HELP !!! VIRUS MSN : lol its your photo?
Fermé
eni_ssay
Messages postés
4
Date d'inscription
mercredi 25 février 2009
Statut
Membre
Dernière intervention
25 février 2009
-
25 févr. 2009 à 01:18
jennifer - 18 mai 2009 à 13:44
jennifer - 18 mai 2009 à 13:44
A voir également:
- HELP !!! VIRUS MSN : lol its your photo?
- Msn - Télécharger - Messagerie
- Msn actualités - Télécharger - Médias et Actualité
- Svchost.exe virus - Guide
- Altruistic virus ✓ - Forum Antivirus
- C'est quoi MSN ? ✓ - Forum Réseaux sociaux
8 réponses
Utilisateur anonyme
25 févr. 2009 à 01:23
25 févr. 2009 à 01:23
salut,
moi il le détecte :
http://img11.imageshack.us/img11/8031/01tc4.jpg
http://img12.imageshack.us/img12/302/02rd0.jpg
je te conseil un scan en ligne à cette adresse :
https://www.eset.com/
coche bien toutes les cases de chaques menu et fait le scan
et taura le rapport ici :
C:\Program Files\EsetOnlineScanner\log.txt
moi il le détecte :
http://img11.imageshack.us/img11/8031/01tc4.jpg
http://img12.imageshack.us/img12/302/02rd0.jpg
je te conseil un scan en ligne à cette adresse :
https://www.eset.com/
coche bien toutes les cases de chaques menu et fait le scan
et taura le rapport ici :
C:\Program Files\EsetOnlineScanner\log.txt
eni_ssay
Messages postés
4
Date d'inscription
mercredi 25 février 2009
Statut
Membre
Dernière intervention
25 février 2009
25 févr. 2009 à 01:37
25 févr. 2009 à 01:37
dorgane,
Moi j'ai AVG Free Edition, il ne le detecte pas tu vois ?
ESET existe en Free edition ? Sinon n'as tu pas une astuce à me donner pour résoudre ce problème ?
Merci
Moi j'ai AVG Free Edition, il ne le detecte pas tu vois ?
ESET existe en Free edition ? Sinon n'as tu pas une astuce à me donner pour résoudre ce problème ?
Merci
Utilisateur anonyme
25 févr. 2009 à 01:39
25 févr. 2009 à 01:39
non eset n'est pasd en free edition mais si tu reli bien je tes donnée ladresse du scan en ligne de eset ;)
eni_ssay
Messages postés
4
Date d'inscription
mercredi 25 février 2009
Statut
Membre
Dernière intervention
25 février 2009
25 févr. 2009 à 01:45
25 févr. 2009 à 01:45
Mais il ne fait que le scan tu vois ? il ne peut pas résoudre le problème si je ne l'achète pas !
Et comme moi je suis pauvre et bah je préfère formater le pc qu'acheter :D lol
Et comme moi je suis pauvre et bah je préfère formater le pc qu'acheter :D lol
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
eni_ssay
Messages postés
4
Date d'inscription
mercredi 25 février 2009
Statut
Membre
Dernière intervention
25 février 2009
25 févr. 2009 à 13:28
25 févr. 2009 à 13:28
J'ai fait le scan en ligne, il a trouvé un fichier infecté malgré ça le problème existe tjrs.
Utilisateur anonyme
25 févr. 2009 à 13:43
25 févr. 2009 à 13:43
met le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
C:\Program Files\EsetOnlineScanner\log.txt
[b]SDFix: Version 1.240 [/b]
Run by Administrateur on lun. 18/05/2009 at 13:26
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 13:30:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 65536 bytes
C:\WINDOWS\SoftwareDistribution\EventCache\{95FCF4B3-6524-4B34-AD23-D9C88B1BFDCE}.bin 8 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll 323608 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.cab 46774 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.dll 92696 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr\wuau.adm 61802 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cab 199514 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll 561688 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.inf 677 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.mui.cab 15911 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.cab 31702 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.exe 51224 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cab 102198 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl 213528 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr 35864 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.cat 8408 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.inf 1345 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.inf 293 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.mui.cab 100719 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.cab 7582 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.txt 1284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cab 23131 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.dll 34328 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.inf 388 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cab 29772 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.dll 43544 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.inf 284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cab 21204 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cat 39216 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.inf 15362 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cab 96782 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.dll 202776 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.inf 691 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.mui.cab 16429 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cab 674618 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll 1809944 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr 19992 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.inf 695 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.inf 2297 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.mui.cab 15857 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauhelp.chm_fr 79367 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cab 141560 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cat 7828 bytes
C:\WINDOWS\system32\cdm.dll.wusetup.125437.bak
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 57
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
Tue 23 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
[b]Finished![/b]
[b]SDFix: Version 1.240 [/b]
Run by Administrateur on lun. 18/05/2009 at 13:26
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 13:30:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 65536 bytes
C:\WINDOWS\SoftwareDistribution\EventCache\{95FCF4B3-6524-4B34-AD23-D9C88B1BFDCE}.bin 8 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll 323608 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.cab 46774 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.dll 92696 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr\wuau.adm 61802 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cab 199514 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll 561688 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.inf 677 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.mui.cab 15911 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.cab 31702 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.exe 51224 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cab 102198 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl 213528 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr 35864 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.cat 8408 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.inf 1345 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.inf 293 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.mui.cab 100719 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.cab 7582 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.txt 1284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cab 23131 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.dll 34328 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.inf 388 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cab 29772 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.dll 43544 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.inf 284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cab 21204 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cat 39216 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.inf 15362 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cab 96782 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.dll 202776 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.inf 691 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.mui.cab 16429 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cab 674618 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll 1809944 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr 19992 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.inf 695 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.inf 2297 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.mui.cab 15857 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauhelp.chm_fr 79367 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cab 141560 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cat 7828 bytes
C:\WINDOWS\system32\cdm.dll.wusetup.125437.bak
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 57
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
Tue 23 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
[b]Finished![/b]
Run by Administrateur on lun. 18/05/2009 at 13:26
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 13:30:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 65536 bytes
C:\WINDOWS\SoftwareDistribution\EventCache\{95FCF4B3-6524-4B34-AD23-D9C88B1BFDCE}.bin 8 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll 323608 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.cab 46774 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.dll 92696 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr\wuau.adm 61802 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cab 199514 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll 561688 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.inf 677 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.mui.cab 15911 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.cab 31702 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.exe 51224 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cab 102198 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl 213528 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr 35864 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.cat 8408 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.inf 1345 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.inf 293 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.mui.cab 100719 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.cab 7582 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.txt 1284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cab 23131 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.dll 34328 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.inf 388 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cab 29772 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.dll 43544 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.inf 284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cab 21204 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cat 39216 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.inf 15362 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cab 96782 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.dll 202776 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.inf 691 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.mui.cab 16429 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cab 674618 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll 1809944 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr 19992 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.inf 695 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.inf 2297 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.mui.cab 15857 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauhelp.chm_fr 79367 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cab 141560 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cat 7828 bytes
C:\WINDOWS\system32\cdm.dll.wusetup.125437.bak
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 57
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
Tue 23 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
[b]Finished![/b]
[b]SDFix: Version 1.240 [/b]
Run by Administrateur on lun. 18/05/2009 at 13:26
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 13:30:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb 65536 bytes
C:\WINDOWS\SoftwareDistribution\EventCache\{95FCF4B3-6524-4B34-AD23-D9C88B1BFDCE}.bin 8 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll 323608 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.cab 46774 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\cdm.dll 92696 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr
C:\WINDOWS\SoftwareDistribution\SelfUpdate\fr\wuau.adm 61802 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cab 199514 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll 561688 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr 27672 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.dll.mui_fr.inf 677 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuapi.mui.cab 15911 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.cab 31702 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauclt.exe 51224 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cab 102198 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl 213528 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr 35864 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.cat 8408 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.dll.mui_fr.inf 1345 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.inf 293 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.mui.cab 100719 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.cab 7582 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuident.txt 1284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cab 23131 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.dll 34328 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups.inf 388 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cab 29772 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.dll 43544 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wups2.inf 284 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cab 21204 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.cat 39216 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wusetup.inf 15362 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cab 96782 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.dll 202776 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuweb.inf 393 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.cpl.mui_fr.inf 691 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaucpl.mui.cab 16429 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cab 674618 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll 1809944 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr 19992 bytes executable
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.cat 7828 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.dll.mui_fr.inf 695 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.inf 2297 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuaueng.mui.cab 15857 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wuauhelp.chm_fr 79367 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cab 141560 bytes
C:\WINDOWS\SoftwareDistribution\SelfUpdate\wucltui.cat 7828 bytes
C:\WINDOWS\system32\cdm.dll.wusetup.125437.bak
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 57
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Sun 12 Mar 2006 10,311,680 ..SH. --- "C:\Program Files\AVIConverter\mencoder.exe"
Tue 23 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
[b]Finished![/b]