Voilà ca y est! Voici le rapport de SDFix:
SDFix: Version 1.230
Run by HP_Propri‚taire on 01/10/2008 at 21:58
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-01 22:10:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"="C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"="C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\HP_Propri‚taire\\Local Settings\\temp\\R‚pertoire temporaire 1 pour photo.zip\\photo1226.jpeg-www.myspace.com"="C:\\Documents and Settings\\HP_Propri‚taire\\Local Settings\\temp\\R‚pertoire temporaire 1 pour photo.zip\\photo1226.jpeg-www.myspace.com:*:Enabled:ENABLE"
"C:\\Documents and Settings\\HP_Propri‚taire\\Mes documents\\Mes fichiers re‡us\\photo\\photo1226.jpeg-www.myspace.com"="C:\\Documents and Settings\\HP_Propri‚taire\\Mes documents\\Mes fichiers re‡us\\photo\\photo1226.jpeg-www.myspace.com:*:Enabled:ENABLE"
"C:\\WINDOWS\\system32\\ujfvm.exe"="C:\\WINDOWS\\system32\\ujfvm.exe:*:Enabled:ENABLE"
"C:\\Documents and Settings\\HP_Propri‚taire\\gxk.exe"="C:\\Documents and Settings\\HP_Propri‚taire\\gxk.exe:*:Enabled:ENABLE"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
Files with Hidden Attributes :
Mon 2 Jul 2007 218 A.SHR --- "C:\BOOT.BAK"
Mon 19 May 2008 5,767,168 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\NTUSER.bak"
Mon 19 May 2008 237,568 A..H. --- "C:\Documents and Settings\LocalService\NTUSER.bak"
Mon 19 May 2008 237,568 A..H. --- "C:\Documents and Settings\NetworkService\NTUSER.bak"
Wed 1 Nov 2006 32 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS"
Mon 27 Aug 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 30 Aug 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 2 Jul 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\BIT23.tmp"
Fri 9 May 2008 4,553,728 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 3\fiches de prep C3\~WRL0001.tmp"
Fri 19 Aug 2005 114,176 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Programmation\~WRL0004.tmp"
Fri 19 Aug 2005 117,248 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Programmation\~WRL0622.tmp"
Fri 19 Aug 2005 154,112 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Programmation\~WRL0737.tmp"
Sun 2 Mar 2008 62,464 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\FICHES DE PREP C1\mes FICHES DE PREP\~WRL0005.tmp"
Thu 10 Jan 2008 51,712 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\FICHES DE PREP C1\mes FICHES DE PREP\~WRL1439.tmp"
Thu 10 Jan 2008 63,488 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\FICHES DE PREP C1\mes FICHES DE PREP\~WRL2620.tmp"
Sat 10 Nov 2007 43,520 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\FICHES DE PREP C1\mes FICHES DE PREP\~WRL3046.tmp"
Sun 11 May 2008 382,464 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 3\Srg2\Histoire\~WRL3948.tmp"
Sun 11 May 2008 64,512 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 3\Srg2\Sciences\~WRL2188.tmp"
Sun 11 May 2008 63,488 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 3\Srg2\Sciences\~WRL3153.tmp"
Wed 30 Nov 2005 62,464 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Ecole\Cahier-journal\~WRL1868.tmp"
Mon 28 Nov 2005 62,464 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Ecole\Cahier-journal\~WRL2355.tmp"
Mon 19 May 2008 262,144 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Mon 27 Aug 2007 4,348 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Musique\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Mon 27 Aug 2007 20 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Musique\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Mon 27 Aug 2007 312 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Mes documents\Musique\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Mon 2 Jul 2007 262,144 A..H. --- "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Mon 2 Jul 2007 262,144 A..H. --- "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak"
Tue 22 May 2007 389,120 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\Petite section\litt‚rature-langage\poussin-chat\SIV67.tmp"
Tue 22 May 2007 188,416 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\Petite section\litt‚rature-langage\poussin-chat\SIV68.tmp"
Tue 22 May 2007 90,112 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\Petite section\litt‚rature-langage\poussin-chat\SIV69.tmp"
Tue 22 May 2007 20,480 A.SH. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Cycle 1\Petite section\litt‚rature-langage\poussin-chat\SIV6A.tmp"
Sun 27 Nov 2005 31,744 A..H. --- "C:\Documents and Settings\HP_Propri‚taire\Bureau\Gridou\Ecole\Fiche de prep\EPS\Courir\~WRL4087.tmp"
Finished!
La sécurité
Aide à la désinfection
Sujets résolus ou anciens
Mer 1 Oct 2008 - 17:28
