Svchost - Page 3
Résolu
Précédent
- 1
- 2
- 3
[b]SDFix: Version 1.240 [/b]
Run by DEMANGEOT SolŠne on 27/11/2009 at 10:55
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-27 12:13:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:3f7bb057
"s2"=dword:384d24af
"h0"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
"p0"="C:\Program Files\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,f3,13,98,e1,08,f5,c3,77,ff,f7,21,01,45,82,f7,a9,b5,..
"khjeh"=hex:e6,7d,9f,c9,95,86,ed,54,ea,cf,1d,07,a5,4c,ce,46,cc,89,2a,44,c8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a3,d0,06,7b,4f,58,3c,ff,5a,44,37,95,b5,44,83,1c,2b,4c,ed,38,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"
"C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos"
"C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\GigaTribe\\gigatribe.exe"="C:\\Program Files\\GigaTribe\\gigatribe.exe:*:Enabled:gigatribe"
"D:\\eSKernel.exe"="D:\\eSKernel.exe:*:Enabled:Bbox assistant d'installation"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"="C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe:*:Enabled:Logitech Vid"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 2 May 2008 1,996,104 ...H. --- "C:\Program Files\5 Realms of Cards\Realms.exe"
Thu 19 Nov 2009 3,790,160 ...H. --- "C:\Program Files\Dairy Dash\dairydash.exe"
Wed 27 Aug 2008 1,103,176 ...H. --- "C:\Program Files\Empire of the Gods\Empire of the Gods.exe"
Thu 10 Jan 2008 7,341,384 ...H. --- "C:\Program Files\Five Card Deluxe\fivecarddeluxe.exe"
Mon 13 Apr 2009 2,176,336 ...H. --- "C:\Program Files\Gunslinger Solitaire\GunslingerSolitaireLowRes.exe"
Thu 19 Nov 2009 26,346,832 ...H. --- "C:\Program Files\Ice Blast\Iceblast_FR_05.exe"
Mon 24 Aug 2009 26,764,624 ...H. --- "C:\Program Files\John and Mary's Memories\memories.exe"
Thu 11 Sep 2008 12,158,280 ...H. --- "C:\Program Files\Poker Pop\pokerpop.exe"
Thu 19 Nov 2009 2,835,792 ...H. --- "C:\Program Files\World of Zellians - Kingdom Builder\World of Zellians.exe"
Sat 30 Dec 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 2 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 30 Aug 2009 165,232 A..H. --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll"
Fri 17 Jul 2009 21,135 ...HR --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
Run by DEMANGEOT SolŠne on 27/11/2009 at 10:55
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-27 12:13:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:3f7bb057
"s2"=dword:384d24af
"h0"=dword:00000003
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
"p0"="C:\Program Files\DAEMON Tools\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,f3,13,98,e1,08,f5,c3,77,ff,f7,21,01,45,82,f7,a9,b5,..
"khjeh"=hex:e6,7d,9f,c9,95,86,ed,54,ea,cf,1d,07,a5,4c,ce,46,cc,89,2a,44,c8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a3,d0,06,7b,4f,58,3c,ff,5a,44,37,95,b5,44,83,1c,2b,4c,ed,38,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:0e,d5,52,81,99,25,08,1f,d8,9d,d5,2d,01,6b,6c,f5,32,95,63,20,8f,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"h0"=dword:00000002
"hdf12"=hex:36,d0,cb,ab,82,71,17,49,24,41,ce,c7,86,cf,90,f8,bc,06,b3,f2,b9,..
"p0"="C:\Program Files\DAEMON Tools Lite\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,07,c4,29,1d,da,6f,ae,74,93,56,f1,f8,99,00,64,3f,d9,..
"hdf12"=hex:ec,93,a2,5c,d1,84,59,7b,5c,d1,d4,f5,47,c6,50,75,62,bf,eb,a7,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:1f,9f,e6,a6,7e,2e,63,9f,ad,48,fe,a6,37,29,74,2f,68,f6,d0,20,dc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000001
"khjeh"=hex:e3,dd,c6,11,05,56,83,b2,8f,18,67,8a,ef,9b,d5,5a,86,fd,0f,14,a1,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"="C:\\Program Files\\Freeplayer\\vlc\\vlc.exe:*:Enabled:VLC media player"
"C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\\Program Files\\FileZilla\\FileZilla.exe"="C:\\Program Files\\FileZilla\\FileZilla.exe:*:Enabled:FileZilla"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\56ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\74ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\11ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\32ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\87ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\63ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\14ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\43ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\5ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\98ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\1ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\12ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\90ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\52ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe"="C:\\DOCUME~1\\DEMANG~1\\LOCALS~1\\Temp\\93ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\TribalWeb.net\\tribalweb.exe"="C:\\Program Files\\TribalWeb.net\\tribalweb.exe:*:Enabled:TribalWeb.net : R‚seau priv‚ sur Internet"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"
"C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos"
"C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\GigaTribe\\gigatribe.exe"="C:\\Program Files\\GigaTribe\\gigatribe.exe:*:Enabled:gigatribe"
"D:\\eSKernel.exe"="D:\\eSKernel.exe:*:Enabled:Bbox assistant d'installation"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"="C:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe:*:Enabled:Logitech Vid"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Fri 2 May 2008 1,996,104 ...H. --- "C:\Program Files\5 Realms of Cards\Realms.exe"
Thu 19 Nov 2009 3,790,160 ...H. --- "C:\Program Files\Dairy Dash\dairydash.exe"
Wed 27 Aug 2008 1,103,176 ...H. --- "C:\Program Files\Empire of the Gods\Empire of the Gods.exe"
Thu 10 Jan 2008 7,341,384 ...H. --- "C:\Program Files\Five Card Deluxe\fivecarddeluxe.exe"
Mon 13 Apr 2009 2,176,336 ...H. --- "C:\Program Files\Gunslinger Solitaire\GunslingerSolitaireLowRes.exe"
Thu 19 Nov 2009 26,346,832 ...H. --- "C:\Program Files\Ice Blast\Iceblast_FR_05.exe"
Mon 24 Aug 2009 26,764,624 ...H. --- "C:\Program Files\John and Mary's Memories\memories.exe"
Thu 11 Sep 2008 12,158,280 ...H. --- "C:\Program Files\Poker Pop\pokerpop.exe"
Thu 19 Nov 2009 2,835,792 ...H. --- "C:\Program Files\World of Zellians - Kingdom Builder\World of Zellians.exe"
Sat 30 Dec 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 2 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 30 Aug 2009 165,232 A..H. --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll"
Fri 17 Jul 2009 21,135 ...HR --- "C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Précédent
- 1
- 2
- 3
