Svchost
Résolu
suhelen
-
suhelen -
suhelen -
Bonjour,
je viens vers vous car lorsque j'ai ctrl+supp j'ai 9 svchost.exe
lorsque je regarde sur le net je lis soit que c'est un element de win xp soit que cest un virus
si quelqu'un pouvait m'aider en me fesant faire les manip comme vous savez bien les faire et les comprendre !!
en + mon ordi rame a fond en ce moment
merci d'avance pour votre aide
je viens vers vous car lorsque j'ai ctrl+supp j'ai 9 svchost.exe
lorsque je regarde sur le net je lis soit que c'est un element de win xp soit que cest un virus
si quelqu'un pouvait m'aider en me fesant faire les manip comme vous savez bien les faire et les comprendre !!
en + mon ordi rame a fond en ce moment
merci d'avance pour votre aide
A voir également:
- Svchost
- Svchost - Guide
- Svchost using microphone ✓ - Forum Windows 10
- Svchost 100 disk ✓ - Forum Windows 10
- Svchost intempestif ✓ - Forum Windows 10
- Svchost network service p - Forum Virus
47 réponses
[b]SDFix: Version 1.240 [/b]
Run by DEMANGEOT SolŠne on 27/11/2009 at 10:55
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-27 12:13:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:3f7bb057
"s2"=dword:384d24af
"h0"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
"p0"="C:\Program Files\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,f3,13,98,e1,08,f5,c3,77,ff,f7,21,01,45,82,f7,a9,b5,..
"khjeh"=hex:e6,7d,9f,c9,95,86,ed,54,ea,cf,1d,07,a5,4c,ce,46,cc,89,2a,44,c8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a3,d0,06,7b,4f,58,3c,ff,5a,44,37,95,b5,44,83,1c,2b,4c,ed,38,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"
"C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos"
"C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\GigaTribe\\gigatribe.exe"="C:\\Program Files\\GigaTribe\\gigatribe.exe:*:Enabled:gigatribe"
"D:\\eSKernel.exe"="D:\\eSKernel.exe:*:Enabled:Bbox assistant d'installation"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"="C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe:*:Enabled:Logitech Vid"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 2 May 2008 1,996,104 ...H. --- "C:\Program Files\5 Realms of Cards\Realms.exe"
Thu 19 Nov 2009 3,790,160 ...H. --- "C:\Program Files\Dairy Dash\dairydash.exe"
Wed 27 Aug 2008 1,103,176 ...H. --- "C:\Program Files\Empire of the Gods\Empire of the Gods.exe"
Thu 10 Jan 2008 7,341,384 ...H. --- "C:\Program Files\Five Card Deluxe\fivecarddeluxe.exe"
Mon 13 Apr 2009 2,176,336 ...H. --- "C:\Program Files\Gunslinger Solitaire\GunslingerSolitaireLowRes.exe"
Thu 19 Nov 2009 26,346,832 ...H. --- "C:\Program Files\Ice Blast\Iceblast_FR_05.exe"
Mon 24 Aug 2009 26,764,624 ...H. --- "C:\Program Files\John and Mary's Memories\memories.exe"
Thu 11 Sep 2008 12,158,280 ...H. --- "C:\Program Files\Poker Pop\pokerpop.exe"
Thu 19 Nov 2009 2,835,792 ...H. --- "C:\Program Files\World of Zellians - Kingdom Builder\World of Zellians.exe"
Sat 30 Dec 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 2 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 30 Aug 2009 165,232 A..H. --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll"
Fri 17 Jul 2009 21,135 ...HR --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
Run by DEMANGEOT SolŠne on 27/11/2009 at 10:55
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-27 12:13:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:3f7bb057
"s2"=dword:384d24af
"h0"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
"p0"="C:\Program Files\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,f3,13,98,e1,08,f5,c3,77,ff,f7,21,01,45,82,f7,a9,b5,..
"khjeh"=hex:e6,7d,9f,c9,95,86,ed,54,ea,cf,1d,07,a5,4c,ce,46,cc,89,2a,44,c8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a3,d0,06,7b,4f,58,3c,ff,5a,44,37,95,b5,44,83,1c,2b,4c,ed,38,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"
"C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos"
"C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\GigaTribe\\gigatribe.exe"="C:\\Program Files\\GigaTribe\\gigatribe.exe:*:Enabled:gigatribe"
"D:\\eSKernel.exe"="D:\\eSKernel.exe:*:Enabled:Bbox assistant d'installation"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"="C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe:*:Enabled:Logitech Vid"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 2 May 2008 1,996,104 ...H. --- "C:\Program Files\5 Realms of Cards\Realms.exe"
Thu 19 Nov 2009 3,790,160 ...H. --- "C:\Program Files\Dairy Dash\dairydash.exe"
Wed 27 Aug 2008 1,103,176 ...H. --- "C:\Program Files\Empire of the Gods\Empire of the Gods.exe"
Thu 10 Jan 2008 7,341,384 ...H. --- "C:\Program Files\Five Card Deluxe\fivecarddeluxe.exe"
Mon 13 Apr 2009 2,176,336 ...H. --- "C:\Program Files\Gunslinger Solitaire\GunslingerSolitaireLowRes.exe"
Thu 19 Nov 2009 26,346,832 ...H. --- "C:\Program Files\Ice Blast\Iceblast_FR_05.exe"
Mon 24 Aug 2009 26,764,624 ...H. --- "C:\Program Files\John and Mary's Memories\memories.exe"
Thu 11 Sep 2008 12,158,280 ...H. --- "C:\Program Files\Poker Pop\pokerpop.exe"
Thu 19 Nov 2009 2,835,792 ...H. --- "C:\Program Files\World of Zellians - Kingdom Builder\World of Zellians.exe"
Sat 30 Dec 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 2 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 30 Aug 2009 165,232 A..H. --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll"
Fri 17 Jul 2009 21,135 ...HR --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question