Que fait ta photo sur le net? Rapport????

[b]SDFix: Version 1.153 /b

Run by User on 06/03/2008 at 08:21

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services /b:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files /b:

Trojan Files Found:

C:\Program Files\Fichiers communs\Yazzle1220OinAdmin.exe - Deleted
C:\Program Files\Fichiers communs\Yazzle1220OinUninstaller.exe - Deleted
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe - Deleted





Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 08:55:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 2


[b]Remaining Services /b:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­cy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\ABC\\abc.exe"="C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\ABC\\abc.exe:*:Enabled:abc"
"C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\eMule\\emule.exe"="C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\eDonkey2000\\edonkey2000.exe"="C:\\Program Files\\eDonkey2000\\edonkey2000.exe:*:Enabled:edonkey2000"
"D:\\SETUP.EXE"="D:\\SETUP.EXE:*:Enabled:Setup"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\StrongholdLegends.exe"="C:\\Documents and Settings\\User\\Mes documents\\Ga‰l\\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\AdobeR.exe"="C:\\WINDOWS\\AdobeR.exe:*:Enabled:AdobeR"
"C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"="C:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\\Program Files\\TeamScripT V3.8\\NukeNabber\\nukenabber.exe"="C:\\Program Files\\TeamScripT V3.8\\NukeNabber\\nukenabber.exe:*:Enabled:NukeNabber"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\MoCCAM\\apache\\bin\\Apache.exe"="C:\\MoCCAM\\apache\\bin\\Apache.exe:­*:Enabled:Apache HTTP Server"
"C:\\Program Files\\Team17\\Worms Armageddon\\wa.exe"="C:\\Program Files\\Team17\\Worms Armageddon\\wa.exe:*:Enabled:Worms Armageddon"
"C:\\Documents and Settings\\User\\Bureau\\wormsarm\\WA.exe"="C:\\Documents and Settings\\User\\Bureau\\wormsarm\\WA.exe:*:Enabled:Worms Armageddon"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:­*:Enabled:Partage de l'application RTC"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\DOCUME~1\\User\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\User\\LOC­ALS~1\\Temp\\services.exe:*:Enabled:Flash Media"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­cy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files /b:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Mon 28 May 2001 48,640 A..H. --- "C:\WINDOWS\vStrip.exe"
Mon 28 May 2001 44,544 A..H. --- "C:\WINDOWS\vStrip_css.dll"
Fri 21 Nov 2003 90,112 A..H. --- "C:\WINDOWS\vstriplangue.exe"
Thu 7 Dec 2006 3,096,576 A..H. --- "C:\Documents and Settings\User\Application Data\U3\temp\Launchpad Removal.exe"
Fri 30 Mar 2007 518,896 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9ca87f164fa2769671e68b925e936151\B­IT72.tmp"
Thu 18 Jan 2001 32,768 A..H. --- "C:\Documents and Settings\User\Bureau\Ga‰l\Prog.Jeux\RM-X Player V4\ASProtect.dll"

[b]Finished!/b