Ta photo sur ce site...
Résolu
tomjulioo
Messages postés
9
Statut
Membre
-
tomjulioo Messages postés 9 Statut Membre -
tomjulioo Messages postés 9 Statut Membre -
Bonjour, j'ai malencontreusement cliqué sur le lien d'un pote sur msn... et vlan! VIRUS...
voila mon report SDFix:
[b]SDFix: Version 1.161 [/b]
Run by Julien THOMAS on 25/03/2008 at 22:46
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\Program Files\Setup.exe - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 22:51:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\^^^^^.exe [1476] 0x856C7DA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 384
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\jeux\\civ4\\Civilization4.exe"="D:\\jeux\\civ4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"D:\\jeux\\civ4\\Warlords\\Civ4Warlords.exe"="D:\\jeux\\civ4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"D:\\jeux\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe"="D:\\jeux\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe"="D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"="D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\^^^^^.exe"="C:\\WINDOWS\\system32\\^^^^^.exe:*:Enabled:Flash Media"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Thu 31 May 2007 5,355,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Thu 14 Jun 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 18 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 16 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\388e66e644283db0233c4a98f2fd08a0\BIT9.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4844df1d57a292079101da42a26d7d72\BIT4.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bc066f3f60df1b38218903dd0d40ce98\BIT5.tmp"
Thu 14 Jun 2007 4,348 ...H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 24 Jun 2007 20 A..H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Thu 7 Jun 2007 312 ...H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Sun 24 Jun 2007 1,536 A..H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak"
[b]Finished![/b]
puis le catchme...
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 22:51:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\^^^^^.exe [1476] 0x856C7DA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 384
merci de m'aider a erradiquer cette salo...rie!!!
tomjulioo
voila mon report SDFix:
[b]SDFix: Version 1.161 [/b]
Run by Julien THOMAS on 25/03/2008 at 22:46
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\Program Files\Setup.exe - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 22:51:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\^^^^^.exe [1476] 0x856C7DA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 384
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\jeux\\civ4\\Civilization4.exe"="D:\\jeux\\civ4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"D:\\jeux\\civ4\\Warlords\\Civ4Warlords.exe"="D:\\jeux\\civ4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"D:\\jeux\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe"="D:\\jeux\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe"="D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"="D:\\jeux\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\^^^^^.exe"="C:\\WINDOWS\\system32\\^^^^^.exe:*:Enabled:Flash Media"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Thu 31 May 2007 5,355,320 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Thu 14 Jun 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 18 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sun 16 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\388e66e644283db0233c4a98f2fd08a0\BIT9.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4844df1d57a292079101da42a26d7d72\BIT4.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3.tmp"
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bc066f3f60df1b38218903dd0d40ce98\BIT5.tmp"
Thu 14 Jun 2007 4,348 ...H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 24 Jun 2007 20 A..H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Thu 7 Jun 2007 312 ...H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Sun 24 Jun 2007 1,536 A..H. --- "C:\Documents and Settings\Julien THOMAS\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak"
[b]Finished![/b]
puis le catchme...
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 22:51:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
C:\WINDOWS\system32\^^^^^.exe [1476] 0x856C7DA0
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 1
hidden services: 0
hidden files: 384
merci de m'aider a erradiquer cette salo...rie!!!
tomjulioo
A voir également:
- Ta photo sur ce site...
- Google photo - Télécharger - Albums photo
- Site de telechargement - Accueil - Outils
- Site pour partager des photos - Guide
- Quel site remplace coco - Accueil - Réseaux sociaux
- Photo filtre 7 gratuit - Télécharger - Retouche d'image
3 réponses
http://www.msncreative.net/index.php/Dernieres_news/Supprimer_le_virus_msn-photos.iquebec.com_circulant_sur_Messenger_/id_menu_1.html
fais-toi plaisir !
fais-toi plaisir !
