Sujet Précédent Sujet Suivant

Analyser rapport SDFix

Résolu/Fermé
leon95 Messages postés 1213 Date d'inscription mardi 21 août 2007 Statut Membre Dernière intervention 3 octobre 2014 - 28 nov. 2007 à 17:14
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 29 nov. 2007 à 11:35
Bonjour,
qui pourrait m interpreter ce rapport.;merci d avance


SDFix: Version 1.115

Run by Administrateur on 28/11/2007 at 16:36

Microsoft Windows XP [version 5.1.2600]

Running From: C:\DOCUME~1\ADMINI~1\Bureau\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found





Removing Temp Files...

ADS Check:

C:\Windows
No streams found.

C:\Windows\system32
No streams found.

C:\Windows\system32\svchost.exe
No streams found.

C:\Windows\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-28 16:51:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\aspnet_state\Performance]
"Library"="C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll"
"Open"="OpenStateServicePerfData"
"Close"="CloseStateServicePerfData"
"Collect"="CollectStateServicePerfData"
"Last Counter"=dword:00000d44
"Last Help"=dword:00000d45
"First Counter"=dword:00000c7e
"First Help"=dword:00000c7f
"Object List"="3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198 3198"
"WbemAdapFileSize"=dword:00005c00
"WbemAdapStatus"=dword:00000000

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="BFF616315C74F31FE14DBF2BA59AF8A70B7A5EDDD4FA65474CD760A2DC24C8A5BF64C6F26E43E1A2E0D97765EA3DDE28A4C862C03254E6FCEFC8F5A137D979B65534E42AE8FC192DA8F7B845EC1AC60B5BF3B7FA25265362AE65984D8BA1F45F356A0633D7A0397AA38BF7927962BFC4ED5FD05ADFF546C73B32D51E13EE04E9A6CD764D1AB3D96C4C3DDCF4B6CACAF12DB44F10EC46CC20DDFAEF6DDAB860C00769B31DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A9C6AECB7A5D14075D575E7D6A3B98088EDD5E5BE2F6E667C3B7436DB9990548B1D976E582F9371B4225CE9CCF9A153CCFD4B38E1F37CDF07F97C5DA0A0530799805777646B6AA01AC23015E7887A0A3117E15E6515592FC2652F216805A8B4EF1B83F0B72606EAE07F8347CE316834CBBD819C0C2E95CC2B60493E7DA7C91FB4284C26859983B9FFAC629D61C4BCE1C41B2EC3352F8BEB0074F62416E0F6E1965F9E8F464C77A370831966CBC6F4C5CE3E134F571CA7B1A3E598F342100832087310EBD9018CBB7815E2361F80F773B3DBF04E8A66D8CB35B4CBB76EEFA6772AAC403F2ED79004A0E7A6D801579FE4AB728E50C0DB11E19AD5600E467F163D2A4D18AE7209F9E7A28350536E9C3467D147B5987D02E90C85AA7E5FDAC1CF3E71FFB5D136000E2B99EC2F013E44564AF651E4F24B6B9F8245A75EDE377744BBD19E9A713F85639DB935929CB099A279C9279AD4E93739F737A7C0ADD1137CF4362460926CBA247197EB51BB969240CE7D97A4F9AD1BB805FDBF621D65AE7994C224095B04DA7608E2A98A75930854695C890813DEF374DF5F1A98E5D474BF711D10956BA05EB113CB543A2CB1B27BE0EC4B18611004F69AB86D722A55C6DE92BBED7C46F0FBB178693FE56D5FAB4902104D5931329B1ED55364B1E05B79B271A0CE7541F9D2564B689960061B51F8B7E9379D465244FA62E72523976876719C3ADF766BD72FBA1F6B35A50F9C299333CD19E664EC0DC15D3FEBF9F9A8EA75B6C6EC9D363E657275A801D6BD1311D3ED3F4C75BB760546DC874E6EE32247541C1EBA4E8CB67128453B2B7EBBBA1659822027EB8AFF9F119F340A3BB26B4AFD05198D2655673CB7C3B6185DDB249F261E856CFF96796B7339F23D10BFEBEF9C090B8A3FD0921E684CDF5654252728A6D4DA1CC8BB4D6EA8CF932D3D9EDD43881D5E7E9D909178BC7AC30BA0FDC78B2435A6709D013E993A996560F95C42095335B92FA152491A3A55BA46F2C36CDB81F7AFE9D9E1E98FEC3694AED23F9D900ACC2FAB14048E15F2E4236EBF667F72CEE019528BF99BB3FC64E225E58A9D22A758EB6EE5F0C6C31ABAD2323C01C10E1D7A32947716BC129D284BF5000126C894CA52F9169A4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\MAC Access Control\Allowed MACs]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\MAC Access Control\Denied MACs]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\MAC Access Control\Launched Apps]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\MAC Access Control\Rejected MACs]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500]
"UserFolderName"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\101]
"Name"="101"
"FriendlyName"="TODO"
"GlobalVolumeName"="\\?\Volume{ec2ce060-63b0-11d7-9219-806d6172696f}\"
"GlobalVolumePath"="\Documents and Settings\Administrateur\Mes documents\Ma musique"
"LocalDrive"="C:"
"LocalPath"="\Documents and Settings\Administrateur\Mes documents\Ma musique"
"ShareWithEveryone"="True"
"ShareWithApprovedDevices"="False"
"State"="False"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\101\Approved]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\102]
"Name"="102"
"FriendlyName"="TODO"
"GlobalVolumeName"="\\?\Volume{ec2ce060-63b0-11d7-9219-806d6172696f}\"
"GlobalVolumePath"="\Documents and Settings\Administrateur\Mes documents\Mes images"
"LocalDrive"="C:"
"LocalPath"="\Documents and Settings\Administrateur\Mes documents\Mes images"
"ShareWithEveryone"="True"
"ShareWithApprovedDevices"="False"
"State"="False"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\102\Approved]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\103]
"Name"="103"
"FriendlyName"="TODO"
"GlobalVolumeName"="\\?\Volume{ec2ce060-63b0-11d7-9219-806d6172696f}\"
"GlobalVolumePath"="\Documents and Settings\Administrateur\Mes documents\Mes vid\xe9os"
"LocalDrive"="C:"
"LocalPath"="\Documents and Settings\Administrateur\Mes documents\Mes vid\xe9os"
"ShareWithEveryone"="True"
"ShareWithApprovedDevices"="False"
"State"="False"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Connect\Users\S-1-5-21-257621693-4282951562-813958858-500\103\Approved]

scanning hidden files ...

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\ladydesire@hotmail.fr\DFSR\Staging\CS{34907929-8F1C-A990-5684-24537AE90014}\01\10-{34907929-8F1C-A990-5684-24537AE90014}-v1-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\nouschhh@hotmail.fr\DFSR\Staging\CS{06CCA841-17C4-131C-29BF-CD4614AE793A}\01\38-{06CCA841-17C4-131C-29BF-CD4614AE793A}-v1-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v38-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\nouschhh@hotmail.fr\DFSR\Staging\CS{06CCA841-17C4-131C-29BF-CD4614AE793A}\97\13-{C947D4F3-F467-4AE6-9283-2A2DC2446D4C}-v97-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 45264 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\nouschhh@hotmail.fr\DFSR\Staging\CS{06CCA841-17C4-131C-29BF-CD4614AE793A}\97\13-{C947D4F3-F467-4AE6-9283-2A2DC2446D4C}-v97-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5024 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\nouschhh@hotmail.fr\DFSR\Staging\CS{06CCA841-17C4-131C-29BF-CD4614AE793A}\98\12-{C947D4F3-F467-4AE6-9283-2A2DC2446D4C}-v98-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 51312 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\nouschhh@hotmail.fr\DFSR\Staging\CS{06CCA841-17C4-131C-29BF-CD4614AE793A}\98\12-{C947D4F3-F467-4AE6-9283-2A2DC2446D4C}-v98-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5728 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\01\39-{62C51DB2-B7FE-D8E0-7AF9-32E833884729}-v1-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v39-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\13\43-{18E99387-6E16-4201-8AA1-27D4D742702A}-v13-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 54300 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\13\43-{18E99387-6E16-4201-8AA1-27D4D742702A}-v13-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v43-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 6000 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\14\49-{18E99387-6E16-4201-8AA1-27D4D742702A}-v14-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 34626 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\14\49-{18E99387-6E16-4201-8AA1-27D4D742702A}-v14-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v49-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3840 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\15\50-{18E99387-6E16-4201-8AA1-27D4D742702A}-v15-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 27102 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\15\50-{18E99387-6E16-4201-8AA1-27D4D742702A}-v15-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v50-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 3008 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\16\51-{18E99387-6E16-4201-8AA1-27D4D742702A}-v16-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1 49800 bytes hidden from API
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Messenger\spirituallove@hotmail.fr\SharingMetadata\trinity_2588@hotmail.com\DFSR\Staging\CS{62C51DB2-B7FE-D8E0-7AF9-32E833884729}\16\51-{18E99387-6E16-4201-8AA1-27D4D742702A}-v16-{51D9C63E-FFD4-4B6F-B561-E469A0BD6F7B}-v51-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 5536 bytes hidden from API

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 15


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"="C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files:
---------------


Files with Hidden Attributes:

Thu 5 Jun 2003 53,248 A..H. --- "C:\ToolsCleaner2\Process.exe"
Thu 5 Jun 2003 24,576 A..H. --- "C:\Program Files\RamBoost XP\StopRam.exe"
Mon 9 Apr 2007 5 A.SH. --- "C:\WINDOWS\system32\dedd9_g.dll"
Sat 17 Dec 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 23 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"

Finished!

5 réponses

Réponse 1 / 5
leon95 Messages postés 1213 Date d'inscription mardi 21 août 2007 Statut Membre Dernière intervention 3 octobre 2014 22
28 nov. 2007 à 20:35
y a t il quelqun d inspire..merci
0
Réponse 2 / 5
leon95 Messages postés 1213 Date d'inscription mardi 21 août 2007 Statut Membre Dernière intervention 3 octobre 2014 22
29 nov. 2007 à 11:00
bonjour.;qui s y connait.....
0
Réponse 3 / 5
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
29 nov. 2007 à 11:27
Re

Pourquoi tu fais cette demande

Sachant que SDfix est un programme qui supprime des trojans/backdoor connues et rootkits


0
Réponse 4 / 5
leon95 Messages postés 1213 Date d'inscription mardi 21 août 2007 Statut Membre Dernière intervention 3 octobre 2014 22
29 nov. 2007 à 11:32
bonjour.;pour voir si y a rien de bizarre..et pour JAVA j ai la version 6 update 10 qu en penses tu
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
^^Marie^^ Messages postés 113929 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 274
29 nov. 2007 à 11:35
Je t'ai donné le lien ► http://www.commentcamarche.net/forum/affich 4148612 ralentissement#1
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses