[BESION AIDE] Virus MSN messenger envoie de lien !!!

Virus MSN messenger envoie de lien !!! [BESION AIDE] - Virus/Spywares - Windows & Software

Marsh Posté le 15-06-2008 à 20:21:45    

Bonjour,
Ca fait plusieurs fois que mes contacts MSN m'ont signalé que je leur ai envoyé involontairement ce lien : http:// venelugo.loadpics.info . C'est mon adresse msn qui est écrite. Et depuis hier, ça le fait a chaque fois que je me déconnecte !
C'est assez énervant. Alors j'ai regardé un peu sur le net pour résoudre le problème, et j'ai fait un "nettoyage" avec SDFix et j'ai eut ça comme rapport :
 
SDFix: Version 1.192
Run by Ugo on 15/06/2008 at 17:45
 
Microsoft Windows XP [version 5.1.2600]
Running From: E:\SDFix
 
Checking Services :
 
 
Restoring Windows Registry Values
Restoring Windows Default Hosts File
 
Rebooting
 
 
Checking Files :  
 
Trojan Files Found:
 
E:\Documents and Settings\Ugo\Local Settings\Temp\ubi3E.tmp.exe - Deleted
 
 
 
 
 
Removing Temp Files
 
ADS Check :
 
 
 
                                 Final Check :
 
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-15 18:17:02
Windows 5.1.2600 Service Pack 2 NTFS
 
scanning hidden processes ...
 
scanning hidden services & system hive ...
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000ea130d64b]
"00194fc06ddc"=hex:47,91,1d,cf,50,32,eb,9f,ca,9a,37,59,c4,ed,db,08
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="E:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:93,6d,f2,4b,79,9c,9c,df,bb,93,71,64,6c,57,d1,b5,39,a8,24,3a,17,..
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b8,43,fb,e1,f9,2d,23,fe,b0,21,c2,9c,fc,d8,92,40,9e,..
"khjeh"=hex:31,6a,3e,32,40,6f,f5,4b,5b,20,6e,86,6d,83,5a,b0,b7,86,66,6c,7d,..
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:68,1b,ba,c8,fd,1e,45,79,31,96,e5,d5,7b,f6,fe,40,54,ec,33,75,b2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000ea130d64b]
"00194fc06ddc"=hex:47,91,1d,cf,50,32,eb,9f,ca,9a,37,59,c4,ed,db,08
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="E:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:93,6d,f2,4b,79,9c,9c,df,bb,93,71,64,6c,57,d1,b5,39,a8,24,3a,17,..
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b8,43,fb,e1,f9,2d,23,fe,b0,21,c2,9c,fc,d8,92,40,9e,..
"khjeh"=hex:31,6a,3e,32,40,6f,f5,4b,5b,20,6e,86,6d,83,5a,b0,b7,86,66,6c,7d,..
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:68,1b,ba,c8,fd,1e,45,79,31,96,e5,d5,7b,f6,fe,40,54,ec,33,75,b2,..
 
scanning hidden registry entries ...
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs]
"CTE_32 Name"="2454480:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install\VxDs]
"DefaultSettings"="-19:{3C7DA433-1047-9FC4-00BA-978A09424856}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{782CF6D7-D6F8-184F-9406-42B93C0150F0}]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{782CF6D7-D6F8-184F-9406-42B93C0150F0}\Version 1.1]
"dat"="806585365:{D5A72F8D-7A94-9260-200A-05A0BB02C296}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{782CF6D7-D6F8-184F-9406-42B93C0150F0}]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{782CF6D7-D6F8-184F-9406-42B93C0150F0}\Version 3.x]
"dat"="1767914624:{E6D0723B-E61A-2C9F-36A6-52C6BBA3E5CA}"
 
scanning hidden files ...
 
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
 
 
Remaining Services :
 
 
 
 
Authorized Application Key Export:
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\\Program Files\\uTorrent\\uTorrent.exe"="E:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"E:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="E:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="E:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"E:\\Program Files\\Bonjour\\mDNSResponder.exe"="E:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\\WINDOWS\\system32\\PnkBstrA.exe"="E:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\\WINDOWS\\system32\\PnkBstrB.exe"="E:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\\Program Files\\SopCast\\SopCast.exe"="E:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\\Program Files\\SopCast\\adv\\SopAdver.exe"="E:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"F:\\Jeux\\KONAMI\\pes 2008\\PES2008.exe"="F:\\Jeux\\KONAMI\\pes 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"E:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"="E:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe:*:Enabled:Nero ControlCenter"
"E:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"="E:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"E:\\Program Files\\Sorenson Media\\Sorenson Squeeze\\Squeeze.exe"="E:\\Program Files\\Sorenson Media\\Sorenson Squeeze\\Squeeze.exe:*:Enabled:Squeeze Application"
"E:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="E:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="E:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\\Program Files\\Pando Networks\\Pando\\pando.exe"="E:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:Pando Application"
"E:\\Program Files\\iTunes\\iTunes.exe"="E:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"E:\\Program Files\\TVAnts\\Tvants.exe"="E:\\Program Files\\TVAnts\\Tvants.exe:*:Enabled:TVAnts"
"E:\\Documents and Settings\\Ugo\\Local Settings\\Temp\\OnlineUpdate8\\SetupXu.exe"="E:\\Documents and Settings\\Ugo\\Local Settings\\Temp\\OnlineUpdate8\\SetupXu.exe:*:Enabled:Nero ControlCenter"
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="E:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"E:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="E:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
 
Remaining Files :
 
 
File Backups: - E:\SDFix\backups\backups.zip
 
Files with Hidden Attributes :
 
Thu 17 Apr 2008            88 ..SHR --- "E:\WINDOWS\system32\F7BB6F2030.sys"
Thu 17 Apr 2008         3,140 A.SH. --- "E:\WINDOWS\system32\KGyGaAvL.sys"
Thu  8 May 2008             0 A..H. --- "E:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT4.tmp"
Sat 14 Jun 2008             0 A..H. --- "E:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT2.tmp"
Sat 15 Dec 2007       868,152 A..H. --- "E:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\BIT6.tmp"
Sat 15 Dec 2007             0 A..H. --- "E:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\BIT3.tmp"
 
Finished!
 
 
 
 
Et juste aprés ça, TOUJOURS LE MEME PROBLEME !!! C'est assez frustrant ! Vous pouvez m'aider ?

Reply

Marsh Posté le 15-06-2008 à 20:21:45   

Reply

Marsh Posté le 18-06-2008 à 09:48:25    

Help, pas envi de formater ! :(

Reply

Marsh Posté le 18-06-2008 à 10:04:56    

Ce sujet a été déplacé de la catégorie Hardware vers la categorie Windows & Software par DraCuLaX


---------------
| Un malentendu du cul | boum boum ! | La roulette
Reply

Marsh Posté le 18-06-2008 à 10:18:20    

Pas de logs postés tels quels, merci. Et la suite dans le topic msn.


---------------
Filmstory : gardez trace des films que vous avez vu ! :D
Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed