Sujet Précédent Sujet Suivant

Virus msn

Fermé
HUMBERTO - 20 mars 2008 à 15:09
 HUMBERTO - 20 mars 2008 à 15:28
Bonjour à tous.Alors voilà un virus s est implanté dans mon pc : le fameux WIN32:small JMH. J ai fai une analyse en mode sans échec avec SDFIX, voilà le rapport :




[b]SDFix: Version 1.159 /b

Run by Humberto on 20/03/2008 at 13:13

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\Humberto\Bureau\SDFix

[b]Checking Services /b:


Restoring Windows Registry Values
Restoring Windows Default Hosts File






PS : désolé jlpjlp mais je n avais pas bien lu ta réponse. enfin voilà je te poste la suite.

Rebooting


[b]Checking Files /b:

No Trojan Files Found






Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 13:28:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000038
"TracesSuccessful"=dword:00000005

scanning hidden files ...

C:\WINDOWS\Temp\_av_proI.tm~a03268

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 242


[b]Remaining Services /b:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­cy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Fritivi\\fritivi.exe"="C:\\Program Files\\Fritivi\\fritivi.exe:*:Enabled:Fritivi"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\games\\RedFaction\\RedFaction.exe"="C:\\games\\RedFaction\\RedFaction.­­exe:*:Enabled:Red Faction Launcher"
"C:\\games\\RedFaction\\rf.exe"="C:\\games\\RedFaction\\rf.exe:*:Enabled:Re­­d Faction"
"C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe"="C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe:*:Enabled:PeerCast"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream ??????"
"C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:TVAnts"
"C:\\Program Files\\MaxTV Online\\maxtv.exe"="C:\\Program Files\\MaxTV Online\\maxtv.exe:*:Enabled:maxtv"
"C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe"="C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe:*:Enabled:Streamer"
"C:\\Program Files\\MaxTV\\maxtv.exe"="C:\\Program Files\\MaxTV\\maxtv.exe:*:Enabled:MaxTV Online"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
@=""
"C:\\WINDOWS\\system32\\ujsosf.exe"="C:\\WINDOWS\\system32\\ujsosf.exe:*:En­­abled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­cy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files /b:


File Backups: - C:\DOCUME~1\Humberto\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Fri 13 May 2005 217,073 A.SHR --- "C:\WINDOWS\meta4.exe"
Mon 24 Oct 2005 66,560 A.SHR --- "C:\WINDOWS\MOTA113.exe"
Thu 13 Oct 2005 422,400 A.SHR --- "C:\WINDOWS\x2.64.exe"
Fri 7 Oct 2005 308,224 A.SHR --- "C:\WINDOWS\system32\avisynth.dll"
Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll"
Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll"
Tue 21 Jun 2005 45,568 A.SHR --- "C:\WINDOWS\system32\cygz.dll"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll"
Thu 27 Apr 2006 2,945,024 A.SHR --- "C:\WINDOWS\system32\Smab.dll"
Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll"
Wed 15 Feb 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 13 Aug 2004 1,953,792 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\launcher.exe"
Fri 13 Aug 2004 53,760 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\mnyinsta.dll"
Fri 13 Aug 2004 94,208 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\RmvSuite.exe"
Mon 16 Aug 2004 35,328 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\setuplng.dll"
Fri 13 Aug 2004 20,480 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\unregwtr.exe"
Sun 16 Apr 2006 71,168 ..SHR --- "C:\Program Files\Mio Technology\MioSync\Setup.exe"
Sat 9 Jul 2005 16,384 A.SHR --- "C:\Program Files\Mio Technology\MioSync\_Setup.dll"
Thu 29 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 10 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Humberto\Bureau\marco\~WRL2864.tmp"
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3baf18ad8b1aef3a4fc43c15f7b3a2c9\BIT4.tmp&q­­uot;
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3.tmp&q­­uot;
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\771350e502329b319ea4189fe126f571\BIT3.tmp&q­­uot;
Wed 27 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT3.tmp&q­­uot;

[b]Finished!/b




quelqu un pourrait- il me venir en aide svp car je ne sais plu quoi faire à partir de ça ? merci d avance
Configuration: Windows XP
Internet Explorer 6.0
A voir également:

4 réponses

Réponse 1 / 4
miou95
20 mars 2008 à 15:14
Essai de télécharger msnfix ici http://www.infos-du-net.com/telecharger/MSNFix,0301-11762.html
Exécute le fichier en mode sans échec, suis les instructions et si l'infection est supprimé redemarre ta machine et retest un coup pour en etre sur.

Voila bonne chance!
0
Réponse 2 / 4
HUMBERTO
20 mars 2008 à 15:27
J ai lancé msnfix en mode sans echec comme tu me l avais indiqué mais aucune infection n a été trouvé. Pourtant je suis sûr que l infection est bien là. j avais dejà fais ce que tu m as di hier soir, mais ensuite on m a dit de poster le rapport fais avec le logiciel SDFIX sur ce forum. donc voilà je le remets :

[b]SDFix: Version 1.159 /b

Run by Humberto on 20/03/2008 at 13:13

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\Humberto\Bureau\SDFix

[b]Checking Services /b:


Restoring Windows Registry Values
Restoring Windows Default Hosts File






PS : désolé jlpjlp mais je n avais pas bien lu ta réponse. enfin voilà je te poste la suite.

Rebooting


[b]Checking Files /b:

No Trojan Files Found






Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 13:28:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000038
"TracesSuccessful"=dword:00000005

scanning hidden files ...

C:\WINDOWS\Temp\_av_proI.tm~a03268

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 242


[b]Remaining Services /b:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­­cy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Fritivi\\fritivi.exe"="C:\\Program Files\\Fritivi\\fritivi.exe:*:Enabled:Fritivi"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\games\\RedFaction\\RedFaction.exe"="C:\\games\\RedFaction\\RedFaction.­­­exe:*:Enabled:Red Faction Launcher"
"C:\\games\\RedFaction\\rf.exe"="C:\\games\\RedFaction\\rf.exe:*:Enabled:Re­­­d Faction"
"C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe"="C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe:*:Enabled:PeerCast"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream ??????"
"C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:TVAnts"
"C:\\Program Files\\MaxTV Online\\maxtv.exe"="C:\\Program Files\\MaxTV Online\\maxtv.exe:*:Enabled:maxtv"
"C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe"="C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe:*:Enabled:Streamer"
"C:\\Program Files\\MaxTV\\maxtv.exe"="C:\\Program Files\\MaxTV\\maxtv.exe:*:Enabled:MaxTV Online"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
@=""
"C:\\WINDOWS\\system32\\ujsosf.exe"="C:\\WINDOWS\\system32\\ujsosf.exe:*:En­­­abled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­­cy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files /b:


File Backups: - C:\DOCUME~1\Humberto\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Fri 13 May 2005 217,073 A.SHR --- "C:\WINDOWS\meta4.exe"
Mon 24 Oct 2005 66,560 A.SHR --- "C:\WINDOWS\MOTA113.exe"
Thu 13 Oct 2005 422,400 A.SHR --- "C:\WINDOWS\x2.64.exe"
Fri 7 Oct 2005 308,224 A.SHR --- "C:\WINDOWS\system32\avisynth.dll"
Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll"
Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll"
Tue 21 Jun 2005 45,568 A.SHR --- "C:\WINDOWS\system32\cygz.dll"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll"
Thu 27 Apr 2006 2,945,024 A.SHR --- "C:\WINDOWS\system32\Smab.dll"
Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll"
Wed 15 Feb 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 13 Aug 2004 1,953,792 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\launcher.exe"
Fri 13 Aug 2004 53,760 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\mnyinsta.dll"
Fri 13 Aug 2004 94,208 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\RmvSuite.exe"
Mon 16 Aug 2004 35,328 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\setuplng.dll"
Fri 13 Aug 2004 20,480 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\unregwtr.exe"
Sun 16 Apr 2006 71,168 ..SHR --- "C:\Program Files\Mio Technology\MioSync\Setup.exe"
Sat 9 Jul 2005 16,384 A.SHR --- "C:\Program Files\Mio Technology\MioSync\_Setup.dll"
Thu 29 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 10 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Humberto\Bureau\marco\~WRL2864.tmp"
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3baf18ad8b1aef3a4fc43c15f7b3a2c9\BIT4.tmp&q­­­uot;
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3.tmp&q­­­uot;
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\771350e502329b319ea4189fe126f571\BIT3.tmp&q­­­uot;
Wed 27 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT3.tmp&q­­­uot;

[b]Finished!/b
0
Réponse 3 / 4
HUMBERTO
20 mars 2008 à 15:27
J ai lancé msnfix en mode sans echec comme tu me l avais indiqué mais aucune infection n a été trouvé. Pourtant je suis sûr que l infection est bien là. j avais dejà fais ce que tu m as di hier soir, mais ensuite on m a dit de poster le rapport fais avec le logiciel SDFIX sur ce forum. donc voilà je le remets :

[b]SDFix: Version 1.159 /b

Run by Humberto on 20/03/2008 at 13:13

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\Humberto\Bureau\SDFix

[b]Checking Services /b:


Restoring Windows Registry Values
Restoring Windows Default Hosts File






PS : désolé jlpjlp mais je n avais pas bien lu ta réponse. enfin voilà je te poste la suite.

Rebooting


[b]Checking Files /b:

No Trojan Files Found






Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 13:28:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000038
"TracesSuccessful"=dword:00000005

scanning hidden files ...

C:\WINDOWS\Temp\_av_proI.tm~a03268

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 242


[b]Remaining Services /b:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­­cy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Fritivi\\fritivi.exe"="C:\\Program Files\\Fritivi\\fritivi.exe:*:Enabled:Fritivi"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\games\\RedFaction\\RedFaction.exe"="C:\\games\\RedFaction\\RedFaction.­­­exe:*:Enabled:Red Faction Launcher"
"C:\\games\\RedFaction\\rf.exe"="C:\\games\\RedFaction\\rf.exe:*:Enabled:Re­­­d Faction"
"C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe"="C:\\Program Files\\MaxTV Online\\plugins\\PeerCast.exe:*:Enabled:PeerCast"
"C:\\Program Files\\PPStream\\PPStream.exe"="C:\\Program Files\\PPStream\\PPStream.exe:*:Enabled:PPStream ??????"
"C:\\Program Files\\TvAnts\\Tvants.exe"="C:\\Program Files\\TvAnts\\Tvants.exe:*:Enabled:TVAnts"
"C:\\Program Files\\MaxTV Online\\maxtv.exe"="C:\\Program Files\\MaxTV Online\\maxtv.exe:*:Enabled:maxtv"
"C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe"="C:\\Program Files\\MaxTV Online\\plugins\\Streamer.exe:*:Enabled:Streamer"
"C:\\Program Files\\MaxTV\\maxtv.exe"="C:\\Program Files\\MaxTV\\maxtv.exe:*:Enabled:MaxTV Online"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
@=""
"C:\\WINDOWS\\system32\\ujsosf.exe"="C:\\WINDOWS\\system32\\ujsosf.exe:*:En­­­abled:Flash Media"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli­­­cy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable­­­d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files /b:


File Backups: - C:\DOCUME~1\Humberto\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Fri 13 May 2005 217,073 A.SHR --- "C:\WINDOWS\meta4.exe"
Mon 24 Oct 2005 66,560 A.SHR --- "C:\WINDOWS\MOTA113.exe"
Thu 13 Oct 2005 422,400 A.SHR --- "C:\WINDOWS\x2.64.exe"
Fri 7 Oct 2005 308,224 A.SHR --- "C:\WINDOWS\system32\avisynth.dll"
Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll"
Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll"
Tue 21 Jun 2005 45,568 A.SHR --- "C:\WINDOWS\system32\cygz.dll"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll"
Thu 27 Apr 2006 2,945,024 A.SHR --- "C:\WINDOWS\system32\Smab.dll"
Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe"
Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll"
Wed 15 Feb 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 13 Aug 2004 1,953,792 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\launcher.exe"
Fri 13 Aug 2004 53,760 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\mnyinsta.dll"
Fri 13 Aug 2004 94,208 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\RmvSuite.exe"
Mon 16 Aug 2004 35,328 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\setuplng.dll"
Fri 13 Aug 2004 20,480 ...HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\unregwtr.exe"
Sun 16 Apr 2006 71,168 ..SHR --- "C:\Program Files\Mio Technology\MioSync\Setup.exe"
Sat 9 Jul 2005 16,384 A.SHR --- "C:\Program Files\Mio Technology\MioSync\_Setup.dll"
Thu 29 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Mon 10 Mar 2008 36,864 ...H. --- "C:\Documents and Settings\Humberto\Bureau\marco\~WRL2864.tmp"
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3baf18ad8b1aef3a4fc43c15f7b3a2c9\BIT4.tmp&q­­­uot;
Thu 24 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT3.tmp&q­­­uot;
Fri 11 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\771350e502329b319ea4189fe126f571\BIT3.tmp&q­­­uot;
Wed 27 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ad213d081e2675ef87a62c73b8abf209\BIT3.tmp&q­­­uot;

[b]Finished!/b
0
Réponse 4 / 4
HUMBERTO
20 mars 2008 à 15:28
je remet un post pour recevoir les reponses par mail désolé
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
symboles et écritures pour nick msn
Pando -
roro -

20 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses