VIRUS XP ANTISPYWARE 2009
Résolu/Fermé
Lelie
-
13 oct. 2008 à 16:19
Destrio5 Messages postés 85926 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 13 oct. 2008 à 23:01
Destrio5 Messages postés 85926 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 13 oct. 2008 à 23:01
A voir également:
- VIRUS XP ANTISPYWARE 2009
- Tinyurl virus - Forum Virus / Sécurité
- Tlauncher virus ✓ - Forum Jeux vidéo
- Svchost.exe virus ✓ - Forum Virus / Sécurité
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Cle windows xp - Guide
22 réponses
Sacabouffe
Messages postés
9418
Date d'inscription
dimanche 19 août 2007
Statut
Membre
Dernière intervention
29 mai 2009
1 858
13 oct. 2008 à 22:53
13 oct. 2008 à 22:53
Bonsoir
Voilà le message qui passait pas.
[b]SDFix: Version 1.235 /b
Run by Ibanez Nathalie on 13/10/2008 at 19:08
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\Ibanez Nathalie\Desktop\SDFix\SDFix
[b]Checking Services /b:
Restoring Default Security Values
Restoring Default Hosts File
Resetting AppInit_DLLs value
Rebooting
[b]Infected beep.sys Found!/b
beep.sys File Locations:
"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\drivers\beep.sys" 4224 28/08/2001 14:00
Infected File Listed Below:
C:\WINDOWS\system32\dllcache\beep.sys
File copied to Backups Folder
Attempting to replace beep.sys with original version
Original beep.sys Restored
"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 4224 07/08/2008 16:27
"C:\WINDOWS\system32\drivers\beep.sys" 4224 07/08/2008 16:27
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\Uninstall.lnk - Deleted
C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\mslagent\2_mslagent.dll - Deleted
C:\WINDOWS\mslagent\mslagent.exe - Deleted
C:\WINDOWS\mslagent\uninstall.exe - Deleted
C:\Program Files\Inet Delivery\inetdl.exe - Deleted
C:\Program Files\Inet Delivery\intdel.exe - Deleted
C:\Program Files\XP_Antispyware\AVEngn.dll - Deleted
C:\Program Files\XP_Antispyware\comp.dat - Deleted
C:\Program Files\XP_Antispyware\htmlayout.dll - Deleted
C:\Program Files\XP_Antispyware\pthreadVC2.dll - Deleted
C:\Program Files\XP_Antispyware\Uninstall.exe - Deleted
C:\Program Files\XP_Antispyware\wscui.cpl - Deleted
C:\Program Files\XP_Antispyware\XP_Antispyware.cfg - Deleted
C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\system32\wini104552502.exe - Deleted
C:\WINDOWS\zip1.tmp - Deleted
C:\WINDOWS\zip2.tmp - Deleted
C:\WINDOWS\zip3.tmp - Deleted
C:\WINDOWS\zipped.tmp - Deleted
C:\Documents and Settings\Ibanez Nathalie\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\base64.tmp - Deleted
C:\WINDOWS\bdn.com - Deleted
C:\WINDOWS\brastk.exe - Deleted
C:\WINDOWS\FVProtect.exe - Deleted
C:\WINDOWS\iTunesMusic.exe - Deleted
C:\WINDOWS\karna.dat - Deleted
C:\WINDOWS\mssecu.exe - Deleted
C:\WINDOWS\system32\akttzn.exe - Deleted
C:\WINDOWS\system32\anticipator.dll - Deleted
C:\WINDOWS\system32\awtoolb.dll - Deleted
C:\WINDOWS\system32\bdn.com - Deleted
C:\WINDOWS\system32\brastk.exe - Deleted
C:\WINDOWS\system32\bsva-egihsg52.exe - Deleted
C:\WINDOWS\system32\dpcproxy.exe - Deleted
C:\WINDOWS\system32\emesx.dll - Deleted
C:\WINDOWS\system32\h@tkeysh@@k.dll - Deleted
C:\WINDOWS\system32\hoproxy.dll - Deleted
C:\WINDOWS\system32\hxiwlgpm.dat - Deleted
C:\WINDOWS\system32\hxiwlgpm.exe - Deleted
C:\WINDOWS\system32\karna.dat - Deleted
C:\WINDOWS\system32\medup012.dll - Deleted
C:\WINDOWS\system32\medup020.dll - Deleted
C:\WINDOWS\system32\msgp.exe - Deleted
C:\WINDOWS\system32\msnbho.dll - Deleted
C:\WINDOWS\system32\mssecu.exe - Deleted
C:\WINDOWS\system32\msvchost.exe - Deleted
C:\WINDOWS\system32\mtr2.exe - Deleted
C:\WINDOWS\system32\mwin32.exe - Deleted
C:\WINDOWS\system32\netode.exe - Deleted
C:\WINDOWS\system32\newsd32.exe - Deleted
C:\WINDOWS\system32\ps1.exe - Deleted
C:\WINDOWS\system32\psof1.exe - Deleted
C:\WINDOWS\system32\psoft1.exe - Deleted
C:\WINDOWS\system32\regc64.dll - Deleted
C:\WINDOWS\system32\regm64.dll - Deleted
C:\WINDOWS\system32\Rundl1.exe - Deleted
C:\WINDOWS\system32\smp\msrc.exe - Deleted
C:\WINDOWS\system32\sncntr.exe - Deleted
C:\WINDOWS\system32\ssurf022.dll - Deleted
C:\WINDOWS\system32\ssvchost.com - Deleted
C:\WINDOWS\system32\ssvchost.exe - Deleted
C:\WINDOWS\system32\sysreq.exe - Deleted
C:\WINDOWS\system32\taack.dat - Deleted
C:\WINDOWS\system32\taack.exe - Deleted
C:\WINDOWS\system32\temp#01.exe - Deleted
C:\WINDOWS\system32\thun.dll - Deleted
C:\WINDOWS\system32\thun32.dll - Deleted
C:\WINDOWS\system32\VBIEWER.OCX - Deleted
C:\WINDOWS\system32\vbsys2.dll - Deleted
C:\WINDOWS\system32\vcatchpi.dll - Deleted
C:\WINDOWS\system32\winlogonpc.exe - Deleted
C:\WINDOWS\system32\winsystem.exe - Deleted
C:\WINDOWS\system32\WINWGPX.EXE - Deleted
C:\WINDOWS\userconfig9x.dll - Deleted
C:\WINDOWS\winsystem.exe - Deleted
Folder C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware - Removed
Folder C:\Program Files\Inet Delivery - Removed
Folder C:\Program Files\PC-Antispy - Removed
Folder C:\Program Files\XP_Antispyware - Removed
Folder C:\WINDOWS\mslagent - Removed
Folder C:\WINDOWS\system32\smp - Removed
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 19:18:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\kdx\\khost.exe"="C:\\WINDOWS\\kdx\\khost.exe:*:Enabled:Delivery Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\IBANEZ~1\Desktop\SDFix\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Tue 19 Oct 2004 960 A.SH. --- "C:\fvcjaw3o.sys"
Sun 26 Jun 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 23 Oct 2005 31,232 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1427.tmp"
Sun 23 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1784.tmp"
Sun 23 Oct 2005 26,112 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1987.tmp"
Mon 26 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 26 Aug 2006 53,760 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3150.tmp"
Wed 19 Jul 2006 88,576 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3653.tmp"
Mon 22 May 2006 36,352 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL0414.tmp"
Mon 22 May 2006 42,496 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL2311.tmp"
Mon 22 May 2006 39,936 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL3321.tmp"
Tue 25 Apr 2006 83,456 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\cpap final\calendrier MBDA action 3\~WRL1712.tmp"
Wed 12 Jul 2006 1,212,416 A.SH. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\school year 07\my favorites\SIV394.tmp"
Thu 3 Nov 2005 57,856 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\summer 06'\clefs usb\cpap final\shaolin form center action 1\essais\cpap logos\~WRL1918.tmp"
[b]Finished!/b
Bonne continuation ;-)
Voilà le message qui passait pas.
[b]SDFix: Version 1.235 /b
Run by Ibanez Nathalie on 13/10/2008 at 19:08
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\Ibanez Nathalie\Desktop\SDFix\SDFix
[b]Checking Services /b:
Restoring Default Security Values
Restoring Default Hosts File
Resetting AppInit_DLLs value
Rebooting
[b]Infected beep.sys Found!/b
beep.sys File Locations:
"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\drivers\beep.sys" 4224 28/08/2001 14:00
Infected File Listed Below:
C:\WINDOWS\system32\dllcache\beep.sys
File copied to Backups Folder
Attempting to replace beep.sys with original version
Original beep.sys Restored
"C:\WINDOWS\Drivers\beep.sys" 28160 08/10/2008 10:01
"C:\WINDOWS\system32\dllcache\beep.sys" 4224 07/08/2008 16:27
"C:\WINDOWS\system32\drivers\beep.sys" 4224 07/08/2008 16:27
[b]Checking Files /b:
Trojan Files Found:
C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\Uninstall.lnk - Deleted
C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\mslagent\2_mslagent.dll - Deleted
C:\WINDOWS\mslagent\mslagent.exe - Deleted
C:\WINDOWS\mslagent\uninstall.exe - Deleted
C:\Program Files\Inet Delivery\inetdl.exe - Deleted
C:\Program Files\Inet Delivery\intdel.exe - Deleted
C:\Program Files\XP_Antispyware\AVEngn.dll - Deleted
C:\Program Files\XP_Antispyware\comp.dat - Deleted
C:\Program Files\XP_Antispyware\htmlayout.dll - Deleted
C:\Program Files\XP_Antispyware\pthreadVC2.dll - Deleted
C:\Program Files\XP_Antispyware\Uninstall.exe - Deleted
C:\Program Files\XP_Antispyware\wscui.cpl - Deleted
C:\Program Files\XP_Antispyware\XP_Antispyware.cfg - Deleted
C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\system32\wini104552502.exe - Deleted
C:\WINDOWS\zip1.tmp - Deleted
C:\WINDOWS\zip2.tmp - Deleted
C:\WINDOWS\zip3.tmp - Deleted
C:\WINDOWS\zipped.tmp - Deleted
C:\Documents and Settings\Ibanez Nathalie\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\base64.tmp - Deleted
C:\WINDOWS\bdn.com - Deleted
C:\WINDOWS\brastk.exe - Deleted
C:\WINDOWS\FVProtect.exe - Deleted
C:\WINDOWS\iTunesMusic.exe - Deleted
C:\WINDOWS\karna.dat - Deleted
C:\WINDOWS\mssecu.exe - Deleted
C:\WINDOWS\system32\akttzn.exe - Deleted
C:\WINDOWS\system32\anticipator.dll - Deleted
C:\WINDOWS\system32\awtoolb.dll - Deleted
C:\WINDOWS\system32\bdn.com - Deleted
C:\WINDOWS\system32\brastk.exe - Deleted
C:\WINDOWS\system32\bsva-egihsg52.exe - Deleted
C:\WINDOWS\system32\dpcproxy.exe - Deleted
C:\WINDOWS\system32\emesx.dll - Deleted
C:\WINDOWS\system32\h@tkeysh@@k.dll - Deleted
C:\WINDOWS\system32\hoproxy.dll - Deleted
C:\WINDOWS\system32\hxiwlgpm.dat - Deleted
C:\WINDOWS\system32\hxiwlgpm.exe - Deleted
C:\WINDOWS\system32\karna.dat - Deleted
C:\WINDOWS\system32\medup012.dll - Deleted
C:\WINDOWS\system32\medup020.dll - Deleted
C:\WINDOWS\system32\msgp.exe - Deleted
C:\WINDOWS\system32\msnbho.dll - Deleted
C:\WINDOWS\system32\mssecu.exe - Deleted
C:\WINDOWS\system32\msvchost.exe - Deleted
C:\WINDOWS\system32\mtr2.exe - Deleted
C:\WINDOWS\system32\mwin32.exe - Deleted
C:\WINDOWS\system32\netode.exe - Deleted
C:\WINDOWS\system32\newsd32.exe - Deleted
C:\WINDOWS\system32\ps1.exe - Deleted
C:\WINDOWS\system32\psof1.exe - Deleted
C:\WINDOWS\system32\psoft1.exe - Deleted
C:\WINDOWS\system32\regc64.dll - Deleted
C:\WINDOWS\system32\regm64.dll - Deleted
C:\WINDOWS\system32\Rundl1.exe - Deleted
C:\WINDOWS\system32\smp\msrc.exe - Deleted
C:\WINDOWS\system32\sncntr.exe - Deleted
C:\WINDOWS\system32\ssurf022.dll - Deleted
C:\WINDOWS\system32\ssvchost.com - Deleted
C:\WINDOWS\system32\ssvchost.exe - Deleted
C:\WINDOWS\system32\sysreq.exe - Deleted
C:\WINDOWS\system32\taack.dat - Deleted
C:\WINDOWS\system32\taack.exe - Deleted
C:\WINDOWS\system32\temp#01.exe - Deleted
C:\WINDOWS\system32\thun.dll - Deleted
C:\WINDOWS\system32\thun32.dll - Deleted
C:\WINDOWS\system32\VBIEWER.OCX - Deleted
C:\WINDOWS\system32\vbsys2.dll - Deleted
C:\WINDOWS\system32\vcatchpi.dll - Deleted
C:\WINDOWS\system32\winlogonpc.exe - Deleted
C:\WINDOWS\system32\winsystem.exe - Deleted
C:\WINDOWS\system32\WINWGPX.EXE - Deleted
C:\WINDOWS\userconfig9x.dll - Deleted
C:\WINDOWS\winsystem.exe - Deleted
Folder C:\Documents and Settings\Ibanez Nathalie\Start Menu\Programs\XP_AntiSpyware - Removed
Folder C:\Program Files\Inet Delivery - Removed
Folder C:\Program Files\PC-Antispy - Removed
Folder C:\Program Files\XP_Antispyware - Removed
Folder C:\WINDOWS\mslagent - Removed
Folder C:\WINDOWS\system32\smp - Removed
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 19:18:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\kdx\\khost.exe"="C:\\WINDOWS\\kdx\\khost.exe:*:Enabled:Delivery Manager"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[b]Remaining Files /b:
File Backups: - C:\DOCUME~1\IBANEZ~1\Desktop\SDFix\SDFix\backups\backups.zip
[b]Files with Hidden Attributes /b:
Tue 19 Oct 2004 960 A.SH. --- "C:\fvcjaw3o.sys"
Sun 26 Jun 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 23 Oct 2005 31,232 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1427.tmp"
Sun 23 Oct 2005 30,208 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1784.tmp"
Sun 23 Oct 2005 26,112 ...H. --- "C:\Documents and Settings\Ibanez Nathalie\Desktop\~WRL1987.tmp"
Mon 26 Feb 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 26 Aug 2006 53,760 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3150.tmp"
Wed 19 Jul 2006 88,576 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier\cv\~WRL3653.tmp"
Mon 22 May 2006 36,352 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL0414.tmp"
Mon 22 May 2006 42,496 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL2311.tmp"
Mon 22 May 2006 39,936 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\BACKUP\TH1\~WRL3321.tmp"
Tue 25 Apr 2006 83,456 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\dossier scolaire\cpap final\calendrier MBDA action 3\~WRL1712.tmp"
Wed 12 Jul 2006 1,212,416 A.SH. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\school year 07\my favorites\SIV394.tmp"
Thu 3 Nov 2005 57,856 A..H. --- "C:\Documents and Settings\Ibanez Nathalie\My Documents\My Pictures\friendz and co\summer 06'\clefs usb\cpap final\shaolin form center action 1\essais\cpap logos\~WRL1918.tmp"
[b]Finished!/b
Bonne continuation ;-)
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 oct. 2008 à 23:01
13 oct. 2008 à 23:01
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://blog.sosordi.net/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://blog.sosordi.net/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/