Sujet Précédent Sujet Suivant

Ta fof fais quoi sur se site ? virus svp !

tintin -  
SerbianGirl Messages postés 7 Statut Membre -
Bonjour, tous le monde
voila jai reçu un virus par msn par un ami qui m envoie : ta tof fais quoi sur se site? et mon biensur comme un c** ^^ . . .
voila et jai été voir jai vu plein de sujets alors jai tester plusieur chose sans effets il revien encore . . .
j ai éssayé quelque choses que jai vu sur un autre topics j ai plus reçu d alerte depuis 5 min ^^ je vous envoies mon rappord SDfix vous pouvez le dire si il est encore la, ou svp aider moi je m enmelles les pinceaux . ..

PS: dsl pour les fautes , je suis nul en ortho . . help me ^^ !! merci d avance

Scan SDfix :

[b]SDFix: Version 1.153 [/b]

Run by les oufs on ven. 07/03/2008 at 19:03

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\LESOUF~1\Bureau\SDFix

[b]Checking Services [/b]:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting

[b]Checking Files [/b]:

Trojan Files Found:

C:\DOCUME~1\LESOUF~1\LOCALS~1\Temp\services.exe - Deleted
C:\WINDOWS\system32\drivers\etc\BackupHosts.bak - Deleted
C:\WINDOWS\system32\real.txt - Deleted

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-07 19:09:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:71819132
"s2"=dword:0ae1959d

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 16

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.2.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Steam\\SteamApps\\alffa\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\SteamApps\\alffa\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Steam\\SteamApps\\alffa\\day of defeat\\hl.exe"="C:\\Program Files\\Steam\\SteamApps\\alffa\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Steam\\SteamApps\\alffa\\half-life\\hl.exe"="C:\\Program Files\\Steam\\SteamApps\\alffa\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Steam\\SteamApps\\alffa\\deathmatch classic\\hl.exe"="C:\\Program Files\\Steam\\SteamApps\\alffa\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\les oufs\\Local Settings\\Temporary Internet Files\\Content.IE5\\D6I6TYXO\\Flying_Mount_PC_FR-downloader[1].exe"="C:\\Documents and Settings\\les oufs\\Local Settings\\Temporary Internet Files\\Content.IE5\\D6I6TYXO\\Flying_Mount_PC_FR-downloader[1].exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Microsoft Help and Support Center"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\empires2.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\empires2.exe:*:Enabled:Age of Empires II"
"C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\httpd.exe"="C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\wamp\\Apache2\\bin\\httpd.exe"="C:\\Program Files\\wamp\\Apache2\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Documents and Settings\\les oufs\\Local Settings\\Temp\\WoWSneakPeekDownloader\\WoWSneakPeekDownloader.exe"="C:\\Documents and Settings\\les oufs\\Local Settings\\Temp\\WoWSneakPeekDownloader\\WoWSneakPeekDownloader.exe:*:Enabled:WoWSneakPeekDownloader"
"C:\\Program Files\\Steam\\steamapps\\pcmario03\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\pcmario03\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\DOCUME~1\\LESOUF~1\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\LESOUF~1\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Disabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:

File Backups: - C:\DOCUME~1\LESOUF~1\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 9 Jan 2007 193 A.SHR --- "C:\BOOT.BAK"
Sun 24 Feb 2008 88 ..SHR --- "C:\WINDOWS\system32\2B13FA16FA.sys"
Sun 24 Feb 2008 2,672 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Sat 13 Jan 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 24 Feb 2007 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv10.bak"
Sat 13 Jan 2007 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv14.bak"
Thu 29 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"

[b]Finished![/b]
A voir également:

1 réponse

Réponse 1 / 1
SerbianGirl Messages postés 7 Statut Membre
 
c le meme probleme ke jai sofe ke en analysan : cheval de Troie Trojan-Downloader.Win32.Agent.krh et dautre encor... je ne sai pa quoi faireeee !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
0

Discussions similaires

Coco Chat : nouveau lien !
LoupiotteDesTenebres -
brucine -

9 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses