Virus msn : ya ta tof sur ce site

lorenz034 Messages postés 5 Statut Membre -
lorenz034 Messages postés 5 Statut Membre - 11 mars 2008 à 17:19

Bonjour,
jai suivi les instructions ki se trouve sur de nombreuses discussions jai le rapport de hijackthis et de SDFix....
les voiciii svp aidez moi

Afficher la suite

A voir également:

Virus msn : ya ta tof sur ce site
Virus mcafee - Accueil - Piratage
Telecharger msn - Télécharger - Messagerie
Virus informatique - Guide
Msn messenger - Télécharger - Messagerie
Msn explorer - Télécharger - Divers Web & Internet

3 réponses

Réponse 1 / 3

Maijin Messages postés 1388 Date d'inscription Statut Membre Dernière intervention 351

euh?.

lorenz034 Messages postés 5 Statut Membre

Dsl jsui nouvo sur le forum et jai un peu de mal enfin voila le raport de sdfix mais jarrive pa a envoyé celui de hijackthis..
merci daccorder un peu de votre temps

Maijin Messages postés 1388 Date d'inscription Statut Membre Dernière intervention 351 > lorenz034 Messages postés 5 Statut Membre

on va pas te manger!!

Réponse 2 / 3

lorenz034 Messages postés 5 Statut Membre

[b]SDFix: Version 1.155 [/b]

Run by Mario on 10/03/2008 at 17:29

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\Mario\Bureau\SDFix

[b]Checking Services [/b]:

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting

[b]Checking Files [/b]:

Trojan Files Found:

C:\DOCUME~1\MARIO\COUVCU.EXE - Deleted
C:\WINDOWS\system32\real.txt - Deleted

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-10 17:36:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

C:\Documents and Settings\Mario\Bureau\postes\services.exe [1716] 0x870AD620

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000000
"TracesSuccessful"=dword:00000000
"LastTraceFailure"=dword:00000000

scanning hidden files ...

scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 375

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Disabled:backWeb-8876480"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\DOCUME~1\\Mario\\LOCALS~1\\Temp\\services.exe"="C:\\DOCUME~1\\Mario\\LOCALS~1\\Temp\\services.exe:*:Enabled:Flash Media"
"C:\\Documents and Settings\\Mario\\Bureau\\postes\\services.exe"="C:\\Documents and Settings\\Mario\\Bureau\\postes\\services.exe:*:Enabled:Flash Media"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:

File Backups: - C:\DOCUME~1\Mario\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sun 24 Jun 2007 4,909,096 ...H. --- "C:\Program Files\Picasa2\setup.exe"
Sun 18 Nov 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 18 Sep 2007 7,423,960 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\02ec37ec946ef377971d8300cdcd818f\BIT8.tmp"

[b]Finished![/b]

Réponse 3 / 3

lorenz034 Messages postés 5 Statut Membre

keske je doi fair ? XD

Discussions similaires

Softonic,est-ce un virus ?

symboles et écritures pour nick msn

Désinstaller Softonic

Message Apple virus !!

Virus msn : ya ta tof sur ce site

3 réponses

Votre réponse

Discussions similaires

Newsletters