Message « Virus Alert! » à côté de l'horloge

Lien Rag · le 19 septembre 2008

Bonsoir myriam

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

[*]Redémarre ton ordinateur

[*]Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).

[*]A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.

[*]Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".

[*]Choisis ton compte.

Déroule la liste des instructions ci-dessous :

[*]Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.

[*]Appuie sur Y pour commencer le processus de nettoyage.

[*]Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

[*]Appuie sur une touche pour redémarrer le PC.

[*]Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

[*]Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

[*]Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

[*]Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

[*]Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.

N.B.:

- Le fichier SDFIX_README.htm (dans le dossier SDFix) contient la liste des malwares pris en compte par l'outil.

- Andy fait plusieurs mises à jour, souvent plus d'une par jour... N'hésitez donc pas à demander de télécharger une nouvelle version lorsque le nettoyage dure et que l'outil ne semble pas tout voir.

sahinwila · le 20 septembre 2008

Bonjour,

Voici le rapport demandé :

SDFix: Version 1.227

Run by Myriam1 on sam. 20/09/2008 at 01:18

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Checking Services :

Restoring Default Security Values

Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\windows\system32\cbXPjKDt.dll - Deleted

C:\Documents and Settings\Myriam1\Application Data\Adobe\crc.dat - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\lwpwer.exe.bat - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\smchk.exe.bat - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\windfr.exe.bat - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP2.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP8.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPC.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPE.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP16.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP2.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP35.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP8.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMP86.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPC.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\TMPE.tmp - Deleted

C:\DOCUME~1\Myriam1\LOCALS~1\Temp\removalfile.bat - Deleted

C:\windows\system32\lncom_.exe - Deleted

Folder C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 - Removed

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-20 02:17:49

Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:

ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:90,90,23,c2,99,60,41,72,7c,5c,d4,62,c0,ba,8b,d7,6b,ad,d0,2e,89,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

"h0"=dword:00000000

"ujdew"=hex:4b,5f,a7,bd,d4,8b,96,52,54,80,a2,8b,1b,25,24,3b,8b,eb,d5,55,7c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:9a,90,a5,a3,f8,87,70,0e,b8,87,38,97,71,15,74,65,a5,11,be,76,2a,..

"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]

"a0"=hex:20,01,00,00,6e,00,ba,39,07,f8,a1,d0,1a,92,bb,15,4e,4d,a0,9c,80,..

"khjeh"=hex:bf,9d,c8,8c,6d,f4,15,e7,57,23,70,1c,ac,f7,83,23,54,0c,d7,cb,d2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]

"khjeh"=hex:df,f2,7d,ac,bf,f1,44,24,dd,a5,38,5a,9b,e3,56,b9,b5,eb,20,cb,d9,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:28,81,7f,00,84,e6,69,f2,ad,8a,2f,bf,9a,b7,bf,a0,8e,ef,ab,78,58,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:74,c4,11,dd,00,f3,c1,5e,ff,70,91,4e,08,57,bc,b0,a1,1a,4b,38,22,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet050\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet051\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet052\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet053\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet054\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet055\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet056\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet057\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet058\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet059\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet060\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet061\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet062\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet063\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet064\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet065\Services\TDSSserv]

"start"=dword:00000001

"type"=dword:00000001

"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet066\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet067\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet068\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet069\Services\TDSSserv]

"start"=dword:00000001

"type"=dword:00000001

"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet070\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet071\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet072\Services\TDSSserv]

"start"=dword:00000001

"type"=dword:00000001

"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet073\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet074\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet075\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet076\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet077\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet078\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet079\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet080\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet081\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet082\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet083\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:248e7baa

"s2"=dword:c4925927

"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]

"h0"=dword:00000000

"ujdew"=hex:5b,db,b3,27,17,34,c5,0f,98,50,43,8d,8f,19,83,95,cd,28,4c,91,2c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet085\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000001

"khjeh"=hex:a8,eb,3e,a4,b9,66,d3,a5,ee,8b,54,4b,07,c5,98,f5,45,db,58,ab,3f,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare\\BearShare.exe:*:Enabled:BearShare"

"C:\\Program Files\\SpywareBlaster\\spywareblaster.exe"="C:\\Program Files\\SpywareBlaster\\spywareblaster.exe:*:Enabled:SpywareBlaster"

"C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"

"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"

"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Program Files\\UseNeXT\\UseNeXT.exe"="C:\\Program Files\\UseNeXT\\UseNeXT.exe:LocalSubNet:Enabled:UseNeXT"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

"C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\SD\\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"

"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"

"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"

"C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe"="C:\\Documents and Settings\\Myriam1\\Bureau\\Incredimail\\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Sun 7 Jan 2007 220 A.SH. --- "C:\WINDOWS\dwin.sys"

Sat 30 Jul 2005 104 ..SHR --- "C:\WINDOWS\system32\21E8F11996.sys"

Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"

Mon 3 Apr 2006 848 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"

Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"

Sun 16 Mar 2008 216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll"

Sat 3 Dec 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

Mon 17 Oct 2005 30,720 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBInternetEncodings600.dll"

Mon 17 Oct 2005 73,728 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBRegEx550.dll"

Mon 17 Oct 2005 39,936 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\RBShell555.dll"

Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"

Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"

Sun 13 Jul 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"

Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"

Mon 22 Jul 2002 418,816 ...HR --- "C:\WINDOWS\system32\Tools\All.exe"

Fri 19 Jul 2002 390,144 ...HR --- "C:\WINDOWS\system32\Tools\Change.exe"

Fri 19 Jul 2002 574,464 ...HR --- "C:\WINDOWS\system32\Tools\CheckPath.exe"

Tue 20 Aug 2002 430,592 ...HR --- "C:\WINDOWS\system32\Tools\Counter.exe"

Tue 23 Jul 2002 390,656 ...HR --- "C:\WINDOWS\system32\Tools\DelFolders.exe"

Fri 22 Nov 2002 399,872 ...HR --- "C:\WINDOWS\system32\Tools\DirectSetup.exe"

Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RegClean.exe"

Fri 19 Jul 2002 388,608 ...HR --- "C:\WINDOWS\system32\Tools\Regexe.exe"

Fri 19 Jul 2002 388,096 ...HR --- "C:\WINDOWS\system32\Tools\RunRegexe.exe"

Thu 31 Jul 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"

Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"

Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"

Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"

Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"

Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"

Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"

Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"

Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"

Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"

Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"

Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"

Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"

Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"

Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"

Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"

Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"

Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"

Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"

Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"

Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"

Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"

Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"

Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"

Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Documents and Settings\Myriam1\Application Data\U3\temp\Launchpad Removal.exe"

Finished!

Merci pour l'aide précieuse.

Myriam

Lien Rag · le 21 septembre 2008

Bonjour Myriam

un rapport Hijack stp

sahinwila · le 21 septembre 2008

Bonsoir,

J'ai acheté le programme : "ashampoo antispyware 2", il a détecté un rootkit : CGQUAIK.EXE ?

J'ai regardé les propriétés du fichier WINTOS.EXE :

Entreprise : APP

Original filename : APP.EXE

Il y a aussi un fichier WINT.EXE qui a exactement les memes propriétés.

Voici le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:33:39, on 21/09/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\csrss.exe

C:\windows\SYSTEM32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

C:\windows\System32\svchost.exe

C:\windows\system32\spoolsv.exe

C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Miramar\PC MACLAN\ATMsg.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE

C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE

C:\Program Files\Norton Utilities\NPROTECT.EXE

C:\windows\Explorer.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE

c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

C:\windows\System32\tcpsvcs.exe

C:\Program Files\Speed Disk\nopdb.exe

C:\windows\System32\svchost.exe

C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

C:\Program Files\UPHClean\uphclean.exe

C:\WINDOWS\system32\windowsautomaticupdates.exe

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\windows\system32\PuXpMan2.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\ApvxdWin.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

C:\windows\System32\alg.exe

C:\windows\system32\wscntfy.exe

C:\windows\system32\rundll32.exe

C:\Program Files\Calendrier\Cld2000.exe

C:\windows\system32\ctfmon.exe

C:\windows\System32\svchost.exe

C:\Documents and Settings\Myriam1\Application Data\wintos.exe

C:\Program Files\Norton Utilities\SYSDOC32.EXE

C:\Documents and Settings\Myriam1\Application Data\wint.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe

C:\Program Files\Norton Utilities\WDSCAN.EXE

C:\windows\SYSTEM32\taskmgr.exe

C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe

C:\Program Files\ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [Miramar Systems, Inc.] "C:\Program Files\Miramar\PC MACLAN\atmsg.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [mspwr] C:\windows\system32\PuXpMan2.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Satsuki Decoder Pack\filtres\qt\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: ['Ashampoo AntiSpyWare 2 Guard'] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe

O4 - HKLM\..\Run: [a07233d7] rundll32.exe "C:\windows\system32\qcivnwfm.dll",b

O4 - HKCU\..\Run: [Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe

O4 - HKCU\..\Run: [Windows USB Control] C:\Documents and Settings\Myriam1\Application Data\wintos.exe

O4 - HKCU\..\Run: [Windows USB Controlling] C:\Documents and Settings\Myriam1\Application Data\wint.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Search -

O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm

O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\windows\System32\shdocvw.dll

O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)

O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)

O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

O15 - Trusted Zone: http://www.rigolus.com

O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n024p/EN/install/gtdownlr.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1166749772390

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...on_2_0_4_10.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://roxypalace.microgaming.com/roxypalacefr/FlashAX.cab

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9F439862-B2F0-43D1-AC84-B54AB1989D1F}: NameServer = 195.238.2.21,195.238.2.22

O20 - AppInit_DLLs: qxxwxh.dll cfcewp.dll

O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AppleTalk Messenger (ATMsg) - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATMsg.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: docoom online S.L.: docoom backup update permissions manager. 12662. - Unknown owner - C:\Program Files\docoom\docoom backup\udocoom.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Miramar AppleTalk File Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE

O23 - Service: Miramar AppleTalk Print Server - Miramar Systems Inc. - C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE

O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe

O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe

O23 - Service: Windows Automatic Updates - Stanford University - C:\WINDOWS\system32\windowsautomaticupdates.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

O24 - Desktop Component 0: Privacy Protection - (no file)

--

End of file - 17206 bytes

Une amie avec qui je me connecte sur msn a aussi des problèmes de navigations sur le net, des spams publicitaires.

A bientôt

Myriam

sahinwila · le 21 septembre 2008