daccord dsl pour L,attente lol ca a été long Fermé

Question

Bonjour,
bonjour bug jai tout fait ce que tu mas recommendé voila le résultat...
[b]SDFix: Version 1.218 [/b]
Run by s‚bastien leblanc on 2008-08-20 at 05:58

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File
Restoring Default IE HomePage

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\WINDOWS\system32\lphcrh8j0ea5l.exe - Deleted
C:\WINDOWS\system32\pphcrh8j0ea5l.exe - Deleted
C:\Program Fileshcvh8j0ea5l\database.dat - Deleted
C:\Program Fileshcvh8j0ea5l\license.txt - Deleted
C:\Program Fileshcvh8j0ea5l\MFC71.dll - Deleted
C:\Program Fileshcvh8j0ea5l\MFC71ENU.DLL - Deleted
C:\Program Fileshcvh8j0ea5l\msvcp71.dll - Deleted
C:\Program Fileshcvh8j0ea5l\msvcr71.dll - Deleted
C:\Program Fileshcvh8j0ea5lhcvh8j0ea5l.exe - Deleted
C:\Program Fileshcvh8j0ea5lhcvh8j0ea5l.exe.local - Deleted
C:\Program Fileshcvh8j0ea5l\Uninstall.exe - Deleted
C:\WINDOWS\SYSTEM32\PPHCRH~1.EXE - Deleted
C:\Documents and Settings\s‚bastien leblanc\Local Settings\Temp\aaxFA.tmp.exe - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt1.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt12.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt123.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt12E.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt131.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt134.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt136.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt13B.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt141.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt158.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt15B.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt161.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt163.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt17.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt174.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt177.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt179.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt17C.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt17F.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt181.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt184.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt187.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt18B.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt18E.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt1E.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt2.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt20.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt25.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt29.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt2B.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt2F.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt39.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt6.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.tt8.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.ttA.tmp - Deleted
C:\DOCUME~1\SBASTI~1\LOCALS~1\Temp\.ttE.tmp - Deleted
C:\Documents and Settings\s‚bastien leblanc\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk  - Deleted
C:\WINDOWS\system32\msxml71.dll  - Deleted



Folder C:\Program Fileshcvh8j0ea5l - Removed
Folder C:\Documents and Settings\s‚bastien leblanc\Application Datahcvh8j0ea5l - Removed
Folder C:\WINDOWS\system32\209789 - Removed


Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-20 06:07:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000006f
"TracesSuccessful"=dword:0000000b

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\WINSOS\winsos.exe"="C:\Program Files\Winsos\winsos.exe:*:Enabled:Winsos"
"C:\Program Files\WINSOS\anti-spy.exe"="C:\Program Files\Winsos\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\Program Files\WINSOS\help.exe"="C:\Program Files\Winsos\help.exe:*:Enabled:Winsos Help"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\MSN Messenger\msrr.exe"="C:\Program Files\MSN Messenger\msrr.exe:*:Disabled:Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:æTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\ABC\abc.exe"="C:\Program Files\ABC\abc.exe:*:Enabled:abc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 10 Jul 2007     1,250,184 ..SH. --- "C:\WINDOWS\system32\knnmp.tmp"
Sun 29 Jul 2007     1,034,650 ..SH. --- "C:\WINDOWS\system32\knnmp.bak1"
Sun 29 Jul 2007     1,034,633 ..SH. --- "C:\WINDOWS\system32\knnmp.bak2"
Tue  3 Oct 2006         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 19 Jul 2007             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue  3 Oct 2006         4,348 A..H. --- "C:\Documents and Settings\s‚bastien leblanc\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sat  2 Dec 2006            20 A..H. --- "C:\Documents and Settings\s‚bastien leblanc\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Thu  5 Oct 2006           400 A..H. --- "C:\Documents and Settings\s‚bastien leblanc\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Sat  2 Dec 2006         1,536 A..H. --- "C:\Documents and Settings\s‚bastien leblanc\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak"

[b]Finished![/b]

dota34 · Answer

Je croit que tu as créer un nouveau sujet et non repondu a la personne concerné...

dota34 · Answer

Oui il n'y aucun pb.Normalement, quand tu es conecté sur ton compte CCM, a droite il doit y avoir une liste qui se nomme "MES INTERVENTIONS".Tu recherche celui ou buginformatik ta demandé de faire le rapport, tu fait répondre à.....(les points remplace le pseudo qui sera la), c'est au dernié message que tu dois repondre....Le cadre est orange.
Ensuite tu copie ton message et voila...Si tu n'y arrive pas, je te doneré mon msn par MP.

dota34 · Answer

Merci de rien...Préviens quand meme si tu y arrive...
Si tu as réussi, mais résolu dans ton message, c'est tout en bas normalement.

Daccord dsl pour L,attente lol ca a été long

3 réponses

Discussions similaires