Virus msn "que fais ta tof sur ce site....&qu
bull5975
-
bull5975 -
bull5975 -
Bonjour,
moi aussi je me suis fais avoir par l'intermédiaire de 1 de mes conctacts msn et j'ai cliqué dessus ,depuis je m'arrache les cheveux.
j'ai fais un MSNFix voici le rapport:
MSNFix 1.676
C:\Documents and Settings\laurent\Bureau\MSNFix\MSNFix
Fix exécuté le 04/03/2008 - 12:36:05,89 By laurent
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
/!\ ... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
/!\ ... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
.. OK ... C:\WINDOWS\system32\real.txt
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\DOCUME~1\laurent\LOCALS~1\Temp\epurcfrver20.dll.zip] 46F3E109486AF1953DA09BD212F8A6E2
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\laurent\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04032008_12413665.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Ensuite j'ai fais un SDFix dont voici egalement le rapport:
[b]SDFix: Version 1.153 /b
Run by laurent on 05/03/2008 at 17:39
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\laurent\Bureau\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\laurent\Local Settings\Temp\ttsetup.tmp.exe - Deleted
C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe - Deleted
C:\WINDOWS\system32\real.txt - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 17:47:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d01deb]
"00178327ac50"=hex:0d,9d,54,e5,39,de,fa,75,ea,ad,18,61,d8,06,ec,ec
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d01deb]
"00178327ac50"=hex:0d,9d,54,e5,39,de,fa,75,ea,ad,18,61,d8,06,ec,ec
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C85578BA-A698-35A3-58E0-72793C9888E4}]
"pagbpaacgjpfjcdllkpadgnecflhkcig"=hex:6b,61,66,69,6b,63,68,64,63,70,68,64,6d,64,62,66,6d,6d,6d,68,66,..
"oaabfibmabhoaohilohhlganfcopoo"=hex:6b,61,66,69,6b,63,68,64,63,70,68,64,6d,64,62,66,6d,6d,6d,68,66,..
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 42
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"="C:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe:*:Enabled:CyberLink PowerCinema NE for Everio"
"C:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"="C:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe:*:Enabled:CyberLink PowerCinema NE for Everio Resident Program"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL Autoconnect"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:module de connexion AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\1181666146\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1181666146\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\microsoft office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\microsoft office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\laurent\\Bureau\\LimeWire\\LimeWire.exe"="C:\\Documents and Settings\\laurent\\Bureau\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\DOCUME~1\\laurent\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\laurent\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\laurent\\Bureau\\Programmes\\incredimail_install.exe"="C:\\Documents and Settings\\laurent\\Bureau\\Programmes\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\\Documents and Settings\\laurent\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe"="C:\\Documents and Settings\\laurent\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\laurent\Bureau\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Sun 10 Jun 2007 193 A.SHR --- "C:\BOOT.BAK"
Thu 10 Apr 2003 49,221 A..H. --- "C:\Program Files\AOL 8.0\aolphx.exe"
Thu 10 Apr 2003 36,937 A..H. --- "C:\Program Files\AOL 8.0\aoltray.exe"
Thu 10 Apr 2003 40,960 A..H. --- "C:\Program Files\AOL 8.0\RBM.exe"
Thu 10 Apr 2003 237,633 A..H. --- "C:\Program Files\AOL 8.0\waol.exe"
Mon 10 May 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Mon 10 May 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Wed 7 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 10 Apr 2003 49,223 A..H. --- "C:\Program Files\AOL 8.0\COMIT\cswitch.exe"
Mon 11 Jun 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 10 Jun 2007 1,206 A..HR --- "C:\Program Files\Fichiers communs\Symantec Shared\Registry Backup\ccReg.reg"
Sun 10 Jun 2007 12,262 A..HR --- "C:\Program Files\Fichiers communs\Symantec Shared\Registry Backup\CommonClient.reg"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT5.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT8.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BITC.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT4.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT9.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT6.tmp"
Fri 25 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT2.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BITB.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT7.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BITA.tmp"
[b]Finished!/b
Voilà,quelqu'un porrait-il me dire si je suis tiré d'affaire ou je dois faire autre chose?
Es-ce que lorsque l'on regarde le rapport on peut dire que ce saleté de virus et parti.
Merci je ne sais plus quoi faire car en plus je croit que je suis en train de l'envoiyer a tous mes contact et tout leur pourrir leur systéme SVP help me !!!!
En espérant vous relire Merci beaucoup BULL5975
moi aussi je me suis fais avoir par l'intermédiaire de 1 de mes conctacts msn et j'ai cliqué dessus ,depuis je m'arrache les cheveux.
j'ai fais un MSNFix voici le rapport:
MSNFix 1.676
C:\Documents and Settings\laurent\Bureau\MSNFix\MSNFix
Fix exécuté le 04/03/2008 - 12:36:05,89 By laurent
mode normal
************************ Recherche les fichiers présents
... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
/!\ ... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
/!\ ... C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe
.. OK ... C:\WINDOWS\system32\real.txt
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\DOCUME~1\laurent\LOCALS~1\Temp\epurcfrver20.dll.zip] 46F3E109486AF1953DA09BD212F8A6E2
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\laurent\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04032008_12413665.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Ensuite j'ai fais un SDFix dont voici egalement le rapport:
[b]SDFix: Version 1.153 /b
Run by laurent on 05/03/2008 at 17:39
Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\laurent\Bureau\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\laurent\Local Settings\Temp\ttsetup.tmp.exe - Deleted
C:\DOCUME~1\laurent\LOCALS~1\Temp\services.exe - Deleted
C:\WINDOWS\system32\real.txt - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 17:47:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d01deb]
"00178327ac50"=hex:0d,9d,54,e5,39,de,fa,75,ea,ad,18,61,d8,06,ec,ec
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001060d01deb]
"00178327ac50"=hex:0d,9d,54,e5,39,de,fa,75,ea,ad,18,61,d8,06,ec,ec
scanning hidden registry entries ...
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C85578BA-A698-35A3-58E0-72793C9888E4}]
"pagbpaacgjpfjcdllkpadgnecflhkcig"=hex:6b,61,66,69,6b,63,68,64,63,70,68,64,6d,64,62,66,6d,6d,6d,68,66,..
"oaabfibmabhoaohilohhlganfcopoo"=hex:6b,61,66,69,6b,63,68,64,63,70,68,64,6d,64,62,66,6d,6d,6d,68,66,..
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 42
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"="C:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe:*:Enabled:CyberLink PowerCinema NE for Everio"
"C:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"="C:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe:*:Enabled:CyberLink PowerCinema NE for Everio Resident Program"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL Autoconnect"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:module de connexion AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\1181666146\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1181666146\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\microsoft office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\microsoft office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\laurent\\Bureau\\LimeWire\\LimeWire.exe"="C:\\Documents and Settings\\laurent\\Bureau\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\DOCUME~1\\laurent\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\laurent\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\laurent\\Bureau\\Programmes\\incredimail_install.exe"="C:\\Documents and Settings\\laurent\\Bureau\\Programmes\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\\Documents and Settings\\laurent\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe"="C:\\Documents and Settings\\laurent\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\laurent\Bureau\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Sun 10 Jun 2007 193 A.SHR --- "C:\BOOT.BAK"
Thu 10 Apr 2003 49,221 A..H. --- "C:\Program Files\AOL 8.0\aolphx.exe"
Thu 10 Apr 2003 36,937 A..H. --- "C:\Program Files\AOL 8.0\aoltray.exe"
Thu 10 Apr 2003 40,960 A..H. --- "C:\Program Files\AOL 8.0\RBM.exe"
Thu 10 Apr 2003 237,633 A..H. --- "C:\Program Files\AOL 8.0\waol.exe"
Mon 10 May 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Mon 10 May 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Wed 7 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 10 Apr 2003 49,223 A..H. --- "C:\Program Files\AOL 8.0\COMIT\cswitch.exe"
Mon 11 Jun 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 10 Jun 2007 1,206 A..HR --- "C:\Program Files\Fichiers communs\Symantec Shared\Registry Backup\ccReg.reg"
Sun 10 Jun 2007 12,262 A..HR --- "C:\Program Files\Fichiers communs\Symantec Shared\Registry Backup\CommonClient.reg"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT5.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\18b19374451d28a8fbaf1939cf31ff45\BIT8.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22fb973e059470cc1b5d76c4ae605351\BITC.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT4.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BIT9.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\30285791903730fbf957a83562db4ff4\BIT6.tmp"
Fri 25 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT2.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9e870549834e2bceb796e44a1e3ac6f5\BITB.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb8921d0c7830b2f33c00fa4c8a10d17\BIT7.tmp"
Thu 13 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d77b9b5b8fed23dd91f50d167cce60d3\BITA.tmp"
[b]Finished!/b
Voilà,quelqu'un porrait-il me dire si je suis tiré d'affaire ou je dois faire autre chose?
Es-ce que lorsque l'on regarde le rapport on peut dire que ce saleté de virus et parti.
Merci je ne sais plus quoi faire car en plus je croit que je suis en train de l'envoiyer a tous mes contact et tout leur pourrir leur systéme SVP help me !!!!
En espérant vous relire Merci beaucoup BULL5975
A voir également:
- Virus msn "que fais ta tof sur ce site....&qu
- Site de telechargement - Accueil - Outils
- Site x - Guide
- Site pour partager des photos - Guide
- Quel site remplace coco - Accueil - Réseaux sociaux
- Ce site est inaccessible - Guide
1 réponse
Comme tout l monde je suis tombe dans le panneau. Pour eviter de contaminer tout mes contacts, j ai supprimer msn de mon PC, j ai remis a jour mon anti virus, redemarer la becanne et retelecharger msn. Sa m a l air de fonctioner.
Bonne chance.
Bonne chance.
bull5975
Merci pour cette réponse mais le fait d'avoir fais MSNFix et SDFix cela ma suffit et mon probléme et résolu merci encore
