Pages IE qui s'ouvrent toutes seules !!!!!
Fermé
mickeymat75
Messages postés
66
Date d'inscription
lundi 22 octobre 2007
Statut
Membre
Dernière intervention
7 novembre 2010
-
23 nov. 2008 à 20:11
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010 - 30 nov. 2008 à 12:05
mickeymat75 Messages postés 66 Date d'inscription lundi 22 octobre 2007 Statut Membre Dernière intervention 7 novembre 2010 - 30 nov. 2008 à 12:05
A voir également:
- Pages IE qui s'ouvrent toutes seules !!!!!
- Supprimer des pages sur word - Guide
- Consultez le code source de cette page. copiez la ligne qui indique aux moteurs de recherche de ne pas référencer la page. ✓ - Forum Référencement
- Google payment ie dublin - Forum Consommation & Internet
- Fichier pages ✓ - Forum MacOS
25 réponses
mickeymat75
Messages postés
66
Date d'inscription
lundi 22 octobre 2007
Statut
Membre
Dernière intervention
7 novembre 2010
26 nov. 2008 à 21:57
26 nov. 2008 à 21:57
Salut Geoffrey,
voici le rapport SDFix :
[b]SDFix: Version 1.221 [/b]
Run by Mickey on 26/11/2008 at 21:38
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\Mickey\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 21:46:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:b7c41900
"s2"=dword:d8b7d533
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:02,38,69,f3,f0,ee,19,a8,15,45,c2,6f,49,f1,d9,63,d4,e5,88,45,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:30,d6,5e,a0,50,c6,d0,12,ca,66,93,da,62,58,55,97,28,98,2f,4b,20,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:02,38,69,f3,f0,ee,19,a8,15,45,c2,6f,49,f1,d9,63,d4,e5,88,45,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe"="D:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe:*:Enabled:CoDUOMP"
"D:\\Program Files\\HLSW\\hlsw.exe"="D:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW"
"D:\\Program Files\\Avant Browser\\avant.exe"="D:\\Program Files\\Avant Browser\\avant.exe:*:Enabled:Avant Browser"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\adslTV\\vlc.exe"="C:\\Program Files\\adslTV\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\\Program Files\\Avid\\Avid Free DV\\AvidFreeDV.exe"="C:\\Program Files\\Avid\\Avid Free DV\\AvidFreeDV.exe:*:Disabled:Avid Editor"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\TmUnitedForever\\TmForever.exe"="C:\\Program Files\\TmUnitedForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\SUPER\cygz.dll"
Mon 18 Feb 2008 72,704 ..SHR --- "C:\Program Files\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\SUPER\_Setup.dll"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Mon 4 Feb 2008 151,040 ..SH. --- "C:\WINDOWS\system32\VistaUltm.dll"
Mon 19 Mar 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 30 Oct 2007 207,872 A..H. --- "C:\Program Files\Addinsoft\XLSTAT2008\ADB1.dll"
Mon 21 Jan 2008 20,480 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\RBT.dll"
Mon 21 Jan 2008 16,384 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\RBTbis.dll"
Tue 5 Feb 2008 484,352 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-VIZ.dll"
Mon 4 Feb 2008 196,096 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TS2.dll"
Mon 4 Feb 2008 739,328 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-MCA.dll"
Fri 22 Feb 2008 503,808 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TSA.dll"
Fri 4 Jan 2008 77,641 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-RIB.dll"
Mon 4 Feb 2008 969,728 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-LOG.dll"
Mon 4 Feb 2008 334,336 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-SPC.dll"
Fri 8 Feb 2008 232,960 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DTM.dll"
Mon 4 Feb 2008 166,912 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-LIF.dll"
Mon 4 Feb 2008 457,728 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-MXM.dll"
Mon 4 Feb 2008 527,872 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-NLN.dll"
Fri 22 Feb 2008 646,656 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PMO.dll"
Mon 4 Feb 2008 366,592 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PLS.dll"
Mon 4 Feb 2008 185,856 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PRP.dll"
Mon 4 Feb 2008 462,336 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TST.dll"
Mon 4 Feb 2008 191,488 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TLS.dll"
Mon 4 Feb 2008 563,200 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-ADA.dll"
Mon 4 Feb 2008 595,456 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-CLU.dll"
Mon 4 Feb 2008 337,408 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DIS.dll"
Mon 4 Feb 2008 163,328 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DMA.dll"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\SUPER\mencoder\tokr3260.dll"
Thu 12 Jun 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Fichiers communs\Motorola Shared\MotPCSDrivers\difxapi.dll"
Thu 31 Jul 2008 23,552 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0003.tmp"
Wed 6 Dec 2006 39,424 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0004.tmp"
Wed 27 Dec 2006 41,984 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0630.tmp"
Wed 6 Dec 2006 45,056 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL2384.tmp"
Wed 13 Dec 2006 22,016 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3247.tmp"
Wed 6 Dec 2006 44,032 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3267.tmp"
Wed 6 Dec 2006 42,496 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3552.tmp"
Wed 6 Dec 2006 40,448 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3719.tmp"
Wed 6 Dec 2006 42,496 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL4057.tmp"
Fri 31 Oct 2008 3,987 ...HR --- "C:\Documents and Settings\Mickey\Application Data\SecuROM\UserData\securom_v7_01.bak"
Wed 6 Dec 2006 44,032 ...H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\DUFA_IIeme annee\UC2\~WRL2463.tmp"
Wed 29 Nov 2006 38,400 ...H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\DUFA_IIeme annee\UC2\~WRL3396.tmp"
Thu 5 Jul 2007 28,160 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\AMEF 2006.2007\Saba 1. 2 cv\~WRL0001.tmp"
Thu 3 May 2007 31,744 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL0374.tmp"
Thu 3 May 2007 31,232 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL2563.tmp"
Thu 3 May 2007 24,064 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL3834.tmp"
Thu 3 May 2007 28,160 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL1443.tmp"
Thu 3 May 2007 28,672 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL1804.tmp"
Thu 3 May 2007 26,112 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL2712.tmp"
Thu 3 May 2007 24,064 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL3266.tmp"
Thu 3 May 2007 27,648 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL3945.tmp"
[b]Finished![/b]
et celui de Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:42, on 26/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\LSFPRN.EXE
C:\Program Files\QuickTime\qttask.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sporever\Football365 Toolbar\launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fum\fum.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sporever\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\PROGRA~1\AVANTB~1\avant.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [PrinterSecurityLayer] C:\WINDOWS\LSFPRN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Football365 Toolbar] "C:\Program Files\Sporever\Football365 Toolbar\launcher.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O15 - Trusted Zone: http://canalplusalademande.canal-plus.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553590000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
voici le rapport SDFix :
[b]SDFix: Version 1.221 [/b]
Run by Mickey on 26/11/2008 at 21:38
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\Mickey\Bureau\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-26 21:46:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:b7c41900
"s2"=dword:d8b7d533
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:02,38,69,f3,f0,ee,19,a8,15,45,c2,6f,49,f1,d9,63,d4,e5,88,45,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:30,d6,5e,a0,50,c6,d0,12,ca,66,93,da,62,58,55,97,28,98,2f,4b,20,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:58,56,ee,95,70,e4,0e,5e,ce,4e,62,c9,81,f9,d0,2c,94,12,f5,93,5c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:f6,0b,93,5a,6f,64,6b,29,d8,5e,c1,62,51,a4,24,64,a2,8a,c0,1d,d0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,eb,43,e3,16,40,2a,15,0a,a7,da,f0,be,ed,b4,a2,cf,3d,..
"khjeh"=hex:11,82,08,44,33,fd,72,81,eb,56,7b,64,a8,a6,09,bc,b9,a6,e0,be,fe,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:02,38,69,f3,f0,ee,19,a8,15,45,c2,6f,49,f1,d9,63,d4,e5,88,45,15,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f8,75,b8,6d,cd,8f,77,66,90,1e,0f,be,fb,c4,dc,5c,13,ce,a5,fe,93,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:00,ca,fd,40,70,66,0c,c6,59,8a,2f,60,67,52,f0,e2,f5,b1,c6,b1,1e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:53,11,8b,da,5d,2e,33,ea,29,0e,34,e5,a7,7d,2a,1c,11,bd,a9,6b,fc,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe"="D:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe:*:Enabled:CoDUOMP"
"D:\\Program Files\\HLSW\\hlsw.exe"="D:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:HLSW"
"D:\\Program Files\\Avant Browser\\avant.exe"="D:\\Program Files\\Avant Browser\\avant.exe:*:Enabled:Avant Browser"
"D:\\Program Files\\eMule\\emule.exe"="D:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\adslTV\\vlc.exe"="C:\\Program Files\\adslTV\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"="C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\\Program Files\\Avid\\Avid Free DV\\AvidFreeDV.exe"="C:\\Program Files\\Avid\\Avid Free DV\\AvidFreeDV.exe:*:Disabled:Avid Editor"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\TmUnitedForever\\TmForever.exe"="C:\\Program Files\\TmUnitedForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"="C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"="C:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\SUPER\cygz.dll"
Mon 18 Feb 2008 72,704 ..SHR --- "C:\Program Files\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\SUPER\_Setup.dll"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Mon 4 Feb 2008 151,040 ..SH. --- "C:\WINDOWS\system32\VistaUltm.dll"
Mon 19 Mar 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 30 Oct 2007 207,872 A..H. --- "C:\Program Files\Addinsoft\XLSTAT2008\ADB1.dll"
Mon 21 Jan 2008 20,480 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\RBT.dll"
Mon 21 Jan 2008 16,384 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\RBTbis.dll"
Tue 5 Feb 2008 484,352 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-VIZ.dll"
Mon 4 Feb 2008 196,096 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TS2.dll"
Mon 4 Feb 2008 739,328 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-MCA.dll"
Fri 22 Feb 2008 503,808 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TSA.dll"
Fri 4 Jan 2008 77,641 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-RIB.dll"
Mon 4 Feb 2008 969,728 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-LOG.dll"
Mon 4 Feb 2008 334,336 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-SPC.dll"
Fri 8 Feb 2008 232,960 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DTM.dll"
Mon 4 Feb 2008 166,912 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-LIF.dll"
Mon 4 Feb 2008 457,728 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-MXM.dll"
Mon 4 Feb 2008 527,872 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-NLN.dll"
Fri 22 Feb 2008 646,656 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PMO.dll"
Mon 4 Feb 2008 366,592 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PLS.dll"
Mon 4 Feb 2008 185,856 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-PRP.dll"
Mon 4 Feb 2008 462,336 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TST.dll"
Mon 4 Feb 2008 191,488 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-TLS.dll"
Mon 4 Feb 2008 563,200 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-ADA.dll"
Mon 4 Feb 2008 595,456 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-CLU.dll"
Mon 4 Feb 2008 337,408 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DIS.dll"
Mon 4 Feb 2008 163,328 A..HR --- "C:\Program Files\Addinsoft\XLSTAT2008\XLSTAT-DMA.dll"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\SUPER\mencoder\tokr3260.dll"
Thu 12 Jun 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Fichiers communs\Motorola Shared\MotPCSDrivers\difxapi.dll"
Thu 31 Jul 2008 23,552 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0003.tmp"
Wed 6 Dec 2006 39,424 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0004.tmp"
Wed 27 Dec 2006 41,984 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL0630.tmp"
Wed 6 Dec 2006 45,056 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL2384.tmp"
Wed 13 Dec 2006 22,016 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3247.tmp"
Wed 6 Dec 2006 44,032 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3267.tmp"
Wed 6 Dec 2006 42,496 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3552.tmp"
Wed 6 Dec 2006 40,448 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL3719.tmp"
Wed 6 Dec 2006 42,496 ...H. --- "C:\Documents and Settings\Mickey\Application Data\Microsoft\Word\~WRL4057.tmp"
Fri 31 Oct 2008 3,987 ...HR --- "C:\Documents and Settings\Mickey\Application Data\SecuROM\UserData\securom_v7_01.bak"
Wed 6 Dec 2006 44,032 ...H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\DUFA_IIeme annee\UC2\~WRL2463.tmp"
Wed 29 Nov 2006 38,400 ...H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\DUFA_IIeme annee\UC2\~WRL3396.tmp"
Thu 5 Jul 2007 28,160 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\AMEF 2006.2007\Saba 1. 2 cv\~WRL0001.tmp"
Thu 3 May 2007 31,744 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL0374.tmp"
Thu 3 May 2007 31,232 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL2563.tmp"
Thu 3 May 2007 24,064 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Christophe Loyer\~WRL3834.tmp"
Thu 3 May 2007 28,160 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL1443.tmp"
Thu 3 May 2007 28,672 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL1804.tmp"
Thu 3 May 2007 26,112 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL2712.tmp"
Thu 3 May 2007 24,064 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL3266.tmp"
Thu 3 May 2007 27,648 A..H. --- "C:\Documents and Settings\Mickey\Bureau\DUFA\PIF\Fabien\Archives\VPP M‚tiers de l'animation. juin. juillet 2007\dossiers stagiaires\Lindsay Larghi\~WRL3945.tmp"
[b]Finished![/b]
et celui de Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:42, on 26/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\TOPRO\TPPOLL.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\LSFPRN.EXE
C:\Program Files\QuickTime\qttask.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sporever\Football365 Toolbar\launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fum\fum.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sporever\Football365 Toolbar\Football365 Toolbar.exe
C:\Program Files\Fichiers communs\Nosibay\RunningObjectRegistry.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\PROGRA~1\AVANTB~1\avant.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TPPOLL] C:\Program Files\TOPRO\TPPOLL.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [PrinterSecurityLayer] C:\WINDOWS\LSFPRN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Football365 Toolbar] "C:\Program Files\Sporever\Football365 Toolbar\launcher.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: PrintKey 2000 Fr.lnk = C:\Program Files\PrintKey 2000 Fr\Printkey 2000 Fr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O15 - Trusted Zone: http://canalplusalademande.canal-plus.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.1.0.56.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553590000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
26 nov. 2008 à 23:12
26 nov. 2008 à 23:12
Est-ce que tu as le logiciel spybot ??
mickeymat75
Messages postés
66
Date d'inscription
lundi 22 octobre 2007
Statut
Membre
Dernière intervention
7 novembre 2010
27 nov. 2008 à 07:08
27 nov. 2008 à 07:08
Bonjour,
Non, je n'ai pas Spybot.
J'ai l'impression que mon pb empire puisque maintenant j'ai un message régulier (exportation de votre clé de sécurité) me disant :" une application demande l'accès à un élèment protégé " et me demande ma clé privée cryptoAPI. Qu'est-ce que ça veut dire ? (en plus, hier soir, mon pare feu a été déconnecté juste avant le premier message de ce type).
Là je viens d'avoir un message d'avast me disant que mon ordi était infecté et qu'il fallait que je redémarre pour effectuer un scan complet.
Je commence à désespérer !!
A l'aide !
Non, je n'ai pas Spybot.
J'ai l'impression que mon pb empire puisque maintenant j'ai un message régulier (exportation de votre clé de sécurité) me disant :" une application demande l'accès à un élèment protégé " et me demande ma clé privée cryptoAPI. Qu'est-ce que ça veut dire ? (en plus, hier soir, mon pare feu a été déconnecté juste avant le premier message de ce type).
Là je viens d'avoir un message d'avast me disant que mon ordi était infecté et qu'il fallait que je redémarre pour effectuer un scan complet.
Je commence à désespérer !!
A l'aide !
mickeymat75
Messages postés
66
Date d'inscription
lundi 22 octobre 2007
Statut
Membre
Dernière intervention
7 novembre 2010
28 nov. 2008 à 21:04
28 nov. 2008 à 21:04
Salut Geoffrey,
je ne sais pas comment mais mon problème a disparu. J'espère que c'est permanent...
Merci pour tout ce que tu as fait pour moi.
J'attends encore la fin du week-end pour voir si les pages ne reviennent pas et je mets le problème en résolu.
Encore merci !!
ciao
je ne sais pas comment mais mon problème a disparu. J'espère que c'est permanent...
Merci pour tout ce que tu as fait pour moi.
J'attends encore la fin du week-end pour voir si les pages ne reviennent pas et je mets le problème en résolu.
Encore merci !!
ciao
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
mickeymat75
Messages postés
66
Date d'inscription
lundi 22 octobre 2007
Statut
Membre
Dernière intervention
7 novembre 2010
30 nov. 2008 à 12:05
30 nov. 2008 à 12:05
Salut,
ah ben non, finalement c'est revenu. Est-ce que tu peux encore m'aider stp ??
ah ben non, finalement c'est revenu. Est-ce que tu peux encore m'aider stp ??