Virus msn seen this?? ^^ http://2short.net/ph
cocabuzz
-
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
j'ai recu ce virus hier via msn et je sais pas l'enlever !!"seen this?? ^^ http://2short.net/photo2010-10-08c_jpg " please help meeee ! merciii
ca envoie ce message a tous mes contacts et les contaminent !
j'ai recu ce virus hier via msn et je sais pas l'enlever !!"seen this?? ^^ http://2short.net/photo2010-10-08c_jpg " please help meeee ! merciii
ca envoie ce message a tous mes contacts et les contaminent !
A voir également:
- Virus msn seen this?? ^^ http://2short.net/ph
- Http - Guide
- Http //192.168.l.l - Guide
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Http //cast2tv.net/ - Forum TV & Vidéo
2 réponses
Salut,
Passe un coup de USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Poste les rapports ici;
Passe un coup de USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Poste les rapports ici;
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Clique sur le bouton Quick Scan.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Clique sur le bouton Quick Scan.
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.1023.716 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\steve\My Documents\Téléchargements\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\steve\LOCALS~1\Temp\install_flash_player.exe
C:\WINDOWS\system32\sshnas21.dll
.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-14 au 2010-10-14 ))))))))))))))))))))))))))))))))))))
.
2010-10-14 12:28:37 . 2010-10-14 07:26:42 593920 ------w- C:\2 - winservice.exe.back
2010-10-14 12:28:11 . 2010-07-18 01:48:30 35118 ------w- C:\1 - smss.exe.back
2010-10-14 12:27:11 . 2010-05-07 20:28:26 83598 ------w- C:\0 - hx.exe.back
2010-10-14 11:09:09 . 2010-10-14 11:09:20 -------- d-----w- C:\Documents and Settings\steve\Application Data\UseNeXT
2010-10-14 11:09:01 . 2010-10-14 11:09:02 -------- d-----w- C:\Program Files\UseNeXT
2010-10-14 08:40:39 . 2010-10-14 08:40:39 -------- d-----w- C:\Documents and Settings\steve\Local Settings\Application Data\Mozilla
2010-10-14 08:00:47 . 2010-10-14 08:00:47 -------- d-----w- C:\WINDOWS\system32\wbem\Repository
2010-10-14 08:00:08 . 2010-10-14 08:00:08 -------- d-sh--r- C:\Documents and Settings\steve\Application Data\C-76947-8457-2745
2010-10-14 07:26:58 . 2010-10-14 07:26:50 196608 ----a-w- C:\WINDOWS\Tvycea.exe
2010-10-13 21:50:49 . 2010-10-13 21:50:49 -------- d-----w- C:\Program Files\AxBx
2010-10-08 16:53:49 . 2010-10-08 16:53:49 -------- d-----w- C:\Program Files\iPod
2010-10-08 16:53:38 . 2010-10-08 16:54:26 -------- d-----w- C:\Program Files\iTunes
2010-10-08 16:51:00 . 2010-10-08 16:51:00 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-10-08 16:51:00 . 2010-10-08 16:51:00 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll
2010-10-08 16:51:00 . 2010-10-08 16:51:00 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
2010-10-08 16:51:00 . 2010-10-08 16:51:00 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
2010-10-08 16:51:00 . 2010-10-08 16:51:00 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
2010-10-08 16:51:00 . 2010-10-08 16:50:59 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
2010-10-08 16:51:00 . 2010-10-08 16:50:59 159744 ----a-w- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
2010-10-08 16:50:37 . 2010-10-08 16:50:59 -------- d-----w- C:\Program Files\QuickTime
2010-10-04 14:23:57 . 2010-10-04 14:23:57 -------- d-----w- C:\Documents and Settings\steve\Application Data\AVS4YOU
2010-10-03 16:03:21 . 2010-09-15 10:09:24 10833920 ----a-w- C:\WINDOWS\system32\libmfxsw32.dll
2010-10-03 16:03:20 . 2010-09-15 10:09:28 10915840 ----a-w- C:\WINDOWS\system32\libmfxhw32.dll
2010-10-03 16:03:14 . 2010-10-03 16:04:09 -------- d-----w- C:\Program Files\Common Files\AVSMedia
2010-10-03 16:02:57 . 2010-10-03 16:02:57 -------- d-----w- C:\WINDOWS\system32\drivers\umdf
2010-10-03 16:00:14 . 2010-10-03 16:00:14 -------- d-----w- C:\WINDOWS\SxsCaPendDel
2010-10-03 15:57:09 . 2010-10-04 14:23:55 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVS4YOU
2010-10-03 15:57:09 . 2010-10-03 16:04:15 -------- d-----w- C:\Program Files\AVS4YOU
2010-10-03 15:57:09 . 2010-09-15 10:10:20 1700352 ----a-w- C:\WINDOWS\system32\GdiPlus.dll
2010-10-03 15:57:09 . 2010-09-15 10:10:18 24576 ----a-w- C:\WINDOWS\system32\msxml3a.dll
2010-09-17 15:44:27 . 2010-09-17 15:44:28 -------- d-----w- C:\Program Files\Bonjour
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 20:12:52 3872080]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 03:17:47 39408]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2010-01-20 18:30:21 16384]
"WindowsDriverControl"="C:\Documents and Settings\steve\Application Data\C-76947-8457-2745\winmsngrn.exe" [2010-10-13 20:46:10 233472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 21:13:34 61440]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 21:25:30 14720000]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2010-01-19 03:17:07 149280]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-07-01 04:56:34 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-07-01 05:00:24 65536]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-09-08 09:17:42 421888]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-09-24 00:10:52 421160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2007-11-30 13:26:20 15360]
C:\Documents and Settings\buzz\Menu D'marrer\Programmes\D'marrage\
Notification de cadeaux MSN.lnk - C:\Documents and Settings\steve\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-8-26 135680]
C:\Documents and Settings\steve\Start Menu\Programs\Startup\
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-10-19 479232]
Notification de cadeaux MSN.lnk - C:\Documents and Settings\steve\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-8-26 135680]
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2010-1-20 169472]
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\Mirc\\mirc.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\steve\\Application Data\\C-76947-8457-2745\\winmsngrn.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
S2 gupdate1ca98b725125138;Service Google Update (gupdate1ca98b725125138);C:\Program Files\Google\Update\GoogleUpdate.exe [19/01/2010 5:26:09 133104]
S3 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" --> C:\Program Files\ma-config.com\maconfservice.exe [?]
.
Contenu du dossier 'Tâches planifiées'
2010-10-08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50:20 . 2009-10-22 09:50:20]
2010-10-14 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-19 03:26:09 . 2010-01-19 03:26:07]
2010-10-14 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-19 03:26:09 . 2010-01-19 03:26:07]
2010-10-14 C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
- C:\WINDOWS\Tvycea.exe [2010-10-14 07:26:58 . 2010-10-14 07:26:50]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = localhost;*.local
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://www.visiogood.com/jalss/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
FF - ProfilePath - C:\Documents and Settings\steve\Application Data\Mozilla\Firefox\Profiles\jpe8b3w3.default\
FF - plugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-{364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
BHO-{364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
Toolbar-{364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll
AddRemove-Softonic_France Toolbar - C:\PROGRA~1\SOFTON~1\UNWISE.EXE