings\Myriam1\films convertis\Magic Video Converter 8.0.10.25 serial incl\MagicVideoConverter.exe NSIS: infecté - 1 ignoré C:\Documents and Settings\Myriam1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Historique\History.IE5\MSHist012008100720081008\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\Perflib_Perfdata_bac.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temp\~DFBD5E.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\ntuser.dat L'objet est verrouillé ignoré C:\Documents and Settings\Myriam1\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\films convertis\ashampoo burning studio SERIAL Multilang\Asampoo burning\ashampoo_burningstudio802_sm.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\films convertis\ashampoo burning studio SERIAL Multilang\Asampoo burning\ashampoo_burningstudio802_sm.exe NSIS: infecté - 1 ignoré C:\films convertis\ashb802\Asampoo burning\ashampoo_burningstudio802_sm.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\films convertis\ashb802\Asampoo burning\ashampoo_burningstudio802_sm.exe NSIS: infecté - 1 ignoré C:\films convertis\Super_Jeux_de_Letters_2.iso/AUTORUN.EXE Infecté : Backdoor.Win32.VB.sl ignoré C:\films convertis\Super_Jeux_de_Letters_2.iso ISOimage: infecté - 1 ignoré C:\Program Files\Miramar\PC MACLAN\APPLS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\APPLS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\COMMENTS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\COMMENTS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\DISKDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\DISKDB.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\FLDIRDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\FLDIRDB.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\GRPMEMS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\GRPMEMS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\ICONS.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\ICONS.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\USERGRP.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\USERGRP.idx L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\VOLDB.dat L'objet est verrouillé ignoré C:\Program Files\Miramar\PC MACLAN\VOLDB.idx L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\4c2b889e4a32a5cb8b7f8c7474bdfc59PSK_NAMES L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\4c2b889e4a32a5cb8b7f8c7474bdfc59PSK_NAMES2 L'objet est verrouillé ignoré C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\MshConf\scoffset.bin.incr L'objet est verrouillé ignoré C:\RECYCLER\NPROTECT\NPROTECT.LOG L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1803\A0382158.dll Infecté : Hoax.Win32.Renos.ebd ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1809\A0388700.exe Infecté : Trojan.Win32.Delf.eun ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1820\A0396209.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1820\A0396209.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1820\A0396210.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1820\A0396210.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1824\A0399825.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1824\A0399825.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1824\A0399826.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1824\A0399826.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1828\A0399981.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1828\A0399981.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1828\A0399982.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1828\A0399982.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1832\A0402057.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1832\A0402057.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1832\A0402058.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1832\A0402058.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402207.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402207.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402208.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402208.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402377.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402377.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402378.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1834\A0402378.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402432.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402432.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402433.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402433.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402460.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402460.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402461.exe/data0003 Infecté : Trojan-Downloader.Win32.Agent.xdp ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402461.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\A0402462.exe Infecté : Trojan.Win32.Small.xvg ignoré C:\System Volume Information\_restore{3E9F775D-BFE5-486E-A686-4DD342BF5E2A}\RP1835\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\pfirewall.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\slpd.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edbtmp.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\FAHlog.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\temp\Perflib_Perfdata_4c8.dat L'objet est verrouillé ignoré C:\WINDOWS\temp\Perflib_Perfdata_630.dat L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré Analyse terminée. Merci d'avance. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Voici les dernières nouvelles : Hijackthis : la ligne 024 réapparaît toujours malgré sa suppression. Rapport du scan Kaspersky en ligne: Statistiques de l'analyse: Total d'objets analysés: 165524 Nombre de virus trouvés: 8 Nombre d'objets infectés: 57 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 07:59:51 Les objets infectés sont marqués "verrouillé ignoré". Les objets atteints par un virus sont marqués "ignoré". -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Voici le rapport Hijackthis après reboot de mon pc : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:15:17, on 7/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\windows\Explorer.EXE c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\Program Files\Panda Security\Panda Internet Security 2008\ApvxdWin.exe C:\windows\system32\wscntfy.exe C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\windows\System32\svchost.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {F503FB99-B802-4E95-A767-959739D786B1} - (no file) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\ashampoo\Ashampoo UnInstaller Platinum 2\UIWatcher.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll hduywz.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 15978 bytes Encore merci pour ton aide. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Voila, j'ai lancé ce programme comme tu m'as dit, le pc a redémarré sans problème, j'ai supprimé le répertoire "killbox" et vidé la poubelle. Merci pour ton aide, j'attends la suite . Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
J'ai ajouté le rapport d'un troisième fichier que je trouvais suspect. PS : j'ai demandé "réanalysé" pour les 3 fichiers. Fichier wintos.exe reçu le 2008.10.04 13:22:18 (CET)Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 Misc/PUP GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 potentially unwanted program Generic PUP Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1675.1 2008.09.27 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 170496 bytes MD5...: a7ccd848a86435c5f4192361e0ebd4d8 SHA1..: f72c3d80e2d55e339a9edf57cb0fd41a61e21c32 SHA256: f1d28a39d4f7ede7ea4697c8fe541f692f802451ec195293367d42b41f272e31 SHA512: 07dcca02aa37f779396d2896839548ada9882c65469a50efb590a85ad2909f54<BR>995a7a8fc2607d46f86f28399b 13212420745a85fa032249b25e34e88535c1b6 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x23e98 0x24000 7.79 4cbcfa1bff44a590dba35e642cd3b6bf<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E500F5CF036F Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 Misc/PUP GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 potentially unwanted program Generic PUP Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1675.1 2008.09.27 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 170496 bytes MD5...: a7ccd848a86435c5f4192361e0ebd4d8 SHA1..: f72c3d80e2d55e339a9edf57cb0fd41a61e21c32 SHA256: f1d28a39d4f7ede7ea4697c8fe541f692f802451ec195293367d42b41f272e31 SHA512: 07dcca02aa37f779396d2896839548ada9882c65469a50efb590a85ad2909f54<BR>995a7a8fc2607d46f86f28399b 13212420745a85fa032249b25e34e88535c1b6 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x23e98 0x24000 7.79 4cbcfa1bff44a590dba35e642cd3b6bf<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E500F5CF036F ---------------------------------------------------------------------------------------------------------------------------------------- Fichier wint.exe reçu le 2008.10.04 13:39:14 (CET)Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 - GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 - Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1675.1 2008.09.27 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 171008 bytes MD5...: be12ea9eead467702fdae683525c6025 SHA1..: b049349e49f1ad7f0806fda2cc66f90a1d8a3279 SHA256: 729cb14b4a8400b0e538c7bda08f3d6650f285e96f8fabd00febb8330297a524 SHA512: 6ff298ab746febfe4bdb00dc3d361cc2e934cd55968f92f8a9257e95a8ca2c1d<BR>fe9d77924a9aba87f929ad88e34e6 443fc46b1adf0baa0b009b90d577a76edb2 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x241e8 0x24200 7.79 58cd846e48e7014bbd884a9ad58e2b76<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E5001E98303D Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 - GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 - Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1675.1 2008.09.27 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 171008 bytes MD5...: be12ea9eead467702fdae683525c6025 SHA1..: b049349e49f1ad7f0806fda2cc66f90a1d8a3279 SHA256: 729cb14b4a8400b0e538c7bda08f3d6650f285e96f8fabd00febb8330297a524 SHA512: 6ff298ab746febfe4bdb00dc3d361cc2e934cd55968f92f8a9257e95a8ca2c1d<BR>fe9d77924a9aba87f929ad88e34e6 443fc46b1adf0baa0b009b90d577a76edb2 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x241e8 0x24200 7.79 58cd846e48e7014bbd884a9ad58e2b76<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E5001E98303D ---------------------------------------------------------------------------------------------------------------------------------------- Ce fichier se trouve sur c:\ Fichier taa332.exe reçu le 2008.10.04 13:43:15 (CET)Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 - GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 - Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1668.1 2008.09.24 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 171008 bytes MD5...: be12ea9eead467702fdae683525c6025 SHA1..: b049349e49f1ad7f0806fda2cc66f90a1d8a3279 SHA256: 729cb14b4a8400b0e538c7bda08f3d6650f285e96f8fabd00febb8330297a524 SHA512: 6ff298ab746febfe4bdb00dc3d361cc2e934cd55968f92f8a9257e95a8ca2c1d<BR>fe9d77924a9aba87f929ad88e34e6 443fc46b1adf0baa0b009b90d577a76edb2 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x241e8 0x24200 7.79 58cd846e48e7014bbd884a9ad58e2b76<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E5001E98303D Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.10.3.2 2008.10.03 - AntiVir 7.8.1.34 2008.10.03 DR/Delphi.Gen Authentium 5.1.0.4 2008.10.04 - Avast 4.8.1248.0 2008.10.04 Win32:Trojan-gen {Other} AVG 8.0.0.161 2008.10.03 Dropper.Generic.ABCY BitDefender 7.2 2008.10.04 - CAT-QuickHeal 9.50 2008.10.04 - ClamAV 0.93.1 2008.10.04 - DrWeb 4.44.0.09170 2008.10.04 - eSafe 7.0.17.0 2008.10.02 - eTrust-Vet 31.6.6127 2008.10.03 Win32/Slenfbot!generic Ewido 4.0 2008.10.04 - F-Prot 4.4.4.56 2008.10.03 - F-Secure 8.0.14332.0 2008.10.04 - Fortinet 3.113.0.0 2008.10.04 - GData 19 2008.10.04 Win32:Trojan-gen {Other} Ikarus T3.1.1.34.0 2008.10.04 VirTool.Win32.DelfInject.AF K7AntiVirus 7.10.483 2008.10.03 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2008.10.04 - McAfee 5398 2008.10.04 - Microsoft 1.4005 2008.10.04 VirTool:Win32/DelfInject.gen!AF NOD32 3494 2008.10.03 a variant of Win32/Injector.CR Norman 5.80.02 2008.10.03 - Panda 9.0.0.4 2008.10.04 - PCTools 4.4.2.0 2008.10.03 - Prevx1 V2 2008.10.04 Malware Downloader Rising 20.63.62.00 2008.09.28 - SecureWeb-Gateway 6.7.6 2008.10.04 Trojan.Dropper.Delphi.Gen Sophos 4.34.0 2008.10.04 - Sunbelt 3.1.1668.1 2008.09.24 - Symantec 10 2008.10.04 - TheHacker 6.3.1.0.100 2008.10.03 - TrendMicro 8.700.0.1004 2008.10.03 - VBA32 3.12.8.6 2008.10.03 Worm.Win32.Socks.ahs ViRobot 2008.10.4.1406 2008.10.04 - VirusBuster 4.5.11.0 2008.10.03 Packed/newStub Information additionnelle File size: 171008 bytes MD5...: be12ea9eead467702fdae683525c6025 SHA1..: b049349e49f1ad7f0806fda2cc66f90a1d8a3279 SHA256: 729cb14b4a8400b0e538c7bda08f3d6650f285e96f8fabd00febb8330297a524 SHA512: 6ff298ab746febfe4bdb00dc3d361cc2e934cd55968f92f8a9257e95a8ca2c1d<BR>fe9d77924a9aba87f929ad88e34e6 443fc46b1adf0baa0b009b90d577a76edb2 PEiD..: BobSoft Mini Delphi -> BoB / BobSoft TrID..: File type identification<BR>Win32 Executable Generic (58.3%)<BR>Win16/32 Executable Delphi generic (14.1%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.6%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xc54cc<BR>timedatestamp.....: 0x43a14136 (Thu Dec 15 10:11:02 2005)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 8 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>CODE 0x1000 0x45a0 0x4600 6.42 8cb3cf85f8c89b8a04bdac75c0e6f3e8<BR>DATA 0x6000 0x120 0x200 2.92 1bdc64e309c7484fc2deab5994be44d5<BR>BSS 0x7000 0x6fd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.idata 0x8000 0x4b6 0x600 3.74 696c5995011d4f4d3bb3306f4e8bd368<BR>.tls 0x9000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>.rdata 0xa000 0x24 0x200 0.42 bf71d4493a53f7b80fa35464147abdba<BR>.reloc 0xb000 0x4d8 0x600 5.93 887a581fd4396d76cafa0a7e3c42b6ec<BR>.rsrc 0xc000 0x241e8 0x24200 7.79 58cd846e48e7014bbd884a9ad58e2b76<BR><BR>( 7 imports ) <BR>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle<BR>> user32.dll: GetKeyboardType, MessageBoxA<BR>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<BR>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<BR>> advapi32.dll: SetThreadToken<BR>> kernel32.dll: SetTapeParameters, SetEvent, ResetEvent, LoadLibraryA, GetProcAddress, GetModuleFileNameA, GetLastError, GetFileTime, GetComputerNameA, GenerateConsoleCtrlEvent, FlushViewOfFile<BR>> user32.dll: MessageBoxA<BR><BR>( 0 exports ) <BR> Prevx info: http://info.prevx.com/aboutprogramtext.asp...717E5001E98303D Merci d'avance. -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, Voici le rapport de VundoFix : VundoFix V7.0.6 Scan started at 23:43:45 1/10/2008 Listing files found while scanning.... C:\Windows\system32\divxdec_0407.dll C:\Windows\system32\divxdec_0411.dll Beginning removal... Attempting to delete C:\Windows\system32\divxdec_0407.dll C:\Windows\system32\divxdec_0407.dll Has been deleted! Attempting to delete C:\Windows\system32\divxdec_0411.dll C:\Windows\system32\divxdec_0411.dll Has been deleted! Performing Repairs to the registry. Done! Et celui de Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:35:49, on 2/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\windows\Explorer.EXE c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\Program Files\Panda Security\Panda Internet Security 2008\ApvxdWin.exe C:\windows\system32\wscntfy.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\windows\System32\svchost.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Documents and Settings\Myriam1\Application Data\wintos.exe C:\Documents and Settings\Myriam1\Application Data\wint.exe C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {F503FB99-B802-4E95-A767-959739D786B1} - (no file) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll hduywz.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 15579 bytes D'avance merci. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, voici le rapport généré après la suppression : --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 1.80GHz ) BIOS : Default System BIOS USER : Myriam1 ( Administrator ) BOOT : Normal boot Antivirus : Panda Internet Security 2008 12.00.00 (Not Activated) Firewall : Platinum 2007 Personal Firewall 11.01.00 (Not Activated) C:\ (Local Disk) - NTFS - Total : 115 Go Free : 10 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [2] ( mar. 30/09/2008|23:54 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/11/2005|00:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [21/09/2005|15:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\DownloadFastFind [16/01/2006|01:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [11/02/2006|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{FBDA53F5-763E-4114-A576-612E9769C133} [07/09/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis [29/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [13/11/2005|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [17/07/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [29/05/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [08/06/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo [05/01/2005|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [11/01/2007|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [04/09/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup [17/02/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [17/04/2008|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [23/09/2008|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Enfocus Prefs Folder [01/07/2008|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genie-Soft [23/10/2007|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/10/2007|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [15/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [17/07/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [15/12/2004|01:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [14/09/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [08/07/2007|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10/07/2008|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/06/2004|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [19/02/2007|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [20/09/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [10/01/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [23/09/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [09/05/2004|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Quark [05/03/2006|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [19/06/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RTE [02/01/2007|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RunOff [23/12/2006|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanDBX [09/05/2008|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel [23/10/2007|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [08/09/2007|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [11/01/2007|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy(2) [08/05/2006|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [16/06/2006|00:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith [08/09/2008|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30/05/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [25/04/2007|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [31/08/2007|04:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot [31/07/2005|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [03/05/2004|10:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/09/2008|18:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Acronis [30/11/2007|00:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [12/06/2004|19:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [20/11/2005|12:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [20/11/2005|12:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Media Player Classic [11/05/2006|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [13/12/2007|02:44] C:\DOCUME~1\Myriam1\APPLIC~1\1+2 [06/05/2004|14:41] C:\DOCUME~1\Myriam1\APPLIC~1\123 Free Solitaire [04/06/2005|23:38] C:\DOCUME~1\Myriam1\APPLIC~1\1ClickDVDCopy [09/08/2005|07:57] C:\DOCUME~1\Myriam1\APPLIC~1\3M [07/09/2008|19:21] C:\DOCUME~1\Myriam1\APPLIC~1\Acronis [20/09/2008|01:35] C:\DOCUME~1\Myriam1\APPLIC~1\Adobe [27/12/2006|21:51] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeAUM [23/08/2007|09:07] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeUM [30/03/2006|00:16] C:\DOCUME~1\Myriam1\APPLIC~1\Apple Computer [06/06/2008|20:11] C:\DOCUME~1\Myriam1\APPLIC~1\ArcSoft [27/05/2008|21:23] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo [27/12/2007|03:19] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo Photo Commander 4 [30/09/2006|16:47] C:\DOCUME~1\Myriam1\APPLIC~1\BitTorrent [08/04/2006|10:26] C:\DOCUME~1\Myriam1\APPLIC~1\BSplayer [28/12/2007|16:32] C:\DOCUME~1\Myriam1\APPLIC~1\Calendrier Xtra [02/07/2008|22:12] C:\DOCUME~1\Myriam1\APPLIC~1\Camfrog [21/05/2008|11:26] C:\DOCUME~1\Myriam1\APPLIC~1\CopyToDvd [27/04/2008|23:20] C:\DOCUME~1\Myriam1\APPLIC~1\DataCast [29/07/2008|13:44] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner [29/07/2008|23:52] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner Pro [22/11/2007|21:53] C:\DOCUME~1\Myriam1\APPLIC~1\DivX [01/03/2007|00:36] C:\DOCUME~1\Myriam1\APPLIC~1\Druide [29/07/2008|08:58] C:\DOCUME~1\Myriam1\APPLIC~1\dvdcss [16/03/2008|02:20] C:\DOCUME~1\Myriam1\APPLIC~1\Enfocus Prefs Folder [01/12/2004|02:07] C:\DOCUME~1\Myriam1\APPLIC~1\funkitron [01/07/2008|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Genie-Soft [18/10/2006|04:34] C:\DOCUME~1\Myriam1\APPLIC~1\Google [31/05/2004|23:00] C:\DOCUME~1\Myriam1\APPLIC~1\Help [28/07/2008|02:18] C:\DOCUME~1\Myriam1\APPLIC~1\Identities [24/11/2005|08:15] C:\DOCUME~1\Myriam1\APPLIC~1\ImTOO [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Inbit [06/06/2008|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\InstallShield [08/07/2007|07:09] C:\DOCUME~1\Myriam1\APPLIC~1\Lavasoft [30/12/2006|00:24] C:\DOCUME~1\Myriam1\APPLIC~1\Leadertech [19/11/2007|12:26] C:\DOCUME~1\Myriam1\APPLIC~1\ma-config.com [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Macromedia [14/09/2008|23:05] C:\DOCUME~1\Myriam1\APPLIC~1\Malwarebytes [17/07/2005|15:44] C:\DOCUME~1\Myriam1\APPLIC~1\Media Player Classic [22/10/2005|00:02] C:\DOCUME~1\Myriam1\APPLIC~1\Messenger2 [22/02/2008|16:57] C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner [18/07/2007|01:02] C:\DOCUME~1\Myriam1\APPLIC~1\Microsoft [01/06/2006|08:53] C:\DOCUME~1\Myriam1\APPLIC~1\MobileAction [26/10/2007|00:13] C:\DOCUME~1\Myriam1\APPLIC~1\Mozilla [16/09/2004|22:48] C:\DOCUME~1\Myriam1\APPLIC~1\MSN6 [07/04/2007|01:06] C:\DOCUME~1\Myriam1\APPLIC~1\NCH Swift Sound [29/07/2008|13:17] C:\DOCUME~1\Myriam1\APPLIC~1\NeroVision [30/11/2007|00:59] C:\DOCUME~1\Myriam1\APPLIC~1\NewspaperDirect [24/12/2006|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\OfficeUpdate12 [30/03/2007|11:39] C:\DOCUME~1\Myriam1\APPLIC~1\Offline Explorer [01/11/2005|03:28] C:\DOCUME~1\Myriam1\APPLIC~1\Opera [12/06/2008|13:14] C:\DOCUME~1\Myriam1\APPLIC~1\Panasonic [14/08/2005|13:30] C:\DOCUME~1\Myriam1\APPLIC~1\Pegasys Inc [23/09/2008|08:39] C:\DOCUME~1\Myriam1\APPLIC~1\PlayFirst [09/05/2004|14:51] C:\DOCUME~1\Myriam1\APPLIC~1\Quark [26/03/2008|15:11] C:\DOCUME~1\Myriam1\APPLIC~1\Real [19/02/2007|21:56] C:\DOCUME~1\Myriam1\APPLIC~1\RecordPad [09/05/2007|22:14] C:\DOCUME~1\Myriam1\APPLIC~1\Registry Booster [11/02/2006|12:32] C:\DOCUME~1\Myriam1\APPLIC~1\Seven Zip [23/12/2007|00:56] C:\DOCUME~1\Myriam1\APPLIC~1\Snapfish [07/04/2005|16:05] C:\DOCUME~1\Myriam1\APPLIC~1\soft license type [19/02/2007|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Softplicity [02/09/2004|16:23] C:\DOCUME~1\Myriam1\APPLIC~1\Sun [08/05/2006|09:02] C:\DOCUME~1\Myriam1\APPLIC~1\Symantec [04/01/2005|09:12] C:\DOCUME~1\Myriam1\APPLIC~1\SYSTRAN [08/02/2007|20:46] C:\DOCUME~1\Myriam1\APPLIC~1\Talkback [03/07/2005|11:33] C:\DOCUME~1\Myriam1\APPLIC~1\Tenebril [08/02/2007|20:24] C:\DOCUME~1\Myriam1\APPLIC~1\Thunderbird [11/09/2008|02:37] C:\DOCUME~1\Myriam1\APPLIC~1\TmpRecentIcons [03/10/2005|11:02] C:\DOCUME~1\Myriam1\APPLIC~1\ToutMail [25/04/2007|03:20] C:\DOCUME~1\Myriam1\APPLIC~1\TuneUp Software [05/09/2008|09:36] C:\DOCUME~1\Myriam1\APPLIC~1\U3 [30/01/2008|18:38] C:\DOCUME~1\Myriam1\APPLIC~1\Uniblue [04/03/2006|20:18] C:\DOCUME~1\Myriam1\APPLIC~1\URSoft [26/09/2008|02:19] C:\DOCUME~1\Myriam1\APPLIC~1\UseNeXT [02/07/2005|15:27] C:\DOCUME~1\Myriam1\APPLIC~1\vlc [26/09/2008|07:51] C:\DOCUME~1\Myriam1\APPLIC~1\Vso [31/08/2007|04:58] C:\DOCUME~1\Myriam1\APPLIC~1\Webroot [11/03/2007|00:40] C:\DOCUME~1\Myriam1\APPLIC~1\WholeSecurity [08/09/2008|11:53] C:\DOCUME~1\Myriam1\APPLIC~1\Winamp [29/07/2008|08:55] C:\DOCUME~1\Myriam1\APPLIC~1\Zylom [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Real --------------------\\ Tâches planifiées dans C:\windows\tasks [30/09/2008 06:26][--ah-----] C:\windows\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\windows\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/12/2007|02:35] C:\Program Files\1+2 [31/01/2006|22:04] C:\Program Files\321Studios [24/01/2006|03:00] C:\Program Files\A4Proxy [27/09/2006|01:04] C:\Program Files\AbcPuzzles [07/09/2008|18:31] C:\Program Files\Acronis [23/09/2008|23:37] C:\Program Files\adobe [29/07/2008|13:18] C:\Program Files\Ahead [29/07/2008|13:17] C:\Program Files\Ahead(3) [14/11/2004|01:47] C:\Program Files\AND [29/07/2008|13:18] C:\Program Files\Apple Software Update [12/06/2008|11:24] C:\Program Files\ArcSoft [30/06/2008|07:37] C:\Program Files\ashampoo [30/07/2008|00:00] C:\Program Files\Astonsoft [14/07/2007|15:05] C:\Program Files\Astrologie & Devenir [04/12/2004|02:07] C:\Program Files\ATI Technologies [12/03/2007|14:01] C:\Program Files\AviSynth 2.5 [18/04/2008|09:21] C:\Program Files\AVSMedia [18/02/2007|01:03] C:\Program Files\BearShare [12/03/2007|13:04] C:\Program Files\BFG [29/04/2007|01:04] C:\Program Files\Boonty [29/04/2007|13:06] C:\Program Files\BoontyGames [08/03/2008|17:43] C:\Program Files\Calendrier [08/04/2007|04:01] C:\Program Files\Camfrog [15/02/2007|08:20] C:\Program Files\Canon [04/02/2008|12:37] C:\Program Files\CCleaner [04/09/2008|12:08] C:\Program Files\CDBurnerXP [05/10/2005|13:02] C:\Program Files\CloneDVD [11/11/2007|04:11] C:\Program Files\Common Files [13/04/2006|08:39] C:\Program Files\CoolMP3Splitter [04/12/2004|01:54] C:\Program Files\Creative [04/12/2004|02:50] C:\Program Files\CyberLink [22/03/2005|11:46] C:\Program Files\Datapol [20/02/2006|01:34] C:\Program Files\denouvel [12/10/2007|20:00] C:\Program Files\Desktop [06/02/2005|03:09] C:\Program Files\Dirprint [12/03/2005|03:46] C:\Program Files\Disney Interactive [11/03/2008|18:41] C:\Program Files\DivX [22/11/2007|16:55] C:\Program Files\DivX6 [22/11/2007|16:55] C:\Program Files\DivXnew [03/04/2006|13:45] C:\Program Files\divxold [01/03/2007|00:33] C:\Program Files\Druide [07/12/2005|00:50] C:\Program Files\DVD Profiler [09/03/2008|08:20] C:\Program Files\DVD Region+CSS Free [03/09/2006|15:25] C:\Program Files\DVD Shrink [12/05/2008|21:49] C:\Program Files\DVDFab Gold 3 [01/06/2007|09:06] C:\Program Files\DVDFab HD Decrypter 3 [01/06/2007|11:32] C:\Program Files\DVDneXtCOPY2 [28/11/2005|01:05] C:\Program Files\dvdSanta [04/12/2004|01:40] C:\Program Files\DVDx [09/03/2005|19:58] C:\Program Files\Dvdxc [04/03/2008|14:23] C:\Program Files\Easy CD-DA Extractor 11 [08/09/2008|10:12] C:\Program Files\Easy CD-DA Extractor 11new [26/05/2008|23:21] C:\Program Files\EasyCovers [18/01/2008|02:03] C:\Program Files\EasyVideoSoft [11/03/2007|00:47] C:\Program Files\eBay [02/02/2006|13:00] C:\Program Files\Eidos Interactive [11/12/2007|19:51] C:\Program Files\Elaborate Bytes [29/12/2007|22:24] C:\Program Files\E-mail eXtractor [17/04/2006|02:51] C:\Program Files\encoder [13/07/2008|14:05] C:\Program Files\eRightSoft [16/03/2006|00:10] C:\Program Files\EZFace [06/11/2007|09:17] C:\Program Files\fabamusic [23/09/2008|23:45] C:\Program Files\Fichiers communs [09/01/2007|23:47] C:\Program Files\FILERECOVERY PRO [20/11/2005|01:16] C:\Program Files\FILERECOVERY PRO DEMO [13/02/2005|02:08] C:\Program Files\FLASH [21/11/2005|00:13] C:\Program Files\flaskmpeg [01/01/2008|02:54] C:\Program Files\FotoSketcher [01/07/2008|21:37] C:\Program Files\Genie-Soft [23/10/2007|23:36] C:\Program Files\Google [03/10/2005|20:36] C:\Program Files\Goto software [04/05/2004|18:46] C:\Program Files\Hewlett-Packard [21/05/2008|08:36] C:\Program Files\i-Covers [11/09/2007|11:22] C:\Program Files\Ihsv [17/04/2008|08:59] C:\Program Files\ImTOO [26/08/2005|14:52] C:\Program Files\Inbit [29/08/2005|00:42] C:\Program Files\Infogrames Interactive [12/05/2007|09:17] C:\Program Files\inKline Global [05/05/2004|21:59] C:\Program Files\InkSaver [07/06/2008|23:22] C:\Program Files\Innovative Solutions [24/09/2008|00:23] C:\Program Files\InstallShield Installation Information [04/12/2004|01:55] C:\Program Files\InterActual [12/06/2008|03:04] C:\Program Files\Internet Explorer [21/11/2005|04:17] C:\Program Files\InterVideo [08/09/2007|13:59] C:\Program Files\IrfanView [12/06/2008|11:36] C:\Program Files\ISL [28/07/2008|10:08] C:\Program Files\Java [19/05/2004|06:56] C:\Program Files\KB824146Scan [28/07/2008|12:41] C:\Program Files\KC Softwares [21/11/2005|11:53] C:\Program Files\K-Lite Codec Pack [01/01/2007|15:30] C:\Program Files\Lavalys [29/07/2008|13:19] C:\Program Files\Lavasoft [15/11/2007|15:54] C:\Program Files\LG Software Innovations [21/05/2008|10:34] C:\Program Files\LimeWire [14/06/2004|18:52] C:\Program Files\LitexMedia [10/05/2004|00:59] C:\Program Files\LIUtilities [28/01/2006|04:13] C:\Program Files\Logitech [19/11/2007|12:23] C:\Program Files\ma-config.com [11/06/2005|10:53] C:\Program Files\Magic translator [07/05/2006|00:41] C:\Program Files\MagicISO [14/09/2008|23:05] C:\Program Files\Malwarebytes' Anti-Malware [24/09/2004|19:07] C:\Program Files\mario [27/04/2008|23:20] C:\Program Files\MarkAny [17/11/2005|13:05] C:\Program Files\McAfee AntiSpyware 1.00 Install [03/04/2006|07:55] C:\Program Files\Media Player Classic [11/10/2007|00:11] C:\Program Files\Messenger [12/12/2004|00:57] C:\Program Files\Messenger Plus! 3 [07/11/2005|02:49] C:\Program Files\Messenger2 [24/10/2005|02:27] C:\Program Files\Micro Application [13/05/2007|23:21] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [10/10/2005|23:05] C:\Program Files\microsoft frontpage [25/12/2006|03:34] C:\Program Files\Microsoft Office [25/12/2006|03:33] C:\Program Files\Microsoft Visual Studio [11/09/2008|15:44] C:\Program Files\Microsoft Windows OneCare Live [25/12/2006|03:34] C:\Program Files\Microsoft Works [25/12/2006|03:32] C:\Program Files\Microsoft.NET [30/12/2007|16:15] C:\Program Files\Mindscape [20/11/2005|01:50] C:\Program Files\Miramar [27/08/2007|10:36] C:\Program Files\Moraff's SphereJongg [26/12/2004|00:58] C:\Program Files\Movie collection [14/11/2004|20:06] C:\Program Files\Movie Maker [30/09/2008|10:35] C:\Program Files\Mozilla Thunderbird [15/09/2006|09:00] C:\Program Files\MP3 Player Utilities [17/12/2007|04:52] C:\Program Files\mpegable [25/12/2006|03:34] C:\Program Files\MSBuild [06/04/2005|20:13] C:\Program Files\Msn [07/11/2005|00:22] C:\Program Files\MSN Apps [27/10/2005|00:45] C:\Program Files\MSN Games [03/05/2004|10:02] C:\Program Files\MSN Gaming Zone [08/03/2008|02:26] C:\Program Files\MSN Messenger [16/11/2006|14:58] C:\Program Files\MSXML 4.0 [04/05/2005|00:42] C:\Program Files\MultiTranse [12/03/2007|13:03] C:\Program Files\Mystery Case Files - Ravenhearst [25/10/2006|08:48] C:\Program Files\myV-55 USB-Handset Manager [07/04/2007|01:06] C:\Program Files\NCH Swift Sound [29/12/2006|03:58] C:\Program Files\neerlandais [17/07/2008|09:32] C:\Program Files\Nero [24/05/2005|09:55] C:\Program Files\Netcraft Toolbar [28/05/2008|10:37] C:\Program Files\Netlog [11/07/2008|08:06] C:\Program Files\Netlog Music Tool [14/11/2004|20:02] C:\Program Files\NetMeeting [30/11/2007|00:02] C:\Program Files\NewspaperDirect [19/05/2008|01:46] C:\Program Files\NoClone [08/03/2008|17:58] C:\Program Files\Norton Utilities [20/09/2008|02:01] C:\Program Files\NOS [13/12/2007|02:36] C:\Program Files\numerologie 1+2 [25/10/2005|11:17] C:\Program Files\Oak Systems [17/11/2005|12:41] C:\Program Files\Offline Explorer Pro [23/07/2007|00:46] C:\Program Files\Outlook Express [05/10/2005|01:54] C:\Program Files\Pacman 2005 [12/06/2008|11:40] C:\Program Files\Panasonic [13/09/2008|07:15] C:\Program Files\Panda Security [11/05/2007|13:46] C:\Program Files\Panda Software [05/12/2007|16:39] C:\Program Files\PC Inspector File Recovery [22/05/2008|08:47] C:\Program Files\PC Wizard 2008 [07/01/2007|00:48] C:\Program Files\Pegasys Inc [01/10/2005|00:39] C:\Program Files\Plus! [29/07/2008|13:20] C:\Program Files\PopUp Destroy [23/12/2006|03:22] C:\Program Files\Power IE [11/11/2003|08:46] C:\Program Files\PowerCDR [21/08/2005|01:00] C:\Program Files\PROMT5 [04/02/2007|23:37] C:\Program Files\Qualcomm(2) [09/05/2004|18:15] C:\Program Files\quark [04/03/2008|14:41] C:\Program Files\QuickPar [01/10/2006|01:13] C:\Program Files\QuickTime [04/10/2005|13:21] C:\Program Files\Real [03/04/2006|07:55] C:\Program Files\Real Alternative [18/11/2005|10:02] C:\Program Files\ReflexiveArcade [14/07/2008|02:23] C:\Program Files\regcleaner [15/11/2007|15:54] C:\Program Files\RegCleaner(2) [22/06/2008|23:36] C:\Program Files\RegCure [14/01/2007|14:13] C:\Program Files\Registry Mechanic [08/11/2004|15:23] C:\Program Files\Revistronic [09/01/2007|23:46] C:\Program Files\Runtime Software [27/04/2008|23:20] C:\Program Files\Samsung [07/04/2006|09:01] C:\Program Files\Satsuki All2DVD [06/04/2006|01:10] C:\Program Files\Satsuki Decoder Pack [31/01/2005|00:24] C:\Program Files\sbsetup [24/05/2005|01:31] C:\Program Files\ScreenMates [29/12/2006|03:49] C:\Program Files\Selor [03/05/2004|10:05] C:\Program Files\Services en ligne [03/05/2006|13:13] C:\Program Files\Shockwave.com [25/09/2005|22:51] C:\Program Files\Sierra On-Line [22/03/2006|02:43] C:\Program Files\SimpleDivX [05/05/2004|14:34] C:\Program Files\SiS7012 [10/10/2005|10:50] C:\Program Files\SiSoftware [16/06/2008|22:28] C:\Program Files\SIW [23/10/2007|23:54] C:\Program Files\Skype [01/12/2004|02:07] C:\Program Files\Slingo Deluxe [30/12/2007|16:16] C:\Program Files\SoftwarePassport [08/03/2008|18:03] C:\Program Files\Speed Disk [10/07/2007|19:46] C:\Program Files\SplitCam [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy(2) [11/01/2007|23:34] C:\Program Files\SpyRemover [09/03/2008|18:44] C:\Program Files\Spyware Doctor [11/07/2007|23:27] C:\Program Files\Spyware Doctor-new [17/09/2008|20:35] C:\Program Files\SpywareBlaster [16/06/2005|20:03] C:\Program Files\Super Clone DVD [01/10/2005|00:39] C:\Program Files\Support.com [01/10/2007|22:17] C:\Program Files\Symantec [16/06/2006|00:37] C:\Program Files\TechSmith [27/06/2008|01:40] C:\Program Files\Test-A [23/08/2007|08:56] C:\Program Files\The Cleaner [25/12/2005|04:57] C:\Program Files\ToniArts [16/09/2008|07:13] C:\Program Files\Trend Micro [21/09/2005|01:43] C:\Program Files\U.S. Robotics [02/06/2008|00:57] C:\Program Files\UBISOFT [09/04/2008|00:12] C:\Program Files\Uniblue [05/07/2004|06:56] C:\Program Files\Uninstall Information [08/03/2008|18:04] C:\Program Files\UPHClean [24/08/2008|23:16] C:\Program Files\UseNeXT [29/12/2006|22:02] C:\Program Files\U-Storage Tools2.75 [08/04/2006|20:32] C:\Program Files\VideoLAN [12/03/2007|13:04] C:\Program Files\Virtual Villagers - The Lost Children [26/02/2006|16:54] C:\Program Files\virtualdub 1.6.9 [31/01/2007|16:33] C:\Program Files\VirtualDub MPEG2 [09/03/2006|22:07] C:\Program Files\virtualdub-mpeg2 [14/12/2006|02:42] C:\Program Files\VirtualDub-MPEG2-1206 [26/09/2008|07:49] C:\Program Files\VSO [14/06/2004|07:39] C:\Program Files\Wav2mp3 [31/08/2007|04:58] C:\Program Files\Webroot [23/09/2008|02:54] C:\Program Files\Wedding Dash 2 [08/09/2008|02:40] C:\Program Files\Winamp [24/12/2007|07:19] C:\Program Files\WinAVI Video Converter 9.0 [24/12/2006|01:54] C:\Program Files\Windows Live Safety Center [12/04/2006|16:31] C:\Program Files\Windows Media Components [31/07/2008|11:11] C:\Program Files\Windows Media Connect 2 [31/07/2008|11:11] C:\Program Files\Windows Media Player [29/12/2007|16:06] C:\Program Files\Windows NT [22/12/2006|15:34] C:\Program Files\WindowsUpdate [14/03/2007|03:15] C:\Program Files\WinHTTrack [08/04/2008|23:44] C:\Program Files\WinISO [17/07/2006|11:18] C:\Program Files\winmorph [04/03/2008|14:45] C:\Program Files\WinRAR [07/06/2008|23:42] C:\Program Files\Winsos [30/09/2008|02:11] C:\Program Files\Wintim'In 7 [04/03/2008|14:45] C:\Program Files\WinZip [07/04/2006|11:03] C:\Program Files\WMV9_VCM [22/08/2007|09:38] C:\Program Files\ww [03/01/2007|14:13] C:\Program Files\Xara [03/05/2004|10:07] C:\Program Files\xerox [13/01/2008|17:57] C:\Program Files\Xilisoft [29/08/2007|23:14] C:\Program Files\Yahoo! [15/01/2008|01:55] C:\Program Files\ZC2.10 [16/01/2006|20:19] C:\Program Files\Zero G Registry [29/08/2008|00:46] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [07/09/2008|18:31] C:\Program Files\Fichiers communs\Acronis [23/09/2008|23:37] C:\Program Files\Fichiers communs\Adobe [13/11/2005|14:30] C:\Program Files\Fichiers communs\Adobe Systems Shared [29/07/2008|13:18] C:\Program Files\Fichiers communs\Ahead [17/03/2008|11:23] C:\Program Files\Fichiers communs\AVSMedia [17/07/2006|11:18] C:\Program Files\Fichiers communs\debugmode [10/09/2007|19:18] C:\Program Files\Fichiers communs\DESIGNER [01/06/2007|11:31] C:\Program Files\Fichiers communs\DistributeShield [01/06/2007|11:31] C:\Program Files\Fichiers communs\DVDnextCOPY2 [06/05/2004|21:57] C:\Program Files\Fichiers communs\FileStream Scheduler [02/11/2005|11:43] C:\Program Files\Fichiers communs\InstallShield [01/10/2005|00:39] C:\Program Files\Fichiers communs\InterVideo [10/11/2004|21:21] C:\Program Files\Fichiers communs\Java [29/07/2008|13:12] C:\Program Files\Fichiers communs\LightScribe [23/11/2005|13:20] C:\Program Files\Fichiers communs\Logitech [15/12/2004|01:41] C:\Program Files\Fichiers communs\Macrovision Shared [16/04/2007|22:58] C:\Program Files\Fichiers communs\Microsoft Shared [03/05/2004|10:04] C:\Program Files\Fichiers communs\MSSoap [01/10/2005|00:39] C:\Program Files\Fichiers communs\ODBC [09/05/2008|10:38] C:\Program Files\Fichiers communs\Panda Software [26/03/2008|15:07] C:\Program Files\Fichiers communs\Real [03/05/2004|10:04] C:\Program Files\Fichiers communs\Services [01/05/2004|19:30] C:\Program Files\Fichiers communs\SpeechEngines [01/10/2005|00:39] C:\Program Files\Fichiers communs\SWF Studio [19/08/2007|18:10] C:\Program Files\Fichiers communs\Symantec Shared [23/07/2007|00:46] C:\Program Files\Fichiers communs\System [04/03/2008|14:27] C:\Program Files\Fichiers communs\Webroot Shared [17/09/2008|22:55] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 52 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-01 00:01:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner\Userdata C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\MessengerSkinner.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url C:\windows\Pack.epk ==> EGDACCESS <== C:\windows\system32\cdMpWvut.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362 C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362M C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362T C:\DOCUME~1\Myriam1\Bureau\a installer\(Software) Cool Mp3 Splitter 1.2 + crack (splits full albums into tracks).zip C:\DOCUME~1\Myriam1\Bureau\a installer\Clone DVD2 + Any DVD+ crack+serial(read manual works great 100%).zip C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen C:\DOCUME~1\Myriam1\Bureau\a installer\ASHAMPOO\Ashampoo - All Products Keygen.zip C:\DOCUME~1\Myriam1\Bureau\a installer\dvdfab\DVDFab Platinum v2.9.7.0 + Crack.rar C:\DOCUME~1\Myriam1\Bureau\a installer\DVDFab Gold v3.0.4.0\Crack C:\DOCUME~1\Myriam1\Bureau\a installer\Elby Clone Dvd V1.3.10.1 Anydvd 2.0.0.4 Ger Key\Keygen-CloneDVD.exe C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen\winzip100.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\CORE.NFO C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35 C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35.zip C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\keygen.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\README.TXT C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\setup.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.gif C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\KEYGEN.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack\GBM8.exe C:\DOCUME~1\Myriam1\Bureau\Jeux\startopia\StarTopia\Startopia Crack Nocd Fr.rar C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.exe C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.sfv C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack.zip C:\DOCUME~1\Myriam1\Bureau\Util dvd\Imtoo Mpeg Encoder v2.1.46.609B Incl Keygen-Explosion.rar C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=- C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---setup.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---00.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---01.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---02.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---03.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---04.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---11.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---12.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---13.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---14.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---about.txt C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\DVDRegionFree.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\file_id.diz C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\harpoon.nfo C:\DOCUME~1\Myriam1\Bureau\Util dvd\ImToo mpeg encoder\Keygen.txt C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 6.0 Keygen-flt.exe C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 7.0 Keygen - YTU.exe C:\DOCUME~1\Myriam1\Incomplete\T-456200759-(???) Adobe Photoshop Elements 3.0 ???? [04.11.19](MDS+Keygene).rar C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.par2.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.vol00+1.PAR2.lnk C:\DOCUME~1\ALLUSE~1\Documents\Ma musique\keygen.exe [F:32][D:2]-> C:\DOCUME~1\Myriam1\LOCALS~1\Temp [F:32][D:0]-> C:\DOCUME~1\Myriam1\Cookies [F:1723][D:12]-> C:\DOCUME~1\Myriam1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - mer. 24/09/2008|23:39 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - jeu. 25/09/2008| 1:32 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - jeu. 25/09/2008|22:37 - Option : [1] 4 - "C:\Lop SD\LopR_4.txt" - lun. 29/09/2008| 3:12 - Option : [1] 5 - "C:\Lop SD\LopR_5.txt" - lun. 29/09/2008| 3:58 - Option : [2] 6 - "C:\Lop SD\LopR_6.txt" - mar. 30/09/2008|22:59 - Option : [1] 7 - "C:\Lop SD\LopR_7.txt" - mer. 01/10/2008| 0:06 - Option : [2] --------------------\\ Fin du rapport a 0:06:07 Merci d'avance Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
J'oubliais, le rapport Hijackthis, si besoin lol Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:26:42, on 30/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\windows\Explorer.EXE c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\Documents and Settings\Myriam1\Application Data\wintos.exe C:\Documents and Settings\Myriam1\Application Data\wint.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\windows\system32\wscntfy.exe C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {F503FB99-B802-4E95-A767-959739D786B1} - C:\windows\system32\tuvWpMdc.dll (file missing) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll hduywz.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 15303 bytes -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonjour, Hier, en mode normal de win xp, j'avais des messages (le fichier de pagination est insuffisant ..., pas assez de mémoire virtuelle), donc pas moyen de faire quoique ce soit. J'ai modifier la mémoire virtuelle ds le panneau de configuration. Hier, en mode sans échec, je savais travailler avec mon pc. J'ai lancé MBAM, qui a encore détecté plein de mauvaises choses !, j'ai lancé l'option 2. J'ai relancé MBAM et il n'a plus rien trouvé !!!!! Ce matin j'ai créé un point de restauration. Mais j'attends tes conseils concernant ma config, avant de faire une copie de sécurité sur mon disque dur externe. - IE6 - MAJ windows désactivée - parefeu windows désactivé (sur le routeur il y a un parefeu, mais je ne sais rien modifier à ce programme. - Thunderbird - MSN messenger J'attends de tes nouvelles, encore merci. Myriam -
Je te remercie Gof, mais comme j'ai enfin vu le bout du tunnel (j'ai été bloquée le 11 septembre !), tu comprendras mon impatience. Myriam.
-
Bonjour, Je viens de sortir d'un mauvais pas grâce à l'aide de Lien Rag. Mon OS : win xp sp2, les mises à jour sont désactivées ainsi que le firewall de windows (il y en a un sur le routeur)et mon explorateur est IE 6. J'ai besoin de vos conseils pour ne plus avoir les gros problèmes que j'ai connu (machine bloquée, programmes ne fonctionnant qu'en mode sans échec ... malware, virus alert). Merci pour votre aide. Myriam
-
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonjour, Je t'envoie le rapport : --------------------\\ Lop S&D 4.2.4-4 XP/Vista "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [2] ( lun. 29/09/2008| 3:50 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4 Supprime! - C:\DOCUME~1\Myriam1\Cookies\myriam1@adopt.euroclick[2].txt Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/11/2005|00:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [21/09/2005|15:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\DownloadFastFind [16/01/2006|01:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [11/02/2006|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{FBDA53F5-763E-4114-A576-612E9769C133} [07/09/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis [29/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [13/11/2005|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [17/07/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [29/05/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [08/06/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo [05/01/2005|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [11/01/2007|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [04/09/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup [17/02/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [17/04/2008|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [23/09/2008|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Enfocus Prefs Folder [01/07/2008|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genie-Soft [23/10/2007|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/10/2007|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [15/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [17/07/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [15/12/2004|01:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [14/09/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [08/07/2007|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10/07/2008|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/06/2004|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [19/02/2007|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [20/09/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [10/01/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [23/09/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [09/05/2004|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Quark [05/03/2006|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [19/06/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RTE [02/01/2007|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RunOff [23/12/2006|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanDBX [09/05/2008|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel [23/10/2007|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [08/09/2007|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [11/01/2007|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy(2) [08/05/2006|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [16/06/2006|00:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith [08/09/2008|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30/05/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [25/04/2007|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [31/08/2007|04:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot [31/07/2005|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [03/05/2004|10:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/09/2008|18:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Acronis [30/11/2007|00:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [12/06/2004|19:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [20/11/2005|12:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [20/11/2005|12:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Media Player Classic [11/05/2006|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [13/12/2007|02:44] C:\DOCUME~1\Myriam1\APPLIC~1\1+2 [06/05/2004|14:41] C:\DOCUME~1\Myriam1\APPLIC~1\123 Free Solitaire [04/06/2005|23:38] C:\DOCUME~1\Myriam1\APPLIC~1\1ClickDVDCopy [09/08/2005|07:57] C:\DOCUME~1\Myriam1\APPLIC~1\3M [07/09/2008|19:21] C:\DOCUME~1\Myriam1\APPLIC~1\Acronis [20/09/2008|01:35] C:\DOCUME~1\Myriam1\APPLIC~1\Adobe [27/12/2006|21:51] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeAUM [23/08/2007|09:07] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeUM [30/03/2006|00:16] C:\DOCUME~1\Myriam1\APPLIC~1\Apple Computer [06/06/2008|20:11] C:\DOCUME~1\Myriam1\APPLIC~1\ArcSoft [27/05/2008|21:23] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo [27/12/2007|03:19] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo Photo Commander 4 [30/09/2006|16:47] C:\DOCUME~1\Myriam1\APPLIC~1\BitTorrent [08/04/2006|10:26] C:\DOCUME~1\Myriam1\APPLIC~1\BSplayer [28/12/2007|16:32] C:\DOCUME~1\Myriam1\APPLIC~1\Calendrier Xtra [02/07/2008|22:12] C:\DOCUME~1\Myriam1\APPLIC~1\Camfrog [21/05/2008|11:26] C:\DOCUME~1\Myriam1\APPLIC~1\CopyToDvd [27/04/2008|23:20] C:\DOCUME~1\Myriam1\APPLIC~1\DataCast [29/07/2008|13:44] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner [29/07/2008|23:52] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner Pro [22/11/2007|21:53] C:\DOCUME~1\Myriam1\APPLIC~1\DivX [01/03/2007|00:36] C:\DOCUME~1\Myriam1\APPLIC~1\Druide [29/07/2008|08:58] C:\DOCUME~1\Myriam1\APPLIC~1\dvdcss [16/03/2008|02:20] C:\DOCUME~1\Myriam1\APPLIC~1\Enfocus Prefs Folder [01/12/2004|02:07] C:\DOCUME~1\Myriam1\APPLIC~1\funkitron [01/07/2008|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Genie-Soft [18/10/2006|04:34] C:\DOCUME~1\Myriam1\APPLIC~1\Google [31/05/2004|23:00] C:\DOCUME~1\Myriam1\APPLIC~1\Help [28/07/2008|02:18] C:\DOCUME~1\Myriam1\APPLIC~1\Identities [24/11/2005|08:15] C:\DOCUME~1\Myriam1\APPLIC~1\ImTOO [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Inbit [06/06/2008|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\InstallShield [08/07/2007|07:09] C:\DOCUME~1\Myriam1\APPLIC~1\Lavasoft [30/12/2006|00:24] C:\DOCUME~1\Myriam1\APPLIC~1\Leadertech [19/11/2007|12:26] C:\DOCUME~1\Myriam1\APPLIC~1\ma-config.com [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Macromedia [14/09/2008|23:05] C:\DOCUME~1\Myriam1\APPLIC~1\Malwarebytes [17/07/2005|15:44] C:\DOCUME~1\Myriam1\APPLIC~1\Media Player Classic [22/10/2005|00:02] C:\DOCUME~1\Myriam1\APPLIC~1\Messenger2 [22/02/2008|16:57] C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner [18/07/2007|01:02] C:\DOCUME~1\Myriam1\APPLIC~1\Microsoft [01/06/2006|08:53] C:\DOCUME~1\Myriam1\APPLIC~1\MobileAction [26/10/2007|00:13] C:\DOCUME~1\Myriam1\APPLIC~1\Mozilla [16/09/2004|22:48] C:\DOCUME~1\Myriam1\APPLIC~1\MSN6 [07/04/2007|01:06] C:\DOCUME~1\Myriam1\APPLIC~1\NCH Swift Sound [29/07/2008|13:17] C:\DOCUME~1\Myriam1\APPLIC~1\NeroVision [30/11/2007|00:59] C:\DOCUME~1\Myriam1\APPLIC~1\NewspaperDirect [24/12/2006|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\OfficeUpdate12 [30/03/2007|11:39] C:\DOCUME~1\Myriam1\APPLIC~1\Offline Explorer [01/11/2005|03:28] C:\DOCUME~1\Myriam1\APPLIC~1\Opera [12/06/2008|13:14] C:\DOCUME~1\Myriam1\APPLIC~1\Panasonic [14/08/2005|13:30] C:\DOCUME~1\Myriam1\APPLIC~1\Pegasys Inc [23/09/2008|08:39] C:\DOCUME~1\Myriam1\APPLIC~1\PlayFirst [09/05/2004|14:51] C:\DOCUME~1\Myriam1\APPLIC~1\Quark [26/03/2008|15:11] C:\DOCUME~1\Myriam1\APPLIC~1\Real [19/02/2007|21:56] C:\DOCUME~1\Myriam1\APPLIC~1\RecordPad [09/05/2007|22:14] C:\DOCUME~1\Myriam1\APPLIC~1\Registry Booster [11/02/2006|12:32] C:\DOCUME~1\Myriam1\APPLIC~1\Seven Zip [23/12/2007|00:56] C:\DOCUME~1\Myriam1\APPLIC~1\Snapfish [07/04/2005|16:05] C:\DOCUME~1\Myriam1\APPLIC~1\soft license type [19/02/2007|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Softplicity [02/09/2004|16:23] C:\DOCUME~1\Myriam1\APPLIC~1\Sun [08/05/2006|09:02] C:\DOCUME~1\Myriam1\APPLIC~1\Symantec [04/01/2005|09:12] C:\DOCUME~1\Myriam1\APPLIC~1\SYSTRAN [08/02/2007|20:46] C:\DOCUME~1\Myriam1\APPLIC~1\Talkback [03/07/2005|11:33] C:\DOCUME~1\Myriam1\APPLIC~1\Tenebril [08/02/2007|20:24] C:\DOCUME~1\Myriam1\APPLIC~1\Thunderbird [11/09/2008|02:37] C:\DOCUME~1\Myriam1\APPLIC~1\TmpRecentIcons [03/10/2005|11:02] C:\DOCUME~1\Myriam1\APPLIC~1\ToutMail [25/04/2007|03:20] C:\DOCUME~1\Myriam1\APPLIC~1\TuneUp Software [05/09/2008|09:36] C:\DOCUME~1\Myriam1\APPLIC~1\U3 [30/01/2008|18:38] C:\DOCUME~1\Myriam1\APPLIC~1\Uniblue [04/03/2006|20:18] C:\DOCUME~1\Myriam1\APPLIC~1\URSoft [26/09/2008|02:19] C:\DOCUME~1\Myriam1\APPLIC~1\UseNeXT [12/09/2008|11:21] C:\DOCUME~1\Myriam1\APPLIC~1\VirusRemover2008 [02/07/2005|15:27] C:\DOCUME~1\Myriam1\APPLIC~1\vlc [26/09/2008|07:51] C:\DOCUME~1\Myriam1\APPLIC~1\Vso [31/08/2007|04:58] C:\DOCUME~1\Myriam1\APPLIC~1\Webroot [11/03/2007|00:40] C:\DOCUME~1\Myriam1\APPLIC~1\WholeSecurity [08/09/2008|11:53] C:\DOCUME~1\Myriam1\APPLIC~1\Winamp [29/07/2008|08:55] C:\DOCUME~1\Myriam1\APPLIC~1\Zylom [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Real --------------------\\ Tâches planifiées dans C:\windows\tasks [29/09/2008 01:19][--ah-----] C:\windows\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\windows\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/12/2007|02:35] C:\Program Files\1+2 [31/01/2006|22:04] C:\Program Files\321Studios [24/01/2006|03:00] C:\Program Files\A4Proxy [27/09/2006|01:04] C:\Program Files\AbcPuzzles [07/09/2008|18:31] C:\Program Files\Acronis [23/09/2008|23:37] C:\Program Files\adobe [29/07/2008|13:18] C:\Program Files\Ahead [29/07/2008|13:17] C:\Program Files\Ahead(3) [14/11/2004|01:47] C:\Program Files\AND [29/07/2008|13:18] C:\Program Files\Apple Software Update [12/06/2008|11:24] C:\Program Files\ArcSoft [30/06/2008|07:37] C:\Program Files\ashampoo [30/07/2008|00:00] C:\Program Files\Astonsoft [14/07/2007|15:05] C:\Program Files\Astrologie & Devenir [04/12/2004|02:07] C:\Program Files\ATI Technologies [12/03/2007|14:01] C:\Program Files\AviSynth 2.5 [18/04/2008|09:21] C:\Program Files\AVSMedia [18/02/2007|01:03] C:\Program Files\BearShare [12/03/2007|13:04] C:\Program Files\BFG [29/04/2007|01:04] C:\Program Files\Boonty [29/04/2007|13:06] C:\Program Files\BoontyGames [08/03/2008|17:43] C:\Program Files\Calendrier [08/04/2007|04:01] C:\Program Files\Camfrog [15/02/2007|08:20] C:\Program Files\Canon [04/02/2008|12:37] C:\Program Files\CCleaner [04/09/2008|12:08] C:\Program Files\CDBurnerXP [05/10/2005|13:02] C:\Program Files\CloneDVD [11/11/2007|04:11] C:\Program Files\Common Files [13/04/2006|08:39] C:\Program Files\CoolMP3Splitter [04/12/2004|01:54] C:\Program Files\Creative [04/12/2004|02:50] C:\Program Files\CyberLink [22/03/2005|11:46] C:\Program Files\Datapol [20/02/2006|01:34] C:\Program Files\denouvel [12/10/2007|20:00] C:\Program Files\Desktop [06/02/2005|03:09] C:\Program Files\Dirprint [12/03/2005|03:46] C:\Program Files\Disney Interactive [11/03/2008|18:41] C:\Program Files\DivX [22/11/2007|16:55] C:\Program Files\DivX6 [22/11/2007|16:55] C:\Program Files\DivXnew [03/04/2006|13:45] C:\Program Files\divxold [01/03/2007|00:33] C:\Program Files\Druide [07/12/2005|00:50] C:\Program Files\DVD Profiler [09/03/2008|08:20] C:\Program Files\DVD Region+CSS Free [03/09/2006|15:25] C:\Program Files\DVD Shrink [12/05/2008|21:49] C:\Program Files\DVDFab Gold 3 [01/06/2007|09:06] C:\Program Files\DVDFab HD Decrypter 3 [01/06/2007|11:32] C:\Program Files\DVDneXtCOPY2 [28/11/2005|01:05] C:\Program Files\dvdSanta [04/12/2004|01:40] C:\Program Files\DVDx [09/03/2005|19:58] C:\Program Files\Dvdxc [04/03/2008|14:23] C:\Program Files\Easy CD-DA Extractor 11 [08/09/2008|10:12] C:\Program Files\Easy CD-DA Extractor 11new [26/05/2008|23:21] C:\Program Files\EasyCovers [18/01/2008|02:03] C:\Program Files\EasyVideoSoft [11/03/2007|00:47] C:\Program Files\eBay [02/02/2006|13:00] C:\Program Files\Eidos Interactive [11/12/2007|19:51] C:\Program Files\Elaborate Bytes [29/12/2007|22:24] C:\Program Files\E-mail eXtractor [17/04/2006|02:51] C:\Program Files\encoder [13/07/2008|14:05] C:\Program Files\eRightSoft [16/03/2006|00:10] C:\Program Files\EZFace [06/11/2007|09:17] C:\Program Files\fabamusic [23/09/2008|23:45] C:\Program Files\Fichiers communs [09/01/2007|23:47] C:\Program Files\FILERECOVERY PRO [20/11/2005|01:16] C:\Program Files\FILERECOVERY PRO DEMO [13/02/2005|02:08] C:\Program Files\FLASH [21/11/2005|00:13] C:\Program Files\flaskmpeg [01/01/2008|02:54] C:\Program Files\FotoSketcher [01/07/2008|21:37] C:\Program Files\Genie-Soft [23/10/2007|23:36] C:\Program Files\Google [03/10/2005|20:36] C:\Program Files\Goto software [04/05/2004|18:46] C:\Program Files\Hewlett-Packard [21/05/2008|08:36] C:\Program Files\i-Covers [11/09/2007|11:22] C:\Program Files\Ihsv [17/04/2008|08:59] C:\Program Files\ImTOO [26/08/2005|14:52] C:\Program Files\Inbit [29/08/2005|00:42] C:\Program Files\Infogrames Interactive [12/05/2007|09:17] C:\Program Files\inKline Global [05/05/2004|21:59] C:\Program Files\InkSaver [07/06/2008|23:22] C:\Program Files\Innovative Solutions [24/09/2008|00:23] C:\Program Files\InstallShield Installation Information [04/12/2004|01:55] C:\Program Files\InterActual [12/06/2008|03:04] C:\Program Files\Internet Explorer [21/11/2005|04:17] C:\Program Files\InterVideo [08/09/2007|13:59] C:\Program Files\IrfanView [12/06/2008|11:36] C:\Program Files\ISL [28/07/2008|10:08] C:\Program Files\Java [19/05/2004|06:56] C:\Program Files\KB824146Scan [28/07/2008|12:41] C:\Program Files\KC Softwares [21/11/2005|11:53] C:\Program Files\K-Lite Codec Pack [01/01/2007|15:30] C:\Program Files\Lavalys [29/07/2008|13:19] C:\Program Files\Lavasoft [15/11/2007|15:54] C:\Program Files\LG Software Innovations [21/05/2008|10:34] C:\Program Files\LimeWire [14/06/2004|18:52] C:\Program Files\LitexMedia [10/05/2004|00:59] C:\Program Files\LIUtilities [28/01/2006|04:13] C:\Program Files\Logitech [19/11/2007|12:23] C:\Program Files\ma-config.com [11/06/2005|10:53] C:\Program Files\Magic translator [07/05/2006|00:41] C:\Program Files\MagicISO [14/09/2008|23:05] C:\Program Files\Malwarebytes' Anti-Malware [24/09/2004|19:07] C:\Program Files\mario [27/04/2008|23:20] C:\Program Files\MarkAny [17/11/2005|13:05] C:\Program Files\McAfee AntiSpyware 1.00 Install [03/04/2006|07:55] C:\Program Files\Media Player Classic [11/10/2007|00:11] C:\Program Files\Messenger [12/12/2004|00:57] C:\Program Files\Messenger Plus! 3 [07/11/2005|02:49] C:\Program Files\Messenger2 [24/10/2005|02:27] C:\Program Files\Micro Application [13/05/2007|23:21] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [10/10/2005|23:05] C:\Program Files\microsoft frontpage [25/12/2006|03:34] C:\Program Files\Microsoft Office [25/12/2006|03:33] C:\Program Files\Microsoft Visual Studio [11/09/2008|15:44] C:\Program Files\Microsoft Windows OneCare Live [25/12/2006|03:34] C:\Program Files\Microsoft Works [25/12/2006|03:32] C:\Program Files\Microsoft.NET [30/12/2007|16:15] C:\Program Files\Mindscape [20/11/2005|01:50] C:\Program Files\Miramar [27/08/2007|10:36] C:\Program Files\Moraff's SphereJongg [26/12/2004|00:58] C:\Program Files\Movie collection [14/11/2004|20:06] C:\Program Files\Movie Maker [29/09/2008|02:53] C:\Program Files\Mozilla Thunderbird [15/09/2006|09:00] C:\Program Files\MP3 Player Utilities [17/12/2007|04:52] C:\Program Files\mpegable [25/12/2006|03:34] C:\Program Files\MSBuild [06/04/2005|20:13] C:\Program Files\Msn [07/11/2005|00:22] C:\Program Files\MSN Apps [27/10/2005|00:45] C:\Program Files\MSN Games [03/05/2004|10:02] C:\Program Files\MSN Gaming Zone [08/03/2008|02:26] C:\Program Files\MSN Messenger [16/11/2006|14:58] C:\Program Files\MSXML 4.0 [04/05/2005|00:42] C:\Program Files\MultiTranse [12/03/2007|13:03] C:\Program Files\Mystery Case Files - Ravenhearst [25/10/2006|08:48] C:\Program Files\myV-55 USB-Handset Manager [07/04/2007|01:06] C:\Program Files\NCH Swift Sound [29/12/2006|03:58] C:\Program Files\neerlandais [17/07/2008|09:32] C:\Program Files\Nero [24/05/2005|09:55] C:\Program Files\Netcraft Toolbar [28/05/2008|10:37] C:\Program Files\Netlog [11/07/2008|08:06] C:\Program Files\Netlog Music Tool [14/11/2004|20:02] C:\Program Files\NetMeeting [30/11/2007|00:02] C:\Program Files\NewspaperDirect [19/05/2008|01:46] C:\Program Files\NoClone [08/03/2008|17:58] C:\Program Files\Norton Utilities [20/09/2008|02:01] C:\Program Files\NOS [13/12/2007|02:36] C:\Program Files\numerologie 1+2 [25/10/2005|11:17] C:\Program Files\Oak Systems [17/11/2005|12:41] C:\Program Files\Offline Explorer Pro [23/07/2007|00:46] C:\Program Files\Outlook Express [05/10/2005|01:54] C:\Program Files\Pacman 2005 [12/06/2008|11:40] C:\Program Files\Panasonic [13/09/2008|07:15] C:\Program Files\Panda Security [11/05/2007|13:46] C:\Program Files\Panda Software [05/12/2007|16:39] C:\Program Files\PC Inspector File Recovery [22/05/2008|08:47] C:\Program Files\PC Wizard 2008 [07/01/2007|00:48] C:\Program Files\Pegasys Inc [01/10/2005|00:39] C:\Program Files\Plus! [29/07/2008|13:20] C:\Program Files\PopUp Destroy [23/12/2006|03:22] C:\Program Files\Power IE [11/11/2003|08:46] C:\Program Files\PowerCDR [21/08/2005|01:00] C:\Program Files\PROMT5 [04/02/2007|23:37] C:\Program Files\Qualcomm(2) [09/05/2004|18:15] C:\Program Files\quark [04/03/2008|14:41] C:\Program Files\QuickPar [01/10/2006|01:13] C:\Program Files\QuickTime [04/10/2005|13:21] C:\Program Files\Real [03/04/2006|07:55] C:\Program Files\Real Alternative [18/11/2005|10:02] C:\Program Files\ReflexiveArcade [14/07/2008|02:23] C:\Program Files\regcleaner [15/11/2007|15:54] C:\Program Files\RegCleaner(2) [22/06/2008|23:36] C:\Program Files\RegCure [14/01/2007|14:13] C:\Program Files\Registry Mechanic [08/11/2004|15:23] C:\Program Files\Revistronic [09/01/2007|23:46] C:\Program Files\Runtime Software [27/04/2008|23:20] C:\Program Files\Samsung [07/04/2006|09:01] C:\Program Files\Satsuki All2DVD [06/04/2006|01:10] C:\Program Files\Satsuki Decoder Pack [31/01/2005|00:24] C:\Program Files\sbsetup [24/05/2005|01:31] C:\Program Files\ScreenMates [29/12/2006|03:49] C:\Program Files\Selor [03/05/2004|10:05] C:\Program Files\Services en ligne [03/05/2006|13:13] C:\Program Files\Shockwave.com [25/09/2005|22:51] C:\Program Files\Sierra On-Line [22/03/2006|02:43] C:\Program Files\SimpleDivX [05/05/2004|14:34] C:\Program Files\SiS7012 [10/10/2005|10:50] C:\Program Files\SiSoftware [16/06/2008|22:28] C:\Program Files\SIW [23/10/2007|23:54] C:\Program Files\Skype [01/12/2004|02:07] C:\Program Files\Slingo Deluxe [30/12/2007|16:16] C:\Program Files\SoftwarePassport [08/03/2008|18:03] C:\Program Files\Speed Disk [10/07/2007|19:46] C:\Program Files\SplitCam [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy(2) [11/01/2007|23:34] C:\Program Files\SpyRemover [09/03/2008|18:44] C:\Program Files\Spyware Doctor [11/07/2007|23:27] C:\Program Files\Spyware Doctor-new [17/09/2008|20:35] C:\Program Files\SpywareBlaster [16/06/2005|20:03] C:\Program Files\Super Clone DVD [01/10/2005|00:39] C:\Program Files\Support.com [01/10/2007|22:17] C:\Program Files\Symantec [16/06/2006|00:37] C:\Program Files\TechSmith [27/06/2008|01:40] C:\Program Files\Test-A [23/08/2007|08:56] C:\Program Files\The Cleaner [25/12/2005|04:57] C:\Program Files\ToniArts [16/09/2008|07:13] C:\Program Files\Trend Micro [21/09/2005|01:43] C:\Program Files\U.S. Robotics [02/06/2008|00:57] C:\Program Files\UBISOFT [09/04/2008|00:12] C:\Program Files\Uniblue [05/07/2004|06:56] C:\Program Files\Uninstall Information [08/03/2008|18:04] C:\Program Files\UPHClean [24/08/2008|23:16] C:\Program Files\UseNeXT [29/12/2006|22:02] C:\Program Files\U-Storage Tools2.75 [08/04/2006|20:32] C:\Program Files\VideoLAN [12/03/2007|13:04] C:\Program Files\Virtual Villagers - The Lost Children [26/02/2006|16:54] C:\Program Files\virtualdub 1.6.9 [31/01/2007|16:33] C:\Program Files\VirtualDub MPEG2 [09/03/2006|22:07] C:\Program Files\virtualdub-mpeg2 [14/12/2006|02:42] C:\Program Files\VirtualDub-MPEG2-1206 [26/09/2008|07:49] C:\Program Files\VSO [14/06/2004|07:39] C:\Program Files\Wav2mp3 [31/08/2007|04:58] C:\Program Files\Webroot [23/09/2008|02:54] C:\Program Files\Wedding Dash 2 [08/09/2008|02:40] C:\Program Files\Winamp [24/12/2007|07:19] C:\Program Files\WinAVI Video Converter 9.0 [24/12/2006|01:54] C:\Program Files\Windows Live Safety Center [12/04/2006|16:31] C:\Program Files\Windows Media Components [31/07/2008|11:11] C:\Program Files\Windows Media Connect 2 [31/07/2008|11:11] C:\Program Files\Windows Media Player [29/12/2007|16:06] C:\Program Files\Windows NT [22/12/2006|15:34] C:\Program Files\WindowsUpdate [14/03/2007|03:15] C:\Program Files\WinHTTrack [08/04/2008|23:44] C:\Program Files\WinISO [17/07/2006|11:18] C:\Program Files\winmorph [04/03/2008|14:45] C:\Program Files\WinRAR [07/06/2008|23:42] C:\Program Files\Winsos [04/03/2008|14:45] C:\Program Files\WinZip [07/04/2006|11:03] C:\Program Files\WMV9_VCM [22/08/2007|09:38] C:\Program Files\ww [03/01/2007|14:13] C:\Program Files\Xara [03/05/2004|10:07] C:\Program Files\xerox [13/01/2008|17:57] C:\Program Files\Xilisoft [29/08/2007|23:14] C:\Program Files\Yahoo! [15/01/2008|01:55] C:\Program Files\ZC2.10 [16/01/2006|20:19] C:\Program Files\Zero G Registry [29/08/2008|00:46] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [07/09/2008|18:31] C:\Program Files\Fichiers communs\Acronis [23/09/2008|23:37] C:\Program Files\Fichiers communs\Adobe [13/11/2005|14:30] C:\Program Files\Fichiers communs\Adobe Systems Shared [29/07/2008|13:18] C:\Program Files\Fichiers communs\Ahead [17/03/2008|11:23] C:\Program Files\Fichiers communs\AVSMedia [17/07/2006|11:18] C:\Program Files\Fichiers communs\debugmode [10/09/2007|19:18] C:\Program Files\Fichiers communs\DESIGNER [01/06/2007|11:31] C:\Program Files\Fichiers communs\DistributeShield [01/06/2007|11:31] C:\Program Files\Fichiers communs\DVDnextCOPY2 [06/05/2004|21:57] C:\Program Files\Fichiers communs\FileStream Scheduler [02/11/2005|11:43] C:\Program Files\Fichiers communs\InstallShield [01/10/2005|00:39] C:\Program Files\Fichiers communs\InterVideo [10/11/2004|21:21] C:\Program Files\Fichiers communs\Java [29/07/2008|13:12] C:\Program Files\Fichiers communs\LightScribe [23/11/2005|13:20] C:\Program Files\Fichiers communs\Logitech [15/12/2004|01:41] C:\Program Files\Fichiers communs\Macrovision Shared [16/04/2007|22:58] C:\Program Files\Fichiers communs\Microsoft Shared [03/05/2004|10:04] C:\Program Files\Fichiers communs\MSSoap [01/10/2005|00:39] C:\Program Files\Fichiers communs\ODBC [09/05/2008|10:38] C:\Program Files\Fichiers communs\Panda Software [26/03/2008|15:07] C:\Program Files\Fichiers communs\Real [03/05/2004|10:04] C:\Program Files\Fichiers communs\Services [01/05/2004|19:30] C:\Program Files\Fichiers communs\SpeechEngines [01/10/2005|00:39] C:\Program Files\Fichiers communs\SWF Studio [19/08/2007|18:10] C:\Program Files\Fichiers communs\Symantec Shared [23/07/2007|00:46] C:\Program Files\Fichiers communs\System [04/03/2008|14:27] C:\Program Files\Fichiers communs\Webroot Shared [17/09/2008|22:55] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 17 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-29 03:54:40 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1 --------------------\\ Recherche d'autres infections C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner\Userdata C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\MessengerSkinner.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url C:\windows\Pack.epk C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.dat C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.exe C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_nav.dat C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_navps.dat ==> EGDACCESS <== C:\windows\system32\cdMpWvut.ini2 C:\windows\system32\mVxENqss.ini C:\windows\system32\mVxENqss.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362 C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362M C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362T C:\DOCUME~1\Myriam1\Bureau\a installer\(Software) Cool Mp3 Splitter 1.2 + crack (splits full albums into tracks).zip C:\DOCUME~1\Myriam1\Bureau\a installer\Clone DVD2 + Any DVD+ crack+serial(read manual works great 100%).zip C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen C:\DOCUME~1\Myriam1\Bureau\a installer\ASHAMPOO\Ashampoo - All Products Keygen.zip C:\DOCUME~1\Myriam1\Bureau\a installer\dvdfab\DVDFab Platinum v2.9.7.0 + Crack.rar C:\DOCUME~1\Myriam1\Bureau\a installer\DVDFab Gold v3.0.4.0\Crack C:\DOCUME~1\Myriam1\Bureau\a installer\Elby Clone Dvd V1.3.10.1 Anydvd 2.0.0.4 Ger Key\Keygen-CloneDVD.exe C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen\winzip100.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\CORE.NFO C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35 C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35.zip C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\keygen.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\README.TXT C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\setup.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.gif C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\KEYGEN.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack\GBM8.exe C:\DOCUME~1\Myriam1\Bureau\Jeux\startopia\StarTopia\Startopia Crack Nocd Fr.rar C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.exe C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.sfv C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack.zip C:\DOCUME~1\Myriam1\Bureau\Util dvd\Imtoo Mpeg Encoder v2.1.46.609B Incl Keygen-Explosion.rar C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=- C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---setup.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---00.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---01.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---02.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---03.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---04.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---11.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---12.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---13.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---14.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---about.txt C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\DVDRegionFree.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\file_id.diz C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\harpoon.nfo C:\DOCUME~1\Myriam1\Bureau\Util dvd\ImToo mpeg encoder\Keygen.txt C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 6.0 Keygen-flt.exe C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 7.0 Keygen - YTU.exe C:\DOCUME~1\Myriam1\Incomplete\T-456200759-(???) Adobe Photoshop Elements 3.0 ???? [04.11.19](MDS+Keygene).rar C:\DOCUME~1\Myriam1\Recent\Crack.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.par2.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.vol00+1.PAR2.lnk C:\DOCUME~1\ALLUSE~1\Documents\Ma musique\keygen.exe [F:28][D:2]-> C:\DOCUME~1\Myriam1\LOCALS~1\Temp [F:113][D:0]-> C:\DOCUME~1\Myriam1\Cookies [F:8512][D:12]-> C:\DOCUME~1\Myriam1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - mer. 24/09/2008|23:39 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - jeu. 25/09/2008| 1:32 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - jeu. 25/09/2008|22:37 - Option : [1] 4 - "C:\Lop SD\LopR_4.txt" - lun. 29/09/2008| 3:12 - Option : [1] 5 - "C:\Lop SD\LopR_5.txt" - lun. 29/09/2008| 3:58 - Option : [2] --------------------\\ Fin du rapport a 3:58:28 Merci d'avance. -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, Voici le rapport demandé : --------------------\\ Lop S&D 4.2.4-4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 1.80GHz ) BIOS : Default System BIOS USER : Myriam1 ( Administrator ) BOOT : Normal boot Antivirus : Panda Internet Security 2008 12.00.00 (Not Activated) Firewall : Platinum 2007 Personal Firewall 11.01.00 (Not Activated) C:\ (Local Disk) - NTFS - Total : 115 Go Free : 10 Go D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-09-2008|22:20 ) Option : [1] ( jeu. 25/09/2008|22:19 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/11/2005|00:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [21/09/2005|15:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\DownloadFastFind [16/01/2006|01:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [11/02/2006|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{FBDA53F5-763E-4114-A576-612E9769C133} [07/09/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis [29/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [13/11/2005|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems [17/07/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [29/05/2008|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [08/06/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo [05/01/2005|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [11/01/2007|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7 [04/09/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Backup [17/02/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [17/04/2008|00:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [23/09/2008|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Enfocus Prefs Folder [30/04/2006|23:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData [01/07/2008|21:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genie-Soft [23/10/2007|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [12/10/2007|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [15/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [17/07/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [15/12/2004|01:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [14/09/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [08/07/2007|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [10/07/2008|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [08/06/2004|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [19/02/2007|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [20/09/2008|02:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [10/01/2007|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [23/09/2008|08:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [09/05/2004|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Quark [05/03/2006|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real [19/06/2006|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RTE [02/01/2007|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RunOff [23/12/2006|02:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanDBX [09/05/2008|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel [23/10/2007|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [08/09/2007|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [11/01/2007|23:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy(2) [08/05/2006|08:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [16/06/2006|00:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TechSmith [08/09/2008|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30/05/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia [25/04/2007|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software [31/08/2007|04:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot [31/07/2005|00:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [03/01/2006|03:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [03/05/2004|10:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [07/09/2008|18:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Acronis [30/11/2007|00:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [12/06/2004|19:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [20/11/2005|12:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [20/11/2005|12:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Media Player Classic [11/05/2006|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [13/12/2007|02:44] C:\DOCUME~1\Myriam1\APPLIC~1\1+2 [06/05/2004|14:41] C:\DOCUME~1\Myriam1\APPLIC~1\123 Free Solitaire [04/06/2005|23:38] C:\DOCUME~1\Myriam1\APPLIC~1\1ClickDVDCopy [09/08/2005|07:57] C:\DOCUME~1\Myriam1\APPLIC~1\3M [07/09/2008|19:21] C:\DOCUME~1\Myriam1\APPLIC~1\Acronis [20/09/2008|01:35] C:\DOCUME~1\Myriam1\APPLIC~1\Adobe [27/12/2006|21:51] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeAUM [23/08/2007|09:07] C:\DOCUME~1\Myriam1\APPLIC~1\AdobeUM [30/03/2006|00:16] C:\DOCUME~1\Myriam1\APPLIC~1\Apple Computer [06/06/2008|20:11] C:\DOCUME~1\Myriam1\APPLIC~1\ArcSoft [27/05/2008|21:23] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo [27/12/2007|03:19] C:\DOCUME~1\Myriam1\APPLIC~1\Ashampoo Photo Commander 4 [30/09/2006|16:47] C:\DOCUME~1\Myriam1\APPLIC~1\BitTorrent [08/04/2006|10:26] C:\DOCUME~1\Myriam1\APPLIC~1\BSplayer [28/12/2007|16:32] C:\DOCUME~1\Myriam1\APPLIC~1\Calendrier Xtra [02/07/2008|22:12] C:\DOCUME~1\Myriam1\APPLIC~1\Camfrog [21/05/2008|11:26] C:\DOCUME~1\Myriam1\APPLIC~1\CopyToDvd [27/04/2008|23:20] C:\DOCUME~1\Myriam1\APPLIC~1\DataCast [29/07/2008|13:44] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner [29/07/2008|23:52] C:\DOCUME~1\Myriam1\APPLIC~1\DeepBurner Pro [22/11/2007|21:53] C:\DOCUME~1\Myriam1\APPLIC~1\DivX [01/03/2007|00:36] C:\DOCUME~1\Myriam1\APPLIC~1\Druide [29/07/2008|08:58] C:\DOCUME~1\Myriam1\APPLIC~1\dvdcss [16/03/2008|02:20] C:\DOCUME~1\Myriam1\APPLIC~1\Enfocus Prefs Folder [01/12/2004|02:07] C:\DOCUME~1\Myriam1\APPLIC~1\funkitron [01/07/2008|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Genie-Soft [18/10/2006|04:34] C:\DOCUME~1\Myriam1\APPLIC~1\Google [31/05/2004|23:00] C:\DOCUME~1\Myriam1\APPLIC~1\Help [28/07/2008|02:18] C:\DOCUME~1\Myriam1\APPLIC~1\Identities [24/11/2005|08:15] C:\DOCUME~1\Myriam1\APPLIC~1\ImTOO [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Inbit [06/06/2008|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\InstallShield [08/07/2007|07:09] C:\DOCUME~1\Myriam1\APPLIC~1\Lavasoft [30/12/2006|00:24] C:\DOCUME~1\Myriam1\APPLIC~1\Leadertech [19/11/2007|12:26] C:\DOCUME~1\Myriam1\APPLIC~1\ma-config.com [01/10/2005|00:39] C:\DOCUME~1\Myriam1\APPLIC~1\Macromedia [14/09/2008|23:05] C:\DOCUME~1\Myriam1\APPLIC~1\Malwarebytes [17/07/2005|15:44] C:\DOCUME~1\Myriam1\APPLIC~1\Media Player Classic [22/10/2005|00:02] C:\DOCUME~1\Myriam1\APPLIC~1\Messenger2 [22/02/2008|16:57] C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner [18/07/2007|01:02] C:\DOCUME~1\Myriam1\APPLIC~1\Microsoft [01/06/2006|08:53] C:\DOCUME~1\Myriam1\APPLIC~1\MobileAction [26/10/2007|00:13] C:\DOCUME~1\Myriam1\APPLIC~1\Mozilla [16/09/2004|22:48] C:\DOCUME~1\Myriam1\APPLIC~1\MSN6 [07/04/2007|01:06] C:\DOCUME~1\Myriam1\APPLIC~1\NCH Swift Sound [29/07/2008|13:17] C:\DOCUME~1\Myriam1\APPLIC~1\NeroVision [30/11/2007|00:59] C:\DOCUME~1\Myriam1\APPLIC~1\NewspaperDirect [24/12/2006|20:08] C:\DOCUME~1\Myriam1\APPLIC~1\OfficeUpdate12 [30/03/2007|11:39] C:\DOCUME~1\Myriam1\APPLIC~1\Offline Explorer [01/11/2005|03:28] C:\DOCUME~1\Myriam1\APPLIC~1\Opera [12/06/2008|13:14] C:\DOCUME~1\Myriam1\APPLIC~1\Panasonic [14/08/2005|13:30] C:\DOCUME~1\Myriam1\APPLIC~1\Pegasys Inc [23/09/2008|08:39] C:\DOCUME~1\Myriam1\APPLIC~1\PlayFirst [09/05/2004|14:51] C:\DOCUME~1\Myriam1\APPLIC~1\Quark [26/03/2008|15:11] C:\DOCUME~1\Myriam1\APPLIC~1\Real [19/02/2007|21:56] C:\DOCUME~1\Myriam1\APPLIC~1\RecordPad [09/05/2007|22:14] C:\DOCUME~1\Myriam1\APPLIC~1\Registry Booster [11/02/2006|12:32] C:\DOCUME~1\Myriam1\APPLIC~1\Seven Zip [23/12/2007|00:56] C:\DOCUME~1\Myriam1\APPLIC~1\Snapfish [07/04/2005|16:05] C:\DOCUME~1\Myriam1\APPLIC~1\soft license type [19/02/2007|21:42] C:\DOCUME~1\Myriam1\APPLIC~1\Softplicity [02/09/2004|16:23] C:\DOCUME~1\Myriam1\APPLIC~1\Sun [08/05/2006|09:02] C:\DOCUME~1\Myriam1\APPLIC~1\Symantec [04/01/2005|09:12] C:\DOCUME~1\Myriam1\APPLIC~1\SYSTRAN [08/02/2007|20:46] C:\DOCUME~1\Myriam1\APPLIC~1\Talkback [03/07/2005|11:33] C:\DOCUME~1\Myriam1\APPLIC~1\Tenebril [08/02/2007|20:24] C:\DOCUME~1\Myriam1\APPLIC~1\Thunderbird [11/09/2008|02:37] C:\DOCUME~1\Myriam1\APPLIC~1\TmpRecentIcons [03/10/2005|11:02] C:\DOCUME~1\Myriam1\APPLIC~1\ToutMail [25/04/2007|03:20] C:\DOCUME~1\Myriam1\APPLIC~1\TuneUp Software [05/09/2008|09:36] C:\DOCUME~1\Myriam1\APPLIC~1\U3 [30/01/2008|18:38] C:\DOCUME~1\Myriam1\APPLIC~1\Uniblue [04/03/2006|20:18] C:\DOCUME~1\Myriam1\APPLIC~1\URSoft [24/09/2008|22:37] C:\DOCUME~1\Myriam1\APPLIC~1\UseNeXT [12/09/2008|11:21] C:\DOCUME~1\Myriam1\APPLIC~1\VirusRemover2008 [02/07/2005|15:27] C:\DOCUME~1\Myriam1\APPLIC~1\vlc [17/07/2008|09:10] C:\DOCUME~1\Myriam1\APPLIC~1\Vso [31/08/2007|04:58] C:\DOCUME~1\Myriam1\APPLIC~1\Webroot [11/03/2007|00:40] C:\DOCUME~1\Myriam1\APPLIC~1\WholeSecurity [08/09/2008|11:53] C:\DOCUME~1\Myriam1\APPLIC~1\Winamp [29/07/2008|08:55] C:\DOCUME~1\Myriam1\APPLIC~1\Zylom [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [04/03/2008|23:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Real --------------------\\ Tâches planifiées dans C:\windows\tasks [25/09/2008 16:08][--ah-----] C:\windows\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\windows\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/12/2007|02:35] C:\Program Files\1+2 [31/01/2006|22:04] C:\Program Files\321Studios [24/01/2006|03:00] C:\Program Files\A4Proxy [27/09/2006|01:04] C:\Program Files\AbcPuzzles [07/09/2008|18:31] C:\Program Files\Acronis [23/09/2008|23:37] C:\Program Files\adobe [29/07/2008|13:18] C:\Program Files\Ahead [29/07/2008|13:17] C:\Program Files\Ahead(3) [14/11/2004|01:47] C:\Program Files\AND [29/07/2008|13:18] C:\Program Files\Apple Software Update [12/06/2008|11:24] C:\Program Files\ArcSoft [30/06/2008|07:37] C:\Program Files\ashampoo [30/07/2008|00:00] C:\Program Files\Astonsoft [14/07/2007|15:05] C:\Program Files\Astrologie & Devenir [04/12/2004|02:07] C:\Program Files\ATI Technologies [12/03/2007|14:01] C:\Program Files\AviSynth 2.5 [18/04/2008|09:21] C:\Program Files\AVSMedia [18/02/2007|01:03] C:\Program Files\BearShare [12/03/2007|13:04] C:\Program Files\BFG [29/04/2007|01:04] C:\Program Files\Boonty [29/04/2007|13:06] C:\Program Files\BoontyGames [08/03/2008|17:43] C:\Program Files\Calendrier [08/04/2007|04:01] C:\Program Files\Camfrog [15/02/2007|08:20] C:\Program Files\Canon [04/02/2008|12:37] C:\Program Files\CCleaner [04/09/2008|12:08] C:\Program Files\CDBurnerXP [05/10/2005|13:02] C:\Program Files\CloneDVD [11/11/2007|04:11] C:\Program Files\Common Files [13/04/2006|08:39] C:\Program Files\CoolMP3Splitter [04/12/2004|01:54] C:\Program Files\Creative [04/12/2004|02:50] C:\Program Files\CyberLink [22/03/2005|11:46] C:\Program Files\Datapol [20/02/2006|01:34] C:\Program Files\denouvel [12/10/2007|20:00] C:\Program Files\Desktop [06/02/2005|03:09] C:\Program Files\Dirprint [12/03/2005|03:46] C:\Program Files\Disney Interactive [11/03/2008|18:41] C:\Program Files\DivX [22/11/2007|16:55] C:\Program Files\DivX6 [22/11/2007|16:55] C:\Program Files\DivXnew [03/04/2006|13:45] C:\Program Files\divxold [01/03/2007|00:33] C:\Program Files\Druide [07/12/2005|00:50] C:\Program Files\DVD Profiler [09/03/2008|08:20] C:\Program Files\DVD Region+CSS Free [03/09/2006|15:25] C:\Program Files\DVD Shrink [12/05/2008|21:49] C:\Program Files\DVDFab Gold 3 [01/06/2007|09:06] C:\Program Files\DVDFab HD Decrypter 3 [01/06/2007|11:32] C:\Program Files\DVDneXtCOPY2 [28/11/2005|01:05] C:\Program Files\dvdSanta [04/12/2004|01:40] C:\Program Files\DVDx [09/03/2005|19:58] C:\Program Files\Dvdxc [04/03/2008|14:23] C:\Program Files\Easy CD-DA Extractor 11 [08/09/2008|10:12] C:\Program Files\Easy CD-DA Extractor 11new [26/05/2008|23:21] C:\Program Files\EasyCovers [18/01/2008|02:03] C:\Program Files\EasyVideoSoft [11/03/2007|00:47] C:\Program Files\eBay [02/02/2006|13:00] C:\Program Files\Eidos Interactive [11/12/2007|19:51] C:\Program Files\Elaborate Bytes [29/12/2007|22:24] C:\Program Files\E-mail eXtractor [17/04/2006|02:51] C:\Program Files\encoder [13/07/2008|14:05] C:\Program Files\eRightSoft [16/03/2006|00:10] C:\Program Files\EZFace [06/11/2007|09:17] C:\Program Files\fabamusic [23/09/2008|23:45] C:\Program Files\Fichiers communs [09/01/2007|23:47] C:\Program Files\FILERECOVERY PRO [20/11/2005|01:16] C:\Program Files\FILERECOVERY PRO DEMO [13/02/2005|02:08] C:\Program Files\FLASH [21/11/2005|00:13] C:\Program Files\flaskmpeg [01/01/2008|02:54] C:\Program Files\FotoSketcher [01/07/2008|21:37] C:\Program Files\Genie-Soft [23/10/2007|23:36] C:\Program Files\Google [03/10/2005|20:36] C:\Program Files\Goto software [04/05/2004|18:46] C:\Program Files\Hewlett-Packard [21/05/2008|08:36] C:\Program Files\i-Covers [11/09/2007|11:22] C:\Program Files\Ihsv [17/04/2008|08:59] C:\Program Files\ImTOO [26/08/2005|14:52] C:\Program Files\Inbit [29/08/2005|00:42] C:\Program Files\Infogrames Interactive [12/05/2007|09:17] C:\Program Files\inKline Global [05/05/2004|21:59] C:\Program Files\InkSaver [07/06/2008|23:22] C:\Program Files\Innovative Solutions [24/09/2008|00:23] C:\Program Files\InstallShield Installation Information [04/12/2004|01:55] C:\Program Files\InterActual [12/06/2008|03:04] C:\Program Files\Internet Explorer [21/11/2005|04:17] C:\Program Files\InterVideo [08/09/2007|13:59] C:\Program Files\IrfanView [12/06/2008|11:36] C:\Program Files\ISL [28/07/2008|10:08] C:\Program Files\Java [19/05/2004|06:56] C:\Program Files\KB824146Scan [28/07/2008|12:41] C:\Program Files\KC Softwares [21/11/2005|11:53] C:\Program Files\K-Lite Codec Pack [01/01/2007|15:30] C:\Program Files\Lavalys [29/07/2008|13:19] C:\Program Files\Lavasoft [15/11/2007|15:54] C:\Program Files\LG Software Innovations [21/05/2008|10:34] C:\Program Files\LimeWire [14/06/2004|18:52] C:\Program Files\LitexMedia [10/05/2004|00:59] C:\Program Files\LIUtilities [28/01/2006|04:13] C:\Program Files\Logitech [19/11/2007|12:23] C:\Program Files\ma-config.com [11/06/2005|10:53] C:\Program Files\Magic translator [07/05/2006|00:41] C:\Program Files\MagicISO [14/09/2008|23:05] C:\Program Files\Malwarebytes' Anti-Malware [24/09/2004|19:07] C:\Program Files\mario [27/04/2008|23:20] C:\Program Files\MarkAny [17/11/2005|13:05] C:\Program Files\McAfee AntiSpyware 1.00 Install [03/04/2006|07:55] C:\Program Files\Media Player Classic [11/10/2007|00:11] C:\Program Files\Messenger [12/12/2004|00:57] C:\Program Files\Messenger Plus! 3 [07/11/2005|02:49] C:\Program Files\Messenger2 [24/10/2005|02:27] C:\Program Files\Micro Application [13/05/2007|23:21] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [10/10/2005|23:05] C:\Program Files\microsoft frontpage [25/12/2006|03:34] C:\Program Files\Microsoft Office [25/12/2006|03:33] C:\Program Files\Microsoft Visual Studio [11/09/2008|15:44] C:\Program Files\Microsoft Windows OneCare Live [25/12/2006|03:34] C:\Program Files\Microsoft Works [25/12/2006|03:32] C:\Program Files\Microsoft.NET [30/12/2007|16:15] C:\Program Files\Mindscape [20/11/2005|01:50] C:\Program Files\Miramar [27/08/2007|10:36] C:\Program Files\Moraff's SphereJongg [26/12/2004|00:58] C:\Program Files\Movie collection [14/11/2004|20:06] C:\Program Files\Movie Maker [24/09/2008|14:26] C:\Program Files\Mozilla Thunderbird [15/09/2006|09:00] C:\Program Files\MP3 Player Utilities [17/12/2007|04:52] C:\Program Files\mpegable [25/12/2006|03:34] C:\Program Files\MSBuild [06/04/2005|20:13] C:\Program Files\Msn [07/11/2005|00:22] C:\Program Files\MSN Apps [27/10/2005|00:45] C:\Program Files\MSN Games [03/05/2004|10:02] C:\Program Files\MSN Gaming Zone [08/03/2008|02:26] C:\Program Files\MSN Messenger [16/11/2006|14:58] C:\Program Files\MSXML 4.0 [04/05/2005|00:42] C:\Program Files\MultiTranse [12/03/2007|13:03] C:\Program Files\Mystery Case Files - Ravenhearst [25/10/2006|08:48] C:\Program Files\myV-55 USB-Handset Manager [07/04/2007|01:06] C:\Program Files\NCH Swift Sound [29/12/2006|03:58] C:\Program Files\neerlandais [17/07/2008|09:32] C:\Program Files\Nero [24/05/2005|09:55] C:\Program Files\Netcraft Toolbar [28/05/2008|10:37] C:\Program Files\Netlog [11/07/2008|08:06] C:\Program Files\Netlog Music Tool [14/11/2004|20:02] C:\Program Files\NetMeeting [30/11/2007|00:02] C:\Program Files\NewspaperDirect [19/05/2008|01:46] C:\Program Files\NoClone [08/03/2008|17:58] C:\Program Files\Norton Utilities [20/09/2008|02:01] C:\Program Files\NOS [13/12/2007|02:36] C:\Program Files\numerologie 1+2 [25/10/2005|11:17] C:\Program Files\Oak Systems [17/11/2005|12:41] C:\Program Files\Offline Explorer Pro [23/07/2007|00:46] C:\Program Files\Outlook Express [05/10/2005|01:54] C:\Program Files\Pacman 2005 [12/06/2008|11:40] C:\Program Files\Panasonic [13/09/2008|07:15] C:\Program Files\Panda Security [11/05/2007|13:46] C:\Program Files\Panda Software [05/12/2007|16:39] C:\Program Files\PC Inspector File Recovery [22/05/2008|08:47] C:\Program Files\PC Wizard 2008 [07/01/2007|00:48] C:\Program Files\Pegasys Inc [01/10/2005|00:39] C:\Program Files\Plus! [29/07/2008|13:20] C:\Program Files\PopUp Destroy [23/12/2006|03:22] C:\Program Files\Power IE [11/11/2003|08:46] C:\Program Files\PowerCDR [21/08/2005|01:00] C:\Program Files\PROMT5 [04/02/2007|23:37] C:\Program Files\Qualcomm(2) [09/05/2004|18:15] C:\Program Files\quark [04/03/2008|14:41] C:\Program Files\QuickPar [01/10/2006|01:13] C:\Program Files\QuickTime [04/10/2005|13:21] C:\Program Files\Real [03/04/2006|07:55] C:\Program Files\Real Alternative [18/11/2005|10:02] C:\Program Files\ReflexiveArcade [14/07/2008|02:23] C:\Program Files\regcleaner [15/11/2007|15:54] C:\Program Files\RegCleaner(2) [22/06/2008|23:36] C:\Program Files\RegCure [14/01/2007|14:13] C:\Program Files\Registry Mechanic [08/11/2004|15:23] C:\Program Files\Revistronic [09/01/2007|23:46] C:\Program Files\Runtime Software [27/04/2008|23:20] C:\Program Files\Samsung [07/04/2006|09:01] C:\Program Files\Satsuki All2DVD [06/04/2006|01:10] C:\Program Files\Satsuki Decoder Pack [31/01/2005|00:24] C:\Program Files\sbsetup [24/05/2005|01:31] C:\Program Files\ScreenMates [29/12/2006|03:49] C:\Program Files\Selor [03/05/2004|10:05] C:\Program Files\Services en ligne [03/05/2006|13:13] C:\Program Files\Shockwave.com [25/09/2005|22:51] C:\Program Files\Sierra On-Line [22/03/2006|02:43] C:\Program Files\SimpleDivX [05/05/2004|14:34] C:\Program Files\SiS7012 [10/10/2005|10:50] C:\Program Files\SiSoftware [16/06/2008|22:28] C:\Program Files\SIW [23/10/2007|23:54] C:\Program Files\Skype [01/12/2004|02:07] C:\Program Files\Slingo Deluxe [30/12/2007|16:16] C:\Program Files\SoftwarePassport [08/03/2008|18:03] C:\Program Files\Speed Disk [10/07/2007|19:46] C:\Program Files\SplitCam [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy [11/01/2007|23:34] C:\Program Files\Spybot - Search & Destroy(2) [11/01/2007|23:34] C:\Program Files\SpyRemover [09/03/2008|18:44] C:\Program Files\Spyware Doctor [11/07/2007|23:27] C:\Program Files\Spyware Doctor-new [17/09/2008|20:35] C:\Program Files\SpywareBlaster [16/06/2005|20:03] C:\Program Files\Super Clone DVD [01/10/2005|00:39] C:\Program Files\Support.com [01/10/2007|22:17] C:\Program Files\Symantec [16/06/2006|00:37] C:\Program Files\TechSmith [27/06/2008|01:40] C:\Program Files\Test-A [23/08/2007|08:56] C:\Program Files\The Cleaner [25/12/2005|04:57] C:\Program Files\ToniArts [16/09/2008|07:13] C:\Program Files\Trend Micro [21/09/2005|01:43] C:\Program Files\U.S. Robotics [02/06/2008|00:57] C:\Program Files\UBISOFT [09/04/2008|00:12] C:\Program Files\Uniblue [05/07/2004|06:56] C:\Program Files\Uninstall Information [08/03/2008|18:04] C:\Program Files\UPHClean [24/08/2008|23:16] C:\Program Files\UseNeXT [29/12/2006|22:02] C:\Program Files\U-Storage Tools2.75 [08/04/2006|20:32] C:\Program Files\VideoLAN [12/03/2007|13:04] C:\Program Files\Virtual Villagers - The Lost Children [26/02/2006|16:54] C:\Program Files\virtualdub 1.6.9 [31/01/2007|16:33] C:\Program Files\VirtualDub MPEG2 [09/03/2006|22:07] C:\Program Files\virtualdub-mpeg2 [14/12/2006|02:42] C:\Program Files\VirtualDub-MPEG2-1206 [26/06/2008|11:38] C:\Program Files\VSO [14/06/2004|07:39] C:\Program Files\Wav2mp3 [31/08/2007|04:58] C:\Program Files\Webroot [23/09/2008|02:54] C:\Program Files\Wedding Dash 2 [08/09/2008|02:40] C:\Program Files\Winamp [24/12/2007|07:19] C:\Program Files\WinAVI Video Converter 9.0 [24/12/2006|01:54] C:\Program Files\Windows Live Safety Center [12/04/2006|16:31] C:\Program Files\Windows Media Components [31/07/2008|11:11] C:\Program Files\Windows Media Connect 2 [31/07/2008|11:11] C:\Program Files\Windows Media Player [29/12/2007|16:06] C:\Program Files\Windows NT [22/12/2006|15:34] C:\Program Files\WindowsUpdate [14/03/2007|03:15] C:\Program Files\WinHTTrack [08/04/2008|23:44] C:\Program Files\WinISO [17/07/2006|11:18] C:\Program Files\winmorph [04/03/2008|14:45] C:\Program Files\WinRAR [07/06/2008|23:42] C:\Program Files\Winsos [04/03/2008|14:45] C:\Program Files\WinZip [07/04/2006|11:03] C:\Program Files\WMV9_VCM [22/08/2007|09:38] C:\Program Files\ww [03/01/2007|14:13] C:\Program Files\Xara [03/05/2004|10:07] C:\Program Files\xerox [13/01/2008|17:57] C:\Program Files\Xilisoft [29/08/2007|23:14] C:\Program Files\Yahoo! [15/01/2008|01:55] C:\Program Files\ZC2.10 [16/01/2006|20:19] C:\Program Files\Zero G Registry [29/08/2008|00:46] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [07/09/2008|18:31] C:\Program Files\Fichiers communs\Acronis [23/09/2008|23:37] C:\Program Files\Fichiers communs\Adobe [13/11/2005|14:30] C:\Program Files\Fichiers communs\Adobe Systems Shared [29/07/2008|13:18] C:\Program Files\Fichiers communs\Ahead [17/03/2008|11:23] C:\Program Files\Fichiers communs\AVSMedia [17/07/2006|11:18] C:\Program Files\Fichiers communs\debugmode [10/09/2007|19:18] C:\Program Files\Fichiers communs\DESIGNER [01/06/2007|11:31] C:\Program Files\Fichiers communs\DistributeShield [01/06/2007|11:31] C:\Program Files\Fichiers communs\DVDnextCOPY2 [06/05/2004|21:57] C:\Program Files\Fichiers communs\FileStream Scheduler [02/11/2005|11:43] C:\Program Files\Fichiers communs\InstallShield [01/10/2005|00:39] C:\Program Files\Fichiers communs\InterVideo [10/11/2004|21:21] C:\Program Files\Fichiers communs\Java [29/07/2008|13:12] C:\Program Files\Fichiers communs\LightScribe [23/11/2005|13:20] C:\Program Files\Fichiers communs\Logitech [15/12/2004|01:41] C:\Program Files\Fichiers communs\Macrovision Shared [16/04/2007|22:58] C:\Program Files\Fichiers communs\Microsoft Shared [03/05/2004|10:04] C:\Program Files\Fichiers communs\MSSoap [01/10/2005|00:39] C:\Program Files\Fichiers communs\ODBC [09/05/2008|10:38] C:\Program Files\Fichiers communs\Panda Software [26/03/2008|15:07] C:\Program Files\Fichiers communs\Real [03/05/2004|10:04] C:\Program Files\Fichiers communs\Services [01/05/2004|19:30] C:\Program Files\Fichiers communs\SpeechEngines [01/10/2005|00:39] C:\Program Files\Fichiers communs\SWF Studio [19/08/2007|18:10] C:\Program Files\Fichiers communs\Symantec Shared [23/07/2007|00:46] C:\Program Files\Fichiers communs\System [04/03/2008|14:27] C:\Program Files\Fichiers communs\Webroot Shared [17/09/2008|22:55] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 62 Processes ) iexplore.exe ~ [PID:4640] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4 --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-25 22:28:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.dat 6051 bytes C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.exe 286720 bytes executable C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_nav.dat 159409 bytes C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_navps.dat 1115 bytes scan completed successfully hidden processes: 0 hidden files: 5 --------------------\\ Recherche d'autres infections C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner C:\DOCUME~1\Myriam1\APPLIC~1\MessengerSkinner\Userdata C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\MessengerSkinner.lnk C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url C:\windows\Pack.epk C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.dat C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik.exe C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_nav.dat C:\DOCUME~1\Myriam1\LOCALS~1\APPLIC~1\cgquaik_navps.dat ==> EGDACCESS <== C:\windows\system32\cdMpWvut.ini2 C:\windows\system32\mVxENqss.ini C:\windows\system32\mVxENqss.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362 C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362M C:\DOCUME~1\Myriam1\Application Data\Adobe\FileBrowser\PhotoshopElements3\keygen362T C:\DOCUME~1\Myriam1\Bureau\a installer\(Software) Cool Mp3 Splitter 1.2 + crack (splits full albums into tracks).zip C:\DOCUME~1\Myriam1\Bureau\a installer\Clone DVD2 + Any DVD+ crack+serial(read manual works great 100%).zip C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen C:\DOCUME~1\Myriam1\Bureau\a installer\ASHAMPOO\Ashampoo - All Products Keygen.zip C:\DOCUME~1\Myriam1\Bureau\a installer\dvdfab\DVDFab Platinum v2.9.7.0 + Crack.rar C:\DOCUME~1\Myriam1\Bureau\a installer\DVDFab Gold v3.0.4.0\Crack C:\DOCUME~1\Myriam1\Bureau\a installer\Elby Clone Dvd V1.3.10.1 Anydvd 2.0.0.4 Ger Key\Keygen-CloneDVD.exe C:\DOCUME~1\Myriam1\Bureau\a installer\winzip 10+keygen\winzip100.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\CORE.NFO C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35 C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35.zip C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\keygen.exe C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\README.TXT C:\DOCUME~1\Myriam1\Bureau\Divers\Directory Printer 3.52a Incl Keygen Core\dirprn35\setup.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\dvd-ripper-platinum.gif C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\KEYGEN.exe C:\DOCUME~1\Myriam1\Bureau\Exe\(Apps) ImTOO DVD Ripper Platinum v4.0 (DVD & Audio Ripper, DVD to iPod, PSP,DivX, Converter In One Program) & Serial KeyGen\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack C:\DOCUME~1\Myriam1\Bureau\Genie backup\tgp8477\Crack\GBM8.exe C:\DOCUME~1\Myriam1\Bureau\Jeux\startopia\StarTopia\Startopia Crack Nocd Fr.rar C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.exe C:\DOCUME~1\Myriam1\Bureau\NERO 6 3 1 17\Keygen.sfv C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack.zip C:\DOCUME~1\Myriam1\Bureau\Util dvd\Imtoo Mpeg Encoder v2.1.46.609B Incl Keygen-Explosion.rar C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=- C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---setup.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---00.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---01.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---02.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---03.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---04.png C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---11.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---12.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---13.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free---14.gif C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50---about.txt C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\-=-\Thumbs.db C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\DVDRegionFree.exe C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\file_id.diz C:\DOCUME~1\Myriam1\Bureau\Util dvd\DVD_Region+CSS_Free_(DVD_Region-Free)_v5-50+Crack\Crack\harpoon.nfo C:\DOCUME~1\Myriam1\Bureau\Util dvd\ImToo mpeg encoder\Keygen.txt C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 6.0 Keygen-flt.exe C:\DOCUME~1\Myriam1\Bureau\util nero\Nero Burning Rom 7.0 Keygen - YTU.exe C:\DOCUME~1\Myriam1\Incomplete\T-456200759-(???) Adobe Photoshop Elements 3.0 ???? [04.11.19](MDS+Keygene).rar C:\DOCUME~1\Myriam1\Recent\Crack.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.par2.lnk C:\DOCUME~1\Myriam1\Recent\lavasoft crack .(incomplete).rar.vol00+1.PAR2.lnk C:\DOCUME~1\ALLUSE~1\Documents\Ma musique\keygen.exe [F:17][D:2]-> C:\DOCUME~1\Myriam1\LOCALS~1\Temp [F:22][D:0]-> C:\DOCUME~1\Myriam1\Cookies [F:6006][D:8]-> C:\DOCUME~1\Myriam1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - mer. 24/09/2008|23:39 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - jeu. 25/09/2008| 1:32 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - jeu. 25/09/2008|22:37 - Option : [1] --------------------\\ Fin du rapport a 22:37:10 Merci d'avance Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
et voici le rapport : SDFix: Version 1.228 Run by Myriam1 on mer. 24/09/2008 at 02:38 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted C:\windows\system32\cbXPjKDt.dll - Deleted C:\windows\system32\lncom_.exe - Deleted Folder C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-24 05:28:40 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:74,c4,11,dd,00,f3,c1,5e,ff,70,91,4e,08,57,bc,b0,a1,1a,4b,38,22,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet084\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet084\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet086\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet086\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet087\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet087\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:248e7baa "s2"=dword:c4925927 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet089\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet089\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare\\BearShare.exe:*:Enabled:BearShare" "C:\\Program Files\\SpywareBlaster\\spywareblaster.exe"="C:\\Program Files\\SpywareBlaster\\spywareblaster.exe:*:Enabled:SpywareBlaster" "C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\UseNeXT\\UseNeXT.exe"="C:\\Program Files\\UseNeXT\\UseNeXT.exe:LocalSubNet:Enabled:UseNeXT" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic" "C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Sun 7 Jan 2007 220 A.SH. --- "C:\WINDOWS\dwin.sys" Sat 30 Jul 2005 104 ..SHR --- "C:\WINDOWS\system32\21E8F11996.sys" Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll" Mon 3 Apr 2006 848 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll" Sun 16 Mar 2008 216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll" Sat 3 Dec 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Mon 17 Oct 2005 73,728 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBRegEx550.dll" Mon 17 Oct 2005 39,936 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBShell555.dll" Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Sun 13 Jul 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Mon 22 Jul 2002 418,816 ...HR --- "C:\WINDOWS\system32\Tools\All.exe" Fri 19 Jul 2002 390,144 ...HR --- "C:\WINDOWS\system32\Tools\Change.exe" Fri 19 Jul 2002 574,464 ...HR --- "C:\WINDOWS\system32\Tools\CheckPath.exe" Tue 20 Aug 2002 430,592 ...HR --- "C:\WINDOWS\system32\Tools\Counter.exe" Tue 23 Jul 2002 390,656 ...HR --- "C:\WINDOWS\system32\Tools\DelFolders.exe" Fri 22 Nov 2002 399,872 ...HR --- "C:\WINDOWS\system32\Tools\DirectSetup.exe" Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RegClean.exe" Fri 19 Jul 2002 388,608 ...HR --- "C:\WINDOWS\system32\Tools\Regexe.exe" Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RunRegexe.exe" Thu 31 Jul 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe" Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\U3\temp\Launchpad Removal.exe" Finished! Merci. PS : Je suis occupée à désinstaller des programmes que je n'utilise plus. -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, Je reste toujours avec des erreurs de ce type : Application popup : HelpCtr.exe - Erreur d'application : L'instruction à "0x00e118f5" emploie l'adresse mémoire "0x5f5c001e". La mémoire ne peut pas être "read". Cliquez sur OK pour terminer le programme. et des fenêtres intempestives qui me proposent de télécharger programmes antivirus, antyspywares ou de scanner mon système en ligne (provenant de microsoft) et des fenêtres publicitaires. Passer à IE7 serait-il déjà une solution ? Que puis-je faire, svp ??? J'attends votre aide. Merci. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, J'ai acheté le programme : "ashampoo antispyware 2", il a détecté un rootkit : CGQUAIK.EXE ? J'ai regardé les propriétés du fichier WINTOS.EXE : Entreprise : APP Original filename : APP.EXE Il y a aussi un fichier WINT.EXE qui a exactement les memes propriétés. Voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:33:39, on 21/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\windows\Explorer.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Panda Security\Panda Internet Security 2008\ApvxdWin.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\windows\System32\alg.exe C:\windows\system32\wscntfy.exe C:\windows\system32\rundll32.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\windows\System32\svchost.exe C:\Documents and Settings\Myriam1\Application Data\wintos.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Documents and Settings\Myriam1\Application Data\wint.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\Program Files\Norton Utilities\WDSCAN.EXE C:\windows\SYSTEM32\taskmgr.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program Files\ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe O4 - HKLM\..\Run: [a07233d7] rundll32.exe "C:\windows\system32\qcivnwfm.dll",b O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll cfcewp.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 17206 bytes Une amie avec qui je me connecte sur msn a aussi des problèmes de navigations sur le net, des spams publicitaires. A bientôt Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, J'ai acheté le programme : "ashampoo antispyware 2", il a détecté un rootkit : CGQUAIK.EXE ? J'ai regardé les propriétés du fichier WINTOS.EXE : Entreprise : APP Original filename : APP.EXE Il y a aussi un fichier WINT.EXE qui a exactement les memes propriétés. Voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:33:39, on 21/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\windows\Explorer.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Panda Security\Panda Internet Security 2008\ApvxdWin.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\windows\System32\alg.exe C:\windows\system32\wscntfy.exe C:\windows\system32\rundll32.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\windows\System32\svchost.exe C:\Documents and Settings\Myriam1\Application Data\wintos.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\Documents and Settings\Myriam1\Application Data\wint.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\Program Files\Norton Utilities\WDSCAN.EXE C:\windows\SYSTEM32\taskmgr.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program Files\ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe O4 - HKLM\..\Run: [a07233d7] rundll32.exe "C:\windows\system32\qcivnwfm.dll",b O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll cfcewp.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 17206 bytes Une amie avec qui je me connecte sur msn a aussi des problèmes de navigations sur le net, des spams publicitaires. A bientôt Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonjour, Voici le rapport demandé : SDFix: Version 1.227 Run by Myriam1 on sam. 20/09/2008 at 01:18 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\windows\system32\cbXPjKDt.dll - Deleted C:\Documents and Settings\Myriam1\Application Data\Adobe\crc.dat - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\lwpwer.exe.bat - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\smchk.exe.bat - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\windfr.exe.bat - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP2.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP8.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPC.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPE.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP16.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP2.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP35.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP8.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP86.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPC.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPE.tmp - Deleted C:\DOCUME~1\Myriam1\LOCALS~1\Temp\removalfile.bat - Deleted C:\windows\system32\lncom_.exe - Deleted Folder C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-20 02:17:49 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "p0"="C:\Program Files\Alcohol Soft\Alcohol 120\" "h0"=dword:00000000 "ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,.. "khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:74,c4,11,dd,00,f3,c1,5e,ff,70,91,4e,08,57,bc,b0,a1,1a,4b,38,22,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\TDSSserv] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:248e7baa "s2"=dword:c4925927 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000000 "ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000001 "khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare\\BearShare.exe:*:Enabled:BearShare" "C:\\Program Files\\SpywareBlaster\\spywareblaster.exe"="C:\\Program Files\\SpywareBlaster\\spywareblaster.exe:*:Enabled:SpywareBlaster" "C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\UseNeXT\\UseNeXT.exe"="C:\\Program Files\\UseNeXT\\UseNeXT.exe:LocalSubNet:Enabled:UseNeXT" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic" "C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic" "C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe:*:Enabled:IncrediMail Installer" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Sun 7 Jan 2007 220 A.SH. --- "C:\WINDOWS\dwin.sys" Sat 30 Jul 2005 104 ..SHR --- "C:\WINDOWS\system32\21E8F11996.sys" Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll" Mon 3 Apr 2006 848 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll" Sun 16 Mar 2008 216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll" Sat 3 Dec 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Mon 17 Oct 2005 30,720 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBInternetEncodings600.dll" Mon 17 Oct 2005 73,728 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBRegEx550.dll" Mon 17 Oct 2005 39,936 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBShell555.dll" Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Sun 13 Jul 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Mon 22 Jul 2002 418,816 ...HR --- "C:\WINDOWS\system32\Tools\All.exe" Fri 19 Jul 2002 390,144 ...HR --- "C:\WINDOWS\system32\Tools\Change.exe" Fri 19 Jul 2002 574,464 ...HR --- "C:\WINDOWS\system32\Tools\CheckPath.exe" Tue 20 Aug 2002 430,592 ...HR --- "C:\WINDOWS\system32\Tools\Counter.exe" Tue 23 Jul 2002 390,656 ...HR --- "C:\WINDOWS\system32\Tools\DelFolders.exe" Fri 22 Nov 2002 399,872 ...HR --- "C:\WINDOWS\system32\Tools\DirectSetup.exe" Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RegClean.exe" Fri 19 Jul 2002 388,608 ...HR --- "C:\WINDOWS\system32\Tools\Regexe.exe" Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RunRegexe.exe" Thu 31 Jul 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe" Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\U3\temp\Launchpad Removal.exe" Finished! Merci pour l'aide précieuse. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
J'ai crié "victoire" trop vite, mon antivirus passe à nouveau de status "correcte" à "erreur" sur protection contre les menaces connues, virus, logiciel espion, et pas moyen de le changer. Que puis-je faire pour me sortir de cette mauvaise passe??? J'ai désinstallé : LAVASOFT - ADAWARE et Internet gamebox. Je sais que je ne suis pas la seule à avoir "attrapé ce VIRUS ALERT" mais pour l'instant je suis au point mort. Pourriez-vous m'aider SVP? Merci d'avance. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonjour, Hier soir j'ai éteind mon pc et ce matin mon antivirus fonctionne normalement (protection contre les menaces connues est signalé "correcte"). Mais j'ai toujours des propositions de scan de mon pc, des erreurs d'exécution (adresse mémoire "yyyy" ne sait pas etre "read". Je devrais me connecter sur msn pour voir mon courrier mais je n'ose pas me connecter avec mon problème actuel. Est-il préférable de "virer" IE6 et d'opter pour un autre navigateur internet? Merci pour votre aide. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonjour, Il y a déjà pas mal de choses qui sont redevenues normales (fond d'écran normal, tous les programmes sont accessibles). Mais toujours des [erreurs d'application xxxx emploie l'adresse mémoire yyyy; la mémoire ne peut pas être "read"????]. Remarque : je suis toujours en IE6, les mises à jour de windows ne sont pas en mode automatique et le parefeu de windows est désactivé (je suis connectée à internet via une connexion réseau local vers un I-Mac qui lui a un routeur qui fait office de parefeu, cela fait des années que tout fonctionne bien avec cette configuration). Mon antivirus passe de status "correcte" à "erreur" sur protection contre les menaces connues, virus, logiciel espion. et pas moyen de le changer. Par contre il se met à jour sans problème. J'ai ce problème depuis le 11 septembre également. Voici le rapport de Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:32:54, on 16/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\windows\Explorer.EXE C:\windows\system32\spoolsv.exe C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\windows\system32\PuXpMan2.exe C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Calendrier\Cld2000.exe C:\windows\system32\ctfmon.exe C:\Program Files\Miramar\PC MACLAN\ATMsg.exe C:\Program Files\Norton Utilities\SYSDOC32.EXE C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE C:\Program Files\Norton Utilities\NPROTECT.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\windows\System32\tcpsvcs.exe C:\Program Files\Speed Disk\nopdb.exe C:\windows\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\UPHClean\uphclean.exe C:\WINDOWS\system32\windowsautomaticupdates.exe C:\Program Files\Webroot\Washer\WasherSvc.exe C:\windows\system32\wscntfy.exe C:\windows\System32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program Files\UseNeXT\UseNeXT.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\windows\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Security\Panda Internet Security 2008\IFACE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 ;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [a07233d7] rundll32.exe "C:\windows\system32\nkhlghyv.dll",b O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Search - O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O15 - Trusted Zone: http://www.rigolus.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22 O20 - AppInit_DLLs: qxxwxh.dll ijfuks.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe O24 - Desktop Component 0: Privacy Protection - (no file) -- End of file - 16488 bytes Remarque : j'ai un disque dur externe de stockage, je fais également mes copies de sécurité sur ce disque avec acronis (image disque). Je n'ai plus osé allumer ce disque depuis mes problèmes du 11.09. Encore merci. Myriam -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, J'ai donc effectué les manipulations demandées. Voici le rapport : Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1152 Windows 5.1.2600 Service Pack 2 14/09/2008 23:21:25 mbam-log-2008-09-14 (23-21-25).txt Type de recherche: Examen rapide Eléments examinés: 55083 Temps écoulé: 8 minute(s), 11 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 4 Clé(s) du Registre infectée(s): 40 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 17 Fichier(s) infecté(s): 114 Processus mémoire infecté(s): C:\Documents and Settings\Myriam1\Application Data\Adobe\Manager.exe (Trojan.Agent) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\rtxhejqv.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\ssqNExVm.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\cbXPjKDt.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\qxxwxh.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40d58b95-536f-4d36-93eb-a78d2eaa2606} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{40d58b95-536f-4d36-93eb-a78d2eaa2606} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxpjkdt (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed601a91-c994-4f0e-93d5-33397c85f135} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ed601a91-c994-4f0e-93d5-33397c85f135} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Delete on reboot. HKEY_CLASSES_ROOT\TypeLib\{efebfa69-2dfa-31b0-9db6-465c0009e05c} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e34112c6-c54c-38f8-b80e-c3cfe3a0cafa} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f89acbbd-b008-37bf-8237-af02b24a46e5} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f89acbbd-b008-37bf-8237-af02b24a46e5} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a07233d7 (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6afb6f98-289c-442e-b577-5e5125c742e2} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Run (Backdoor.Bot) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ssqnexvm -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ssqnexvm -> Delete on reboot. Dossier(s) infecté(s): C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\download (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Delete on reboot. C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\VirusRemover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\ssqNExVm.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\mVxENqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mVxENqss.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXPjKDt.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\qxxwxh.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\aturchky.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ykhcruta.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ddcYsTjJ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\JjTsYcdd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rtxhejqv.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\vqjehxtr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\cgkkics.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Application Data\qemoosbl.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\WINDOWS\edka.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXPjKEX.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\eesdjssm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcATNGv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fewtwpnn.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fexhpsab.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hxazkq(2).dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ilxovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkLEWoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ljJAPFWN(2).dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ljJYPhGv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lnavoy.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mlJDuvVo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mmx95469.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mx95469.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qoMeDWoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ssqNDspP.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temp\TDSS7c0c.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\5GQU7F1N\cntr[1].gif (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\BGRQNNBM\file[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\BGRQNNBM\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temporary Internet Files\Content.IE5\UVCJV40H\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\danger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\spacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\download\defaultPack.cab (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\appconfig.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnBnr.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnIn.rgn (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnInNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnInOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormal.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormal.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormalBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnNormalBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOver.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOver.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOverBnr.bmp (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\btnOverBnr.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MessengerSkinner\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svsys.exe (Trojan.Agent) -> Delete on reboot. C:\Program Files\RegistrySmart\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Log\log_2007_05_13_01_20_00.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Registry Backups\2006-12-23_08-52-25.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Registry Backups\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\RegistrySmart\Registry Backups\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Program Files\VirusRemover2008\Viruses.bdt (Rogue.VirusRemove) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Oct 12 - 12_25_22 AM_812.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Oct 12 - 12_25_32 AM_343.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 04_48_18 PM_532.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 04_48_43 PM_919.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 09_47_04 AM_340.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 09 - 09_47_11 AM_821.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 10 - 03_30_02 AM_278.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 11 - 03_30_02 AM_335.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 03_30_02 AM_483.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 10_15_02 AM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 12 - 10_15_17 AM_411.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 13 - 03_30_01 AM_465.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 14 - 03_30_01 AM_743.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Log\2007 Sep 15 - 03_30_01 AM_680.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups\2007-09-09_12-57-51.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RegistrySmart\Registry Backups\2007-09-12_06-24-52.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdsspopup.dll (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdsspopup1.url (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdsspopup2.url (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdsspopup3.url (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\casino1.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\casino2.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\casino3.ico (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\Adobe\Manager.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\dtseqrxk.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\mgxfebsq.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\znrfjsvb_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\znrfjsvb_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Application Data\RBXML550.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam1\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. J'ai du redémarrer mon pc. Encore merci pour ton aide. Myriam. -
Message « Virus Alert! » à côté de l'horloge
sahinwila a répondu à un(e) sujet de sahinwila dans Analyses et éradication malwares
Bonsoir, J'ai donc démarré mon pc en mode sans échec. J'ai retrouvé mon poste de travail, la fonction recherche. Par contre j'ai perdu mes points de restauration (à moins que cela soit lié au mode sans échec???) J'ai toujours les erreurs d'application (mémoire ne peut pas être "read") et les fenêtres me proposant de vérifier mon pc... Voici le deuxième rapport (option 2 en mode sans échec) : SmitFraudFix v2.349 Rapport fait à 21:26:39,64, ven. 12/09/2008 Executé à partir de C:\Documents and Settings\Myriam1\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri C:\windows\vmgspntbmtk.dll deleted. C:\windows\fqbewlna.dll deleted. »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\windows\mqgldfvo.exe supprimé C:\windows\privacy_danger\ supprimé C:\DOCUME~1\Myriam1\Favoris\Error Cleaner.url supprimé C:\DOCUME~1\Myriam1\Favoris\Privacy Protector.url supprimé C:\DOCUME~1\Myriam1\Favoris\Spyware?Malware Protection.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte Fast Ethernet PCI 900 SiS - Miniport d'ordonnancement de paquets DNS Server Search Order: 195.238.2.21 DNS Server Search Order: 195.238.2.22 HKLM\SYSTEM\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22 HKLM\SYSTEM\CS1\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22 HKLM\SYSTEM\CS2\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22 HKLM\SYSTEM\CS3\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer=195.238.2.21,195.238.2.22 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin C'est vraiment bizarre ce qui se passe. D'avance merci pour ton aide Myriam