Création
d'entreprise
Posez votre question Signaler

Virus (funny scandal, smss...) [Fermé]

infrabassnioc - Dernière réponse le 12 juin 2009 à 18:53
Bonjour,
j'ai utilisé SDFix en mode sans echec,
que dois-je faire avec la page suivante:
[b]SDFix: Version 1.240 /b
Run by Fran‡ois on 12/06/2009 at 18:10
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services /b:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files /b:
Trojan Files Found:
C:\autorun.inf - Deleted
C:\smss.exe - Deleted
C:\WINDOWS\autorun.inf - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-12 18:15:12
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001583b686a0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001583b686a0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001583b686a0]
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\WinAntiVirus Pro 2006\\Updater.exe"="C:\\Program Files\\WinAntiVirus Pro 2006\\Updater.exe:*:Enabled:updater.exe"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\Win32\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\Win32\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Livecom\\Application\\eConfv4\\livecomp.exe"="C:\\Program Files\\Livecom\\Application\\eConfv4\\livecomp.exe:*:Disabled:Livecom Player"
"C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe:*:Enabled:Livecom"
"C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe:*:Enabled:Livecom Media"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\sandra.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\sandra.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\RpcSandraSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\Win32\\RpcDataSrv.exe"="C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2007.SP1\\Win32\\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite"
"C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\Livecom.exe:*:Enabled:Livecom"
"C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe"="C:\\PROGRA~1\\Livecom\\APPLIC~1\\Exe\\..\\EconfV4\\ftplayer.exe:*:Enabled:Livecom Media"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[b]Remaining Files /b:
C:\smss.exe Found
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Sun 30 Dec 2007 229,888 A.SHR --- "C:\Funny UST Scandal.avi.exe"
Sun 30 Dec 2007 229,888 A.SHR --- "C:\smss.exe"
Sun 30 Dec 2007 229,888 A.SHR --- "C:\WINDOWS\killer.exe"
Sun 30 Dec 2007 229,888 A.SHR --- "C:\WINDOWS\smss.exe"
Thu 16 Oct 2008 70,144 A.SHR --- "C:\WINDOWS\system32\amvo0.dll"
Thu 27 Mar 2008 70,144 A.SHR --- "C:\WINDOWS\system32\amvo1.dll"
Fri 18 Feb 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 28 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 21 May 2005 1,137 A..H. --- "C:\Program Files\Fichiers communs\Microsoft Shared\S1GVSafgx\GcyujgEKg0M.tmp"
Mon 20 Oct 2003 73,688 A.SHR --- "C:\Program Files\prog images\Autodesk\Autodesk DWF Viewer\Setup.exe"
Thu 5 Feb 2004 18,432 A.SHR --- "C:\Program Files\prog images\Autodesk\Autodesk DWF Viewer\_Setup.dll"
Thu 5 Feb 2004 5,120 A.SHR --- "C:\Program Files\prog images\Autodesk\Autodesk DWF Viewer\_Setupx.dll"
Fri 18 Feb 2005 4,348 A..H. --- "C:\Documents and Settings\Fran‡ois\Mes documents\Ma musique\My Playlists\Sauvegarde de la licence\drmv1key.bak"
Fri 18 Feb 2005 20 A..H. --- "C:\Documents and Settings\Fran‡ois\Mes documents\Ma musique\My Playlists\Sauvegarde de la licence\drmv1lic.bak"
Sat 15 Jan 2005 312 A.SH. --- "C:\Documents and Settings\Fran‡ois\Mes documents\Ma musique\My Playlists\Sauvegarde de la licence\drmv2key.bak"
[b]Finished!/b
Lire la suite 

Virus (funny scandal, smss...) »

2 réponses
Réponse
+1
moins plus
Narco!4 2389Messages postés 25 janvier 2009Date d'inscription 12 juin 2009 à 18:52
Bonjour,

télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre

Réponse
+1
moins plus
eZula 3303Messages postés 26 avril 2008Date d'inscription 7 mai 2012Dernière intervention 12 juin 2009 à 18:53
http://www.commentcamarche.net/forum/affich 12851266 virus funny
Posez votre question
Ce document intitulé « virus (funny scandal, smss...) » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?