Trojan.Vundo ErrorSafe Infostealer ect... AIDEZ MOI SVP

Trojan.Vundo ErrorSafe Infostealer ect... AIDEZ MOI SVP - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !

Se connecter | Inscription

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : Trojan.Vundo ErrorSafe Infostealer ect... AIDEZ MOI SVP

m0rpheus97 4

Profil : IDNaute

Plus d'informations

25-01-2007 à 15:22:27

Au secour , si une ame charitable voulais bien m'aider ce serai bien !!! je met la mon hijack (puis mon SDFix , puis mon VundoFix , puis mon ComboFix ...) :

Logfile of HijackThis v1.99.1
Scan saved at 18:36:08, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Myk\Bureau\Bureau\hijackthis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
O2 - BHO: (no name) - {317BFEF3-B0B4-435B-91B8-AE9E4361B89A} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: (no name) - {4A023C6D-7C1C-42F8-8FCF-B252FB1DFDF6} - C:\WINDOWS\system32\ddccy.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B7BC5CCE-E6CE-43DB-B3E3-DA47DDDD4A5E} - C:\WINDOWS\system32\awtssst.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet3_88.dll' missing
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version8/Applet/wchatsign.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/p [...] nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awtssst - C:\WINDOWS\SYSTEM32\awtssst.dll
O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll
O20 - Winlogon Notify: geebb - C:\WINDOWS\system32\geebb.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\System32\UAService7.exe

Message édité par m0rpheus97 4 le 25-01-2007 à 16:49:04

---------------
Donnez-moi la sérénité d'accepter les choses que je ne puis changer. Le courage de changer les choses quand je le peux est la sagesse... Ouah ! Donnez moi juste une dose de cette fichue magie avant que je ne tue quelqu'un !!!

Liens spon sorisés

Inscrivez-vous ou connectez-vous pour masquer ceci.

m0rpheus97 4

Profil : IDNaute

Plus d'informations

25-01-2007 à 16:44:05

Masquer

Voila mon rapport SDfix

SDFix: Version 1.62

25/01/2007 - 18:59:18,78

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:

Path:

Restoring Windows Registry Entries
Restoring Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Files will be copied to Backups folder and removed:

C:\DOCUME~1\Myk\LOCALS~1\Temp\ubi8.tmp.exe - Deleted
C:\DOCUME~1\Myk\LOCALS~1\Temp\winC.tmp.exe - Deleted
C:\WINDOWS\system32\TFTP172 - Deleted
C:\WINDOWS\system32\winsys.exe - Deleted
C:\WINDOWS\Temp\win1.tmp - Deleted
C:\WINDOWS\Temp\win10.tmp - Deleted
C:\WINDOWS\Temp\win100.tmp - Deleted
C:\WINDOWS\Temp\win101.tmp - Deleted
C:\WINDOWS\Temp\win102.tmp - Deleted
C:\WINDOWS\Temp\win103.tmp - Deleted
C:\WINDOWS\Temp\win104.tmp - Deleted
C:\WINDOWS\Temp\win105.tmp - Deleted
C:\WINDOWS\Temp\win106.tmp - Deleted
C:\WINDOWS\Temp\win107.tmp - Deleted
C:\WINDOWS\Temp\win108.tmp - Deleted
C:\WINDOWS\Temp\win109.tmp - Deleted
C:\WINDOWS\Temp\win10A.tmp - Deleted
C:\WINDOWS\Temp\win10B.tmp - Deleted
C:\WINDOWS\Temp\win10C.tmp - Deleted
C:\WINDOWS\Temp\win10D.tmp - Deleted
C:\WINDOWS\Temp\win10E.tmp - Deleted
C:\WINDOWS\Temp\win10F.tmp - Deleted
C:\WINDOWS\Temp\win11.tmp - Deleted
C:\WINDOWS\Temp\win110.tmp - Deleted
C:\WINDOWS\Temp\win111.tmp - Deleted
C:\WINDOWS\Temp\win112.tmp - Deleted
C:\WINDOWS\Temp\win113.tmp - Deleted
C:\WINDOWS\Temp\win114.tmp - Deleted
C:\WINDOWS\Temp\win115.tmp - Deleted
C:\WINDOWS\Temp\win116.tmp - Deleted
C:\WINDOWS\Temp\win117.tmp - Deleted
C:\WINDOWS\Temp\win118.tmp - Deleted
C:\WINDOWS\Temp\win119.tmp - Deleted
C:\WINDOWS\Temp\win11A.tmp - Deleted
C:\WINDOWS\Temp\win11B.tmp - Deleted
C:\WINDOWS\Temp\win11C.tmp - Deleted
C:\WINDOWS\Temp\win11D.tmp - Deleted
C:\WINDOWS\Temp\win11E.tmp - Deleted
C:\WINDOWS\Temp\win11F.tmp - Deleted
C:\WINDOWS\Temp\win12.tmp - Deleted
C:\WINDOWS\Temp\win120.tmp - Deleted
C:\WINDOWS\Temp\win121.tmp - Deleted
C:\WINDOWS\Temp\win122.tmp - Deleted
C:\WINDOWS\Temp\win123.tmp - Deleted
C:\WINDOWS\Temp\win124.tmp - Deleted
C:\WINDOWS\Temp\win125.tmp - Deleted
C:\WINDOWS\Temp\win126.tmp - Deleted
C:\WINDOWS\Temp\win127.tmp - Deleted
C:\WINDOWS\Temp\win128.tmp - Deleted
C:\WINDOWS\Temp\win129.tmp - Deleted
C:\WINDOWS\Temp\win12A.tmp - Deleted
C:\WINDOWS\Temp\win12B.tmp - Deleted
C:\WINDOWS\Temp\win12C.tmp - Deleted
C:\WINDOWS\Temp\win12D.tmp - Deleted
C:\WINDOWS\Temp\win12E.tmp - Deleted
C:\WINDOWS\Temp\win12F.tmp - Deleted
C:\WINDOWS\Temp\win13.tmp - Deleted
C:\WINDOWS\Temp\win130.tmp - Deleted
C:\WINDOWS\Temp\win131.tmp - Deleted
C:\WINDOWS\Temp\win132.tmp - Deleted
C:\WINDOWS\Temp\win133.tmp - Deleted
C:\WINDOWS\Temp\win134.tmp - Deleted
C:\WINDOWS\Temp\win135.tmp - Deleted
C:\WINDOWS\Temp\win136.tmp - Deleted
C:\WINDOWS\Temp\win137.tmp - Deleted
C:\WINDOWS\Temp\win138.tmp - Deleted
C:\WINDOWS\Temp\win139.tmp - Deleted
C:\WINDOWS\Temp\win13A.tmp - Deleted
C:\WINDOWS\Temp\win13B.tmp - Deleted
C:\WINDOWS\Temp\win13C.tmp - Deleted
C:\WINDOWS\Temp\win13D.tmp - Deleted
C:\WINDOWS\Temp\win13E.tmp - Deleted
C:\WINDOWS\Temp\win13F.tmp - Deleted
C:\WINDOWS\Temp\win14.tmp - Deleted
C:\WINDOWS\Temp\win140.tmp - Deleted
C:\WINDOWS\Temp\win141.tmp - Deleted
C:\WINDOWS\Temp\win142.tmp - Deleted
C:\WINDOWS\Temp\win143.tmp - Deleted
C:\WINDOWS\Temp\win144.tmp - Deleted
C:\WINDOWS\Temp\win145.tmp - Deleted
C:\WINDOWS\Temp\win146.tmp - Deleted
C:\WINDOWS\Temp\win147.tmp - Deleted
C:\WINDOWS\Temp\win148.tmp - Deleted
C:\WINDOWS\Temp\win149.tmp - Deleted
C:\WINDOWS\Temp\win14A.tmp - Deleted
C:\WINDOWS\Temp\win14B.tmp - Deleted
C:\WINDOWS\Temp\win14C.tmp - Deleted
C:\WINDOWS\Temp\win14D.tmp - Deleted
C:\WINDOWS\Temp\win14E.tmp - Deleted
C:\WINDOWS\Temp\win14F.tmp - Deleted
C:\WINDOWS\Temp\win15.tmp - Deleted
C:\WINDOWS\Temp\win150.tmp - Deleted
C:\WINDOWS\Temp\win151.tmp - Deleted
C:\WINDOWS\Temp\win152.tmp - Deleted
C:\WINDOWS\Temp\win153.tmp - Deleted
C:\WINDOWS\Temp\win154.tmp - Deleted
C:\WINDOWS\Temp\win155.tmp - Deleted
C:\WINDOWS\Temp\win156.tmp - Deleted
C:\WINDOWS\Temp\win157.tmp - Deleted
C:\WINDOWS\Temp\win158.tmp - Deleted
C:\WINDOWS\Temp\win159.tmp - Deleted
C:\WINDOWS\Temp\win15A.tmp - Deleted
C:\WINDOWS\Temp\win15B.tmp - Deleted
C:\WINDOWS\Temp\win15C.tmp - Deleted
C:\WINDOWS\Temp\win15D.tmp - Deleted
C:\WINDOWS\Temp\win15E.tmp - Deleted
C:\WINDOWS\Temp\win15F.tmp - Deleted
C:\WINDOWS\Temp\win16.tmp - Deleted
C:\WINDOWS\Temp\win160.tmp - Deleted
C:\WINDOWS\Temp\win161.tmp - Deleted
C:\WINDOWS\Temp\win162.tmp - Deleted
C:\WINDOWS\Temp\win163.tmp - Deleted
C:\WINDOWS\Temp\win164.tmp - Deleted
C:\WINDOWS\Temp\win165.tmp - Deleted
C:\WINDOWS\Temp\win166.tmp - Deleted
C:\WINDOWS\Temp\win167.tmp - Deleted
C:\WINDOWS\Temp\win168.tmp - Deleted
C:\WINDOWS\Temp\win169.tmp - Deleted
C:\WINDOWS\Temp\win16A.tmp - Deleted
C:\WINDOWS\Temp\win16B.tmp - Deleted
C:\WINDOWS\Temp\win16C.tmp - Deleted
C:\WINDOWS\Temp\win16D.tmp - Deleted
C:\WINDOWS\Temp\win16E.tmp - Deleted
C:\WINDOWS\Temp\win16F.tmp - Deleted
C:\WINDOWS\Temp\win17.tmp - Deleted
C:\WINDOWS\Temp\win170.tmp - Deleted
C:\WINDOWS\Temp\win171.tmp - Deleted
C:\WINDOWS\Temp\win172.tmp - Deleted
C:\WINDOWS\Temp\win173.tmp - Deleted
C:\WINDOWS\Temp\win174.tmp - Deleted
C:\WINDOWS\Temp\win175.tmp - Deleted
C:\WINDOWS\Temp\win176.tmp - Deleted
C:\WINDOWS\Temp\win177.tmp - Deleted
C:\WINDOWS\Temp\win178.tmp - Deleted
C:\WINDOWS\Temp\win179.tmp - Deleted
C:\WINDOWS\Temp\win17A.tmp - Deleted
C:\WINDOWS\Temp\win17B.tmp - Deleted
C:\WINDOWS\Temp\win17C.tmp - Deleted
C:\WINDOWS\Temp\win17D.tmp - Deleted
C:\WINDOWS\Temp\win17E.tmp - Deleted
C:\WINDOWS\Temp\win17F.tmp - Deleted
C:\WINDOWS\Temp\win18.tmp - Deleted
C:\WINDOWS\Temp\win180.tmp - Deleted
C:\WINDOWS\Temp\win181.tmp - Deleted
C:\WINDOWS\Temp\win182.tmp - Deleted
C:\WINDOWS\Temp\win183.tmp - Deleted
C:\WINDOWS\Temp\win184.tmp - Deleted
C:\WINDOWS\Temp\win185.tmp - Deleted
C:\WINDOWS\Temp\win186.tmp - Deleted
C:\WINDOWS\Temp\win187.tmp - Deleted
C:\WINDOWS\Temp\win188.tmp - Deleted
C:\WINDOWS\Temp\win189.tmp - Deleted
C:\WINDOWS\Temp\win18A.tmp - Deleted
C:\WINDOWS\Temp\win18B.tmp - Deleted
C:\WINDOWS\Temp\win18C.tmp - Deleted
C:\WINDOWS\Temp\win18D.tmp - Deleted
C:\WINDOWS\Temp\win18E.tmp - Deleted
C:\WINDOWS\Temp\win18F.tmp - Deleted
C:\WINDOWS\Temp\win19.tmp - Deleted
C:\WINDOWS\Temp\win190.tmp - Deleted
C:\WINDOWS\Temp\win191.tmp - Deleted
C:\WINDOWS\Temp\win192.tmp - Deleted
C:\WINDOWS\Temp\win193.tmp - Deleted
C:\WINDOWS\Temp\win194.tmp - Deleted
C:\WINDOWS\Temp\win195.tmp - Deleted
C:\WINDOWS\Temp\win196.tmp - Deleted
C:\WINDOWS\Temp\win197.tmp - Deleted
C:\WINDOWS\Temp\win198.tmp - Deleted
C:\WINDOWS\Temp\win199.tmp - Deleted
C:\WINDOWS\Temp\win19A.tmp - Deleted
C:\WINDOWS\Temp\win19B.tmp - Deleted
C:\WINDOWS\Temp\win19C.tmp - Deleted
C:\WINDOWS\Temp\win19D.tmp - Deleted
C:\WINDOWS\Temp\win19E.tmp - Deleted
C:\WINDOWS\Temp\win19F.tmp - Deleted
C:\WINDOWS\Temp\win1A.tmp - Deleted
C:\WINDOWS\Temp\win1A0.tmp - Deleted
C:\WINDOWS\Temp\win1A1.tmp - Deleted
C:\WINDOWS\Temp\win1A2.tmp - Deleted
C:\WINDOWS\Temp\win1A3.tmp - Deleted
C:\WINDOWS\Temp\win1A5.tmp - Deleted
C:\WINDOWS\Temp\win1A6.tmp - Deleted
C:\WINDOWS\Temp\win1A7.tmp - Deleted
C:\WINDOWS\Temp\win1A8.tmp - Deleted
C:\WINDOWS\Temp\win1A9.tmp - Deleted
C:\WINDOWS\Temp\win1AA.tmp - Deleted
C:\WINDOWS\Temp\win1AB.tmp - Deleted
C:\WINDOWS\Temp\win1AC.tmp - Deleted
C:\WINDOWS\Temp\win1AD.tmp - Deleted
C:\WINDOWS\Temp\win1AE.tmp - Deleted
C:\WINDOWS\Temp\win1AF.tmp - Deleted
C:\WINDOWS\Temp\win1B.tmp - Deleted
C:\WINDOWS\Temp\win1B0.tmp - Deleted
C:\WINDOWS\Temp\win1B1.tmp - Deleted
C:\WINDOWS\Temp\win1B2.tmp - Deleted
C:\WINDOWS\Temp\win1B3.tmp - Deleted
C:\WINDOWS\Temp\win1B4.tmp - Deleted
C:\WINDOWS\Temp\win1B5.tmp - Deleted
C:\WINDOWS\Temp\win1B6.tmp - Deleted
C:\WINDOWS\Temp\win1B7.tmp - Deleted
C:\WINDOWS\Temp\win1B8.tmp - Deleted
C:\WINDOWS\Temp\win1B9.tmp - Deleted
C:\WINDOWS\Temp\win1BA.tmp - Deleted
C:\WINDOWS\Temp\win1BB.tmp - Deleted
C:\WINDOWS\Temp\win1BC.tmp - Deleted
C:\WINDOWS\Temp\win1BD.tmp - Deleted
C:\WINDOWS\Temp\win1BE.tmp - Deleted
C:\WINDOWS\Temp\win1BF.tmp - Deleted
C:\WINDOWS\Temp\win1C.tmp - Deleted
C:\WINDOWS\Temp\win1C0.tmp - Deleted
C:\WINDOWS\Temp\win1C1.tmp - Deleted
C:\WINDOWS\Temp\win1C2.tmp - Deleted
C:\WINDOWS\Temp\win1C3.tmp - Deleted
C:\WINDOWS\Temp\win1C4.tmp - Deleted
C:\WINDOWS\Temp\win1C5.tmp - Deleted
C:\WINDOWS\Temp\win1C6.tmp - Deleted
C:\WINDOWS\Temp\win1C7.tmp - Deleted
C:\WINDOWS\Temp\win1C8.tmp - Deleted
C:\WINDOWS\Temp\win1C9.tmp - Deleted
C:\WINDOWS\Temp\win1CA.tmp - Deleted
C:\WINDOWS\Temp\win1CB.tmp - Deleted
C:\WINDOWS\Temp\win1CC.tmp - Deleted
C:\WINDOWS\Temp\win1CD.tmp - Deleted
C:\WINDOWS\Temp\win1CE.tmp - Deleted
C:\WINDOWS\Temp\win1CF.tmp - Deleted
C:\WINDOWS\Temp\win1D.tmp - Deleted
C:\WINDOWS\Temp\win1D0.tmp - Deleted
C:\WINDOWS\Temp\win1D1.tmp - Deleted
C:\WINDOWS\Temp\win1D2.tmp - Deleted
C:\WINDOWS\Temp\win1D3.tmp - Deleted
C:\WINDOWS\Temp\win1D4.tmp - Deleted
C:\WINDOWS\Temp\win1D5.tmp - Deleted
C:\WINDOWS\Temp\win1D6.tmp - Deleted
C:\WINDOWS\Temp\win1D7.tmp - Deleted
C:\WINDOWS\Temp\win1D8.tmp - Deleted
C:\WINDOWS\Temp\win1D9.tmp - Deleted
C:\WINDOWS\Temp\win1DA.tmp - Deleted
C:\WINDOWS\Temp\win1DB.tmp - Deleted
C:\WINDOWS\Temp\win1DC.tmp - Deleted
C:\WINDOWS\Temp\win1DD.tmp - Deleted
C:\WINDOWS\Temp\win1DE.tmp - Deleted
C:\WINDOWS\Temp\win1DF.tmp - Deleted
C:\WINDOWS\Temp\win1E.tmp - Deleted
C:\WINDOWS\Temp\win1E0.tmp - Deleted
C:\WINDOWS\Temp\win1E1.tmp - Deleted
C:\WINDOWS\Temp\win1E2.tmp - Deleted
C:\WINDOWS\Temp\win1E3.tmp - Deleted
C:\WINDOWS\Temp\win1E4.tmp - Deleted
C:\WINDOWS\Temp\win1E5.tmp - Deleted
C:\WINDOWS\Temp\win1E6.tmp - Deleted
C:\WINDOWS\Temp\win1E7.tmp - Deleted
C:\WINDOWS\Temp\win1E8.tmp - Deleted
C:\WINDOWS\Temp\win1E9.tmp - Deleted
C:\WINDOWS\Temp\win1EA.tmp - Deleted
C:\WINDOWS\Temp\win1EB.tmp - Deleted
C:\WINDOWS\Temp\win1EC.tmp - Deleted
C:\WINDOWS\Temp\win1ED.tmp - Deleted
C:\WINDOWS\Temp\win1EE.tmp - Deleted
C:\WINDOWS\Temp\win1EF.tmp - Deleted
C:\WINDOWS\Temp\win1F.tmp - Deleted
C:\WINDOWS\Temp\win1F0.tmp - Deleted
C:\WINDOWS\Temp\win1F1.tmp - Deleted
C:\WINDOWS\Temp\win1F2.tmp - Deleted
C:\WINDOWS\Temp\win1F3.tmp - Deleted
C:\WINDOWS\Temp\win1F4.tmp - Deleted
C:\WINDOWS\Temp\win1F5.tmp - Deleted
C:\WINDOWS\Temp\win1F6.tmp - Deleted
C:\WINDOWS\Temp\win1F7.tmp - Deleted
C:\WINDOWS\Temp\win1F8.tmp - Deleted
C:\WINDOWS\Temp\win1F9.tmp - Deleted
C:\WINDOWS\Temp\win1FA.tmp - Deleted
C:\WINDOWS\Temp\win1FB.tmp - Deleted
C:\WINDOWS\Temp\win1FC.tmp - Deleted
C:\WINDOWS\Temp\win1FD.tmp - Deleted
C:\WINDOWS\Temp\win1FE.tmp - Deleted
C:\WINDOWS\Temp\win1FF.tmp - Deleted
C:\WINDOWS\Temp\win2.tmp - Deleted
C:\WINDOWS\Temp\win20.tmp - Deleted
C:\WINDOWS\Temp\win200.tmp - Deleted
C:\WINDOWS\Temp\win201.tmp - Deleted
C:\WINDOWS\Temp\win202.tmp - Deleted
C:\WINDOWS\Temp\win203.tmp - Deleted
C:\WINDOWS\Temp\win204.tmp - Deleted
C:\WINDOWS\Temp\win205.tmp - Deleted
C:\WINDOWS\Temp\win206.tmp - Deleted
C:\WINDOWS\Temp\win207.tmp - Deleted
C:\WINDOWS\Temp\win208.tmp - Deleted
C:\WINDOWS\Temp\win209.tmp - Deleted
C:\WINDOWS\Temp\win20A.tmp - Deleted
C:\WINDOWS\Temp\win20B.tmp - Deleted
C:\WINDOWS\Temp\win20C.tmp - Deleted
C:\WINDOWS\Temp\win20D.tmp - Deleted
C:\WINDOWS\Temp\win20E.tmp - Deleted
C:\WINDOWS\Temp\win20F.tmp - Deleted
C:\WINDOWS\Temp\win21.tmp - Deleted
C:\WINDOWS\Temp\win210.tmp - Deleted
C:\WINDOWS\Temp\win211.tmp - Deleted
C:\WINDOWS\Temp\win212.tmp - Deleted
C:\WINDOWS\Temp\win213.tmp - Deleted
C:\WINDOWS\Temp\win214.tmp - Deleted
C:\WINDOWS\Temp\win215.tmp - Deleted
C:\WINDOWS\Temp\win216.tmp - Deleted
C:\WINDOWS\Temp\win217.tmp - Deleted
C:\WINDOWS\Temp\win218.tmp - Deleted
C:\WINDOWS\Temp\win219.tmp - Deleted
C:\WINDOWS\Temp\win21A.tmp - Deleted
C:\WINDOWS\Temp\win21B.tmp - Deleted
C:\WINDOWS\Temp\win21C.tmp - Deleted
C:\WINDOWS\Temp\win21D.tmp - Deleted
C:\WINDOWS\Temp\win21E.tmp - Deleted
C:\WINDOWS\Temp\win21F.tmp - Deleted
C:\WINDOWS\Temp\win22.tmp - Deleted
C:\WINDOWS\Temp\win220.tmp - Deleted
C:\WINDOWS\Temp\win221.tmp - Deleted
C:\WINDOWS\Temp\win222.tmp - Deleted
C:\WINDOWS\Temp\win224.tmp - Deleted
C:\WINDOWS\Temp\win225.tmp - Deleted
C:\WINDOWS\Temp\win226.tmp - Deleted
C:\WINDOWS\Temp\win227.tmp - Deleted
C:\WINDOWS\Temp\win228.tmp - Deleted
C:\WINDOWS\Temp\win22D.tmp - Deleted
C:\WINDOWS\Temp\win22F.tmp - Deleted
C:\WINDOWS\Temp\win23.tmp - Deleted
C:\WINDOWS\Temp\win230.tmp - Deleted
C:\WINDOWS\Temp\win232.tmp - Deleted
C:\WINDOWS\Temp\win234.tmp - Deleted
C:\WINDOWS\Temp\win23D.tmp - Deleted
C:\WINDOWS\Temp\win24.tmp - Deleted
C:\WINDOWS\Temp\win25.tmp - Deleted
C:\WINDOWS\Temp\win26.tmp - Deleted
C:\WINDOWS\Temp\win27.tmp - Deleted
C:\WINDOWS\Temp\win28.tmp - Deleted
C:\WINDOWS\Temp\win288.tmp - Deleted
C:\WINDOWS\Temp\win29.tmp - Deleted
C:\WINDOWS\Temp\win2A.tmp - Deleted
C:\WINDOWS\Temp\win2A9.tmp - Deleted
C:\WINDOWS\Temp\win2B.tmp - Deleted
C:\WINDOWS\Temp\win2C.tmp - Deleted
C:\WINDOWS\Temp\win2D.tmp - Deleted
C:\WINDOWS\Temp\win2D6.tmp - Deleted
C:\WINDOWS\Temp\win2E.tmp - Deleted
C:\WINDOWS\Temp\win2F.tmp - Deleted
C:\WINDOWS\Temp\win3.tmp - Deleted
C:\WINDOWS\Temp\win30.tmp - Deleted
C:\WINDOWS\Temp\win31.tmp - Deleted
C:\WINDOWS\Temp\win32.tmp - Deleted
C:\WINDOWS\Temp\win33.tmp - Deleted
C:\WINDOWS\Temp\win34.tmp - Deleted
C:\WINDOWS\Temp\win35.tmp - Deleted
C:\WINDOWS\Temp\win36.tmp - Deleted
C:\WINDOWS\Temp\win37.tmp - Deleted
C:\WINDOWS\Temp\win38.tmp - Deleted
C:\WINDOWS\Temp\win39.tmp - Deleted
C:\WINDOWS\Temp\win3A.tmp - Deleted
C:\WINDOWS\Temp\win3B.tmp - Deleted
C:\WINDOWS\Temp\win3C.tmp - Deleted
C:\WINDOWS\Temp\win3D.tmp - Deleted
C:\WINDOWS\Temp\win3E.tmp - Deleted
C:\WINDOWS\Temp\win3F.tmp - Deleted
C:\WINDOWS\Temp\win4.tmp - Deleted
C:\WINDOWS\Temp\win40.tmp - Deleted
C:\WINDOWS\Temp\win41.tmp - Deleted
C:\WINDOWS\Temp\win42.tmp - Deleted
C:\WINDOWS\Temp\win43.tmp - Deleted
C:\WINDOWS\Temp\win44.tmp - Deleted
C:\WINDOWS\Temp\win44B.tmp - Deleted
C:\WINDOWS\Temp\win45.tmp - Deleted
C:\WINDOWS\Temp\win459.tmp - Deleted
C:\WINDOWS\Temp\win45E.tmp - Deleted
C:\WINDOWS\Temp\win46.tmp - Deleted
C:\WINDOWS\Temp\win463.tmp - Deleted
C:\WINDOWS\Temp\win464.tmp - Deleted
C:\WINDOWS\Temp\win465.tmp - Deleted
C:\WINDOWS\Temp\win466.tmp - Deleted
C:\WINDOWS\Temp\win46C.tmp - Deleted
C:\WINDOWS\Temp\win46D.tmp - Deleted
C:\WINDOWS\Temp\win46E.tmp - Deleted
C:\WINDOWS\Temp\win46F.tmp - Deleted
C:\WINDOWS\Temp\win47.tmp - Deleted
C:\WINDOWS\Temp\win470.tmp - Deleted
C:\WINDOWS\Temp\win471.tmp - Deleted
C:\WINDOWS\Temp\win472.tmp - Deleted
C:\WINDOWS\Temp\win473.tmp - Deleted
C:\WINDOWS\Temp\win475.tmp - Deleted
C:\WINDOWS\Temp\win476.tmp - Deleted
C:\WINDOWS\Temp\win477.tmp - Deleted
C:\WINDOWS\Temp\win478.tmp - Deleted
C:\WINDOWS\Temp\win479.tmp - Deleted
C:\WINDOWS\Temp\win47A.tmp - Deleted
C:\WINDOWS\Temp\win47B.tmp - Deleted
C:\WINDOWS\Temp\win47C.tmp - Deleted
C:\WINDOWS\Temp\win48.tmp - Deleted
C:\WINDOWS\Temp\win49.tmp - Deleted
C:\WINDOWS\Temp\win4A.tmp - Deleted
C:\WINDOWS\Temp\win4A9.tmp - Deleted
C:\WINDOWS\Temp\win4AA.tmp - Deleted
C:\WINDOWS\Temp\win4AB.tmp - Deleted
C:\WINDOWS\Temp\win4AC.tmp - Deleted
C:\WINDOWS\Temp\win4AD.tmp - Deleted
C:\WINDOWS\Temp\win4AE.tmp - Deleted
C:\WINDOWS\Temp\win4AF.tmp - Deleted
C:\WINDOWS\Temp\win4B.tmp - Deleted
C:\WINDOWS\Temp\win4B0.tmp - Deleted
C:\WINDOWS\Temp\win4B2.tmp - Deleted
C:\WINDOWS\Temp\win4B3.tmp - Deleted
C:\WINDOWS\Temp\win4B4.tmp - Deleted
C:\WINDOWS\Temp\win4B5.tmp - Deleted
C:\WINDOWS\Temp\win4C.tmp - Deleted
C:\WINDOWS\Temp\win4C9.tmp - Deleted
C:\WINDOWS\Temp\win4CA.tmp - Deleted
C:\WINDOWS\Temp\win4CB.tmp - Deleted
C:\WINDOWS\Temp\win4CC.tmp - Deleted
C:\WINDOWS\Temp\win4CD.tmp - Deleted
C:\WINDOWS\Temp\win4CF.tmp - Deleted
C:\WINDOWS\Temp\win4D.tmp - Deleted
C:\WINDOWS\Temp\win4D0.tmp - Deleted
C:\WINDOWS\Temp\win4D1.tmp - Deleted
C:\WINDOWS\Temp\win4D2.tmp - Deleted
C:\WINDOWS\Temp\win4D3.tmp - Deleted
C:\WINDOWS\Temp\win4D7.tmp - Deleted
C:\WINDOWS\Temp\win4D8.tmp - Deleted
C:\WINDOWS\Temp\win4D9.tmp - Deleted
C:\WINDOWS\Temp\win4DA.tmp - Deleted
C:\WINDOWS\Temp\win4DF.tmp - Deleted
C:\WINDOWS\Temp\win4E.tmp - Deleted
C:\WINDOWS\Temp\win4E0.tmp - Deleted
C:\WINDOWS\Temp\win4E1.tmp - Deleted
C:\WINDOWS\Temp\win4E2.tmp - Deleted
C:\WINDOWS\Temp\win4E3.tmp - Deleted
C:\WINDOWS\Temp\win4ED.tmp - Deleted
C:\WINDOWS\Temp\win4EE.tmp - Deleted
C:\WINDOWS\Temp\win4EF.tmp - Deleted
C:\WINDOWS\Temp\win4F.tmp - Deleted
C:\WINDOWS\Temp\win4F0.tmp - Deleted
C:\WINDOWS\Temp\win4F8.tmp - Deleted
C:\WINDOWS\Temp\win4F9.tmp - Deleted
C:\WINDOWS\Temp\win4FA.tmp - Deleted
C:\WINDOWS\Temp\win4FB.tmp - Deleted
C:\WINDOWS\Temp\win4FF.tmp - Deleted
C:\WINDOWS\Temp\win5.tmp - Deleted
C:\WINDOWS\Temp\win50.tmp - Deleted
C:\WINDOWS\Temp\win500.tmp - Deleted
C:\WINDOWS\Temp\win501.tmp - Deleted
C:\WINDOWS\Temp\win502.tmp - Deleted
C:\WINDOWS\Temp\win505.tmp - Deleted
C:\WINDOWS\Temp\win506.tmp - Deleted
C:\WINDOWS\Temp\win507.tmp - Deleted
C:\WINDOWS\Temp\win508.tmp - Deleted
C:\WINDOWS\Temp\win509.tmp - Deleted
C:\WINDOWS\Temp\win50A.tmp - Deleted
C:\WINDOWS\Temp\win50B.tmp - Deleted
C:\WINDOWS\Temp\win50C.tmp - Deleted
C:\WINDOWS\Temp\win51.tmp - Deleted
C:\WINDOWS\Temp\win512.tmp - Deleted
C:\WINDOWS\Temp\win513.tmp - Deleted
C:\WINDOWS\Temp\win514.tmp - Deleted
C:\WINDOWS\Temp\win515.tmp - Deleted
C:\WINDOWS\Temp\win51E.tmp - Deleted
C:\WINDOWS\Temp\win51F.tmp - Deleted
C:\WINDOWS\Temp\win52.tmp - Deleted
C:\WINDOWS\Temp\win520.tmp - Deleted
C:\WINDOWS\Temp\win521.tmp - Deleted
C:\WINDOWS\Temp\win524.tmp - Deleted
C:\WINDOWS\Temp\win525.tmp - Deleted
C:\WINDOWS\Temp\win526.tmp - Deleted
C:\WINDOWS\Temp\win527.tmp - Deleted
C:\WINDOWS\Temp\win53.tmp - Deleted
C:\WINDOWS\Temp\win54.tmp - Deleted
C:\WINDOWS\Temp\win55.tmp - Deleted
C:\WINDOWS\Temp\win558.tmp - Deleted
C:\WINDOWS\Temp\win56.tmp - Deleted
C:\WINDOWS\Temp\win57.tmp - Deleted
C:\WINDOWS\Temp\win58.tmp - Deleted
C:\WINDOWS\Temp\win59.tmp - Deleted
C:\WINDOWS\Temp\win598.tmp - Deleted
C:\WINDOWS\Temp\win599.tmp - Deleted
C:\WINDOWS\Temp\win59A.tmp - Deleted
C:\WINDOWS\Temp\win59B.tmp - Deleted
C:\WINDOWS\Temp\win5A.tmp - Deleted
C:\WINDOWS\Temp\win5A6.tmp - Deleted
C:\WINDOWS\Temp\win5A7.tmp - Deleted
C:\WINDOWS\Temp\win5A8.tmp - Deleted
C:\WINDOWS\Temp\win5A9.tmp - Deleted
C:\WINDOWS\Temp\win5AB.tmp - Deleted
C:\WINDOWS\Temp\win5AC.tmp - Deleted
C:\WINDOWS\Temp\win5AD.tmp - Deleted
C:\WINDOWS\Temp\win5AE.tmp - Deleted
C:\WINDOWS\Temp\win5AF.tmp - Deleted
C:\WINDOWS\Temp\win5B.tmp - Deleted
C:\WINDOWS\Temp\win5C.tmp - Deleted
C:\WINDOWS\Temp\win5CF.tmp - Deleted
C:\WINDOWS\Temp\win5D.tmp - Deleted
C:\WINDOWS\Temp\win5D0.tmp - Deleted
C:\WINDOWS\Temp\win5D1.tmp - Deleted
C:\WINDOWS\Temp\win5D2.tmp - Deleted
C:\WINDOWS\Temp\win5D3.tmp - Deleted
C:\WINDOWS\Temp\win5D4.tmp - Deleted
C:\WINDOWS\Temp\win5D5.tmp - Deleted
C:\WINDOWS\Temp\win5D6.tmp - Deleted
C:\WINDOWS\Temp\win5D7.tmp - Deleted
C:\WINDOWS\Temp\win5E.tmp - Deleted
C:\WINDOWS\Temp\win5E0.tmp - Deleted
C:\WINDOWS\Temp\win5E5.tmp - Deleted
C:\WINDOWS\Temp\win5F.tmp - Deleted
C:\WINDOWS\Temp\win6.tmp - Deleted
C:\WINDOWS\Temp\win60.tmp - Deleted
C:\WINDOWS\Temp\win61.tmp - Deleted
C:\WINDOWS\Temp\win62.tmp - Deleted
C:\WINDOWS\Temp\win63.tmp - Deleted
C:\WINDOWS\Temp\win64.tmp - Deleted
C:\WINDOWS\Temp\win65.tmp - Deleted
C:\WINDOWS\Temp\win66.tmp - Deleted
C:\WINDOWS\Temp\win67.tmp - Deleted
C:\WINDOWS\Temp\win68.tmp - Deleted
C:\WINDOWS\Temp\win69.tmp - Deleted
C:\WINDOWS\Temp\win6A.tmp - Deleted
C:\WINDOWS\Temp\win6B.tmp - Deleted
C:\WINDOWS\Temp\win6C.tmp - Deleted
C:\WINDOWS\Temp\win6D.tmp - Deleted
C:\WINDOWS\Temp\win6E.tmp - Deleted
C:\WINDOWS\Temp\win6F.tmp - Deleted
C:\WINDOWS\Temp\win7.tmp - Deleted
C:\WINDOWS\Temp\win70.tmp - Deleted
C:\WINDOWS\Temp\win71.tmp - Deleted
C:\WINDOWS\Temp\win72.tmp - Deleted
C:\WINDOWS\Temp\win73.tmp - Deleted
C:\WINDOWS\Temp\win74.tmp - Deleted
C:\WINDOWS\Temp\win75.tmp - Deleted
C:\WINDOWS\Temp\win76.tmp - Deleted
C:\WINDOWS\Temp\win77.tmp - Deleted
C:\WINDOWS\Temp\win78.tmp - Deleted
C:\WINDOWS\Temp\win79.tmp - Deleted
C:\WINDOWS\Temp\win7A.tmp - Deleted
C:\WINDOWS\Temp\win7B.tmp - Deleted
C:\WINDOWS\Temp\win7C.tmp - Deleted
C:\WINDOWS\Temp\win7D.tmp - Deleted
C:\WINDOWS\Temp\win7E.tmp - Deleted
C:\WINDOWS\Temp\win7F.tmp - Deleted
C:\WINDOWS\Temp\win8.tmp - Deleted
C:\WINDOWS\Temp\win80.tmp - Deleted
C:\WINDOWS\Temp\win81.tmp - Deleted
C:\WINDOWS\Temp\win82.tmp - Deleted
C:\WINDOWS\Temp\win83.tmp - Deleted
C:\WINDOWS\Temp\win84.tmp - Deleted
C:\WINDOWS\Temp\win85.tmp - Deleted
C:\WINDOWS\Temp\win86.tmp - Deleted
C:\WINDOWS\Temp\win87.tmp - Deleted
C:\WINDOWS\Temp\win88.tmp - Deleted
C:\WINDOWS\Temp\win89.tmp - Deleted
C:\WINDOWS\Temp\win8A.tmp - Deleted
C:\WINDOWS\Temp\win8B.tmp - Deleted
C:\WINDOWS\Temp\win8C.tmp - Deleted
C:\WINDOWS\Temp\win8D.tmp - Deleted
C:\WINDOWS\Temp\win8E.tmp - Deleted
C:\WINDOWS\Temp\win8F.tmp - Deleted
C:\WINDOWS\Temp\win9.tmp - Deleted
C:\WINDOWS\Temp\win90.tmp - Deleted
C:\WINDOWS\Temp\win91.tmp - Deleted
C:\WINDOWS\Temp\win92.tmp - Deleted
C:\WINDOWS\Temp\win93.tmp - Deleted
C:\WINDOWS\Temp\win94.tmp - Deleted
C:\WINDOWS\Temp\win95.tmp - Deleted
C:\WINDOWS\Temp\win96.tmp - Deleted
C:\WINDOWS\Temp\win97.tmp - Deleted
C:\WINDOWS\Temp\win98.tmp - Deleted
C:\WINDOWS\Temp\win99.tmp - Deleted
C:\WINDOWS\Temp\win9A.tmp - Deleted
C:\WINDOWS\Temp\win9B.tmp - Deleted
C:\WINDOWS\Temp\win9C.tmp - Deleted
C:\WINDOWS\Temp\win9D.tmp - Deleted
C:\WINDOWS\Temp\win9E.tmp - Deleted
C:\WINDOWS\Temp\win9F.tmp - Deleted
C:\WINDOWS\Temp\winA.tmp - Deleted
C:\WINDOWS\Temp\winA0.tmp - Deleted
C:\WINDOWS\Temp\winA1.tmp - Deleted
C:\WINDOWS\Temp\winA2.tmp - Deleted
C:\WINDOWS\Temp\winA3.tmp - Deleted
C:\WINDOWS\Temp\winA4.tmp - Deleted
C:\WINDOWS\Temp\winA5.tmp - Deleted
C:\WINDOWS\Temp\winA6.tmp - Deleted
C:\WINDOWS\Temp\winA7.tmp - Deleted
C:\WINDOWS\Temp\winA8.tmp - Deleted
C:\WINDOWS\Temp\winA9.tmp - Deleted
C:\WINDOWS\Temp\winAA.tmp - Deleted
C:\WINDOWS\Temp\winAB.tmp - Deleted
C:\WINDOWS\Temp\winAC.tmp - Deleted
C:\WINDOWS\Temp\winAD.tmp - Deleted
C:\WINDOWS\Temp\winAE.tmp - Deleted
C:\WINDOWS\Temp\winAF.tmp - Deleted
C:\WINDOWS\Temp\winB.tmp - Deleted
C:\WINDOWS\Temp\winB0.tmp - Deleted
C:\WINDOWS\Temp\winB1.tmp - Deleted
C:\WINDOWS\Temp\winB2.tmp - Deleted
C:\WINDOWS\Temp\winB3.tmp - Deleted
C:\WINDOWS\Temp\winB4.tmp - Deleted
C:\WINDOWS\Temp\winB5.tmp - Deleted
C:\WINDOWS\Temp\winB6.tmp - Deleted
C:\WINDOWS\Temp\winB7.tmp - Deleted
C:\WINDOWS\Temp\winB8.tmp - Deleted
C:\WINDOWS\Temp\winB9.tmp - Deleted
C:\WINDOWS\Temp\winBA.tmp - Deleted
C:\WINDOWS\Temp\winBB.tmp - Deleted
C:\WINDOWS\Temp\winBC.tmp - Deleted
C:\WINDOWS\Temp\winBD.tmp - Deleted
C:\WINDOWS\Temp\winBE.tmp - Deleted
C:\WINDOWS\Temp\winBF.tmp - Deleted
C:\WINDOWS\Temp\winC.tmp - Deleted
C:\WINDOWS\Temp\winC0.tmp - Deleted
C:\WINDOWS\Temp\winC1.tmp - Deleted
C:\WINDOWS\Temp\winC2.tmp - Deleted
C:\WINDOWS\Temp\winC3.tmp - Deleted
C:\WINDOWS\Temp\winC4.tmp - Deleted
C:\WINDOWS\Temp\winC5.tmp - Deleted
C:\WINDOWS\Temp\winC6.tmp - Deleted
C:\WINDOWS\Temp\winC7.tmp - Deleted
C:\WINDOWS\Temp\winC8.tmp - Deleted
C:\WINDOWS\Temp\winC9.tmp - Deleted
C:\WINDOWS\Temp\winCA.tmp - Deleted
C:\WINDOWS\Temp\winCB.tmp - Deleted
C:\WINDOWS\Temp\winCC.tmp - Deleted
C:\WINDOWS\Temp\winCD.tmp - Deleted
C:\WINDOWS\Temp\winCE.tmp - Deleted
C:\WINDOWS\Temp\winCF.tmp - Deleted
C:\WINDOWS\Temp\winD.tmp - Deleted
C:\WINDOWS\Temp\winD0.tmp - Deleted
C:\WINDOWS\Temp\winD1.tmp - Deleted
C:\WINDOWS\Temp\winD2.tmp - Deleted
C:\WINDOWS\Temp\winD3.tmp - Deleted
C:\WINDOWS\Temp\winD4.tmp - Deleted
C:\WINDOWS\Temp\winD5.tmp - Deleted
C:\WINDOWS\Temp\winD6.tmp - Deleted
C:\WINDOWS\Temp\winD7.tmp - Deleted
C:\WINDOWS\Temp\winD8.tmp - Deleted
C:\WINDOWS\Temp\winD9.tmp - Deleted
C:\WINDOWS\Temp\winDA.tmp - Deleted
C:\WINDOWS\Temp\winDB.tmp - Deleted
C:\WINDOWS\Temp\winDC.tmp - Deleted
C:\WINDOWS\Temp\winDD.tmp - Deleted
C:\WINDOWS\Temp\winDE.tmp - Deleted
C:\WINDOWS\Temp\winDF.tmp - Deleted
C:\WINDOWS\Temp\winE.tmp - Deleted
C:\WINDOWS\Temp\winE0.tmp - Deleted
C:\WINDOWS\Temp\winE1.tmp - Deleted
C:\WINDOWS\Temp\winE2.tmp - Deleted
C:\WINDOWS\Temp\winE3.tmp - Deleted
C:\WINDOWS\Temp\winE4.tmp - Deleted
C:\WINDOWS\Temp\winE5.tmp - Deleted
C:\WINDOWS\Temp\winE6.tmp - Deleted
C:\WINDOWS\Temp\winE7.tmp - Deleted
C:\WINDOWS\Temp\winE8.tmp - Deleted
C:\WINDOWS\Temp\winE9.tmp - Deleted
C:\WINDOWS\Temp\winEA.tmp - Deleted
C:\WINDOWS\Temp\winEB.tmp - Deleted
C:\WINDOWS\Temp\winEC.tmp - Deleted
C:\WINDOWS\Temp\winED.tmp - Deleted
C:\WINDOWS\Temp\winEE.tmp - Deleted
C:\WINDOWS\Temp\winEF.tmp - Deleted
C:\WINDOWS\Temp\winF.tmp - Deleted
C:\WINDOWS\Temp\winF0.tmp - Deleted
C:\WINDOWS\Temp\winF1.tmp - Deleted
C:\WINDOWS\Temp\winF2.tmp - Deleted
C:\WINDOWS\Temp\winF3.tmp - Deleted
C:\WINDOWS\Temp\winF4.tmp - Deleted
C:\WINDOWS\Temp\winF5.tmp - Deleted
C:\WINDOWS\Temp\winF6.tmp - Deleted
C:\WINDOWS\Temp\winF7.tmp - Deleted
C:\WINDOWS\Temp\winF8.tmp - Deleted
C:\WINDOWS\Temp\winF9.tmp - Deleted
C:\WINDOWS\Temp\winFA.tmp - Deleted
C:\WINDOWS\Temp\winFB.tmp - Deleted
C:\WINDOWS\Temp\winFC.tmp - Deleted
C:\WINDOWS\Temp\winFD.tmp - Deleted
C:\WINDOWS\Temp\winFE.tmp - Deleted
C:\WINDOWS\Temp\winFF.tmp - Deleted

Alternate Streams Check:

C:\WINDOWS\system32
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp"="C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\\Valve\\Steam\\SteamApps\\m0rpheus974\\counter-strike source\\hl2.exe"="C:\\Valve\\Steam\\SteamApps\\m0rpheus974\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Valve\\Steam\\SteamApps\\m0rpheus974\\half-life 2 deathmatch\\hl2.exe"="C:\\Valve\\Steam\\SteamApps\\m0rpheus974\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\LTCDA Pro\\ltcda.exe"="C:\\Program Files\\LTCDA Pro\\ltcda.exe:*:Enabled:Compteur pour Cyber-cafés"
"C:\\Program Files\\Rockstar Games\\GTA Vice City\\Myk\\Plus\\Downalds\\WoW-1.9.4-frFR-Installer-downloader.exe"="C:\\Program Files\\Rockstar Games\\GTA Vice City\\Myk\\Plus\\Downalds\\WoW-1.9.4-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Controle Parental\\bin\\optproxy.exe"="C:\\Program Files\\Controle Parental\\bin\\optproxy.exe:*:Enabled:Contrôle Parental"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"="C:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe:*:Enabled:Gigaget"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes :

C:\NTDETECT.COM
C:\Documents and Settings\Myk\Local Settings\Application Data\Microsoft\Messenger\m0rpheus974@hotmail.fr\Sharing Folders\aurore-boreale@hotmail.com\Thumbs.db
C:\Documents and Settings\Propri‚taire\Local Settings\Application Data\Microsoft\Messenger\myk_the_killer974@hotmail.fr\Sharing Folders\babylovedu974@hotmail.com\Thumbs.db
C:\WINDOWS\system32\awtssst.dll
C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\wxmmin.dll
C:\Program Files\RamBoost XP\StopRam.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\Documents and Settings\Myk\Local Settings\Temp\~17.tmp
C:\Documents and Settings\Myk\Local Settings\Temp\~19.tmp
C:\Documents and Settings\Myk\Local Settings\Temp\~B.tmp
C:\Documents and Settings\Myk\Local Settings\Temp\~C.tmp
C:\Documents and Settings\Propri‚taire\Application Data\Microsoft\Word\~WRL0004.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~19.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~28.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~5.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~6.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~7.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~8.tmp
C:\Documents and Settings\Propri‚taire\Local Settings\Temp\~B.tmp
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\f8da354fef804e89ae2e375e9026fb3b\BIT9.tmp
C:\WINDOWS\system32\bbeeg.tmp
C:\WINDOWS\system32\yccdd.tmp

Finished

m0rpheus97 4

Profil : IDNaute

Plus d'informations

25-01-2007 à 16:45:49

Masquer

... Voila mon rapport VundoFix :
(mais je crois quil manque une suite)

VundoFix V6.3.2

Checking Java version...

Sun Java not detected
Scan started at 19:30:49 25/01/2007

Listing files found while scanning....

C:\WINDOWS\system32\awtssst.dll
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\bbeeg.ini
C:\WINDOWS\system32\bbeeg.ini2
C:\WINDOWS\system32\bbeeg.tmp
C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yccdd.bak2
C:\WINDOWS\system32\yccdd.ini
C:\WINDOWS\system32\yccdd.ini2
C:\WINDOWS\system32\yccdd.tmp

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awtssst.dll
C:\WINDOWS\system32\awtssst.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\bbeeg.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\bbeeg.ini
C:\WINDOWS\system32\bbeeg.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\bbeeg.ini2
C:\WINDOWS\system32\bbeeg.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\bbeeg.tmp
C:\WINDOWS\system32\bbeeg.tmp Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\ddccy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yccdd.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yccdd.bak2
C:\WINDOWS\system32\yccdd.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yccdd.ini
C:\WINDOWS\system32\yccdd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\yccdd.ini2
C:\WINDOWS\system32\yccdd.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yccdd.tmp
C:\WINDOWS\system32\yccdd.tmp Has been deleted!

Performing Repairs to the registry.
Done!

m0rpheus97 4

Profil : IDNaute

Plus d'informations

25-01-2007 à 16:46:51

Masquer

Et voila mon rapport ComboFix :
(pour la suite je ne sais pas quoi faire ...)

"Myk" - 07-01-25 19:49:20 Service Pack 2
ComboFix 07-01-25 - Running from: "C:\Program Files\Rockstar Games\GTA Vice City\Myk\Plus\Downalds"

((((((((((((((((((((((((((((((( Files Created from 2006-12-25 to 2007-01-25 ))))))))))))))))))))))))))))))))))

2007-01-25 19:30 <REP> d-------- C:\VundoFix Backups
2007-01-25 18:51 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-01-25 18:51 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-01-25 18:51 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-01-25 18:51 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-01-25 18:51 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-01-25 18:51 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
2007-01-25 18:51 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-01-25 18:42 <REP> d-------- C:\SDFix
2007-01-25 18:02 <REP> d-------- C:\Program Files\uTorrent
2007-01-25 18:02 <REP> d-------- C:\DOCUME~1\Myk\Application Data\uTorrent
2007-01-24 22:39 <REP> d---s---- C:\Program Files\Xfire
2007-01-24 22:39 <REP> d-------- C:\DOCUME~1\Myk\Application Data\Xfire
2007-01-22 11:33 197,120 --a------ C:\WINDOWS\patchw32.dll
2007-01-22 11:33 <REP> d-------- C:\Program Files\Fichiers communs\PocketSoft
2007-01-21 12:13 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-01-21 12:09 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-01-20 19:00 <REP> d-------- C:\Program Files\GameShadow
2007-01-20 18:47 <REP> d-------- C:\Program Files\Eidos
2007-01-20 15:21 37,376 --a------ C:\WINDOWS\system32\udial.exe
2007-01-11 19:26 <REP> d-------- C:\Program Files\GStudio6
2007-01-11 18:56 <REP> d-------- C:\Program Files\Microsoft.NET
2007-01-11 18:56 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2007-01-11 18:56 <REP> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Microsoft Help
2007-01-11 18:43 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-01-11 18:16 <REP> d-------- C:\Program Files\Compil Games
2007-01-09 13:35 <REP> d-------- C:\DOCUME~1\LOCALS~1\Application Data\MEGAUPLOADTOOLBAR
2007-01-07 19:30 <REP> d-------- C:\DOCUME~1\Myk\Application Data\dvdcss
2007-01-05 20:41 <REP> d-------- C:\Program Files\Copie de VirtualDJ
2007-01-05 20:35 <REP> d-------- C:\DOCUME~1\PROPRI~1\Application Data\MegauploadToolbar
2007-01-05 15:11 <REP> d-------- C:\Program Files\Controle Parental
2007-01-05 15:07 126,976 --a------ C:\WINDOWS\system32\coclassfast.dll
2007-01-05 15:07 <REP> d-------- C:\Program Files\SAGEM
2007-01-04 12:52 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2007-01-04 12:51 <REP> d-------- C:\WINDOWS\network diagnostic
2006-12-31 23:05 9 --ah----- C:\WINDOWS\system32\wxmmin.dll
2006-12-31 23:04 <REP> d-------- C:\Program Files\VirtualDJ
2006-12-31 20:05 <REP> d-------- C:\Program Files\DJ Mix Pro
2006-12-27 12:53 <REP> d-------- C:\Ubisoft
2006-12-25 11:29 <REP> d-------- C:\Program Files\Ubisoft

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-01-25 18:36 9879 --ahs---- C:\WINDOWS\system32\kgygaavl.sys
2007-01-25 18:02 -------- d-------- C:\Program Files\Fichiers communs\symantec shared
2007-01-25 12:02 -------- d--h----- C:\Program Files\installshield installation information
2007-01-24 22:35 -------- d-------- C:\Program Files\gamespy arcade
2007-01-24 22:17 -------- d-------- C:\Program Files\wanadoo
2007-01-22 18:31 -------- d-------- C:\Program Files\pimpfish
2007-01-22 11:27 -------- d-------- C:\Program Files\atari
2007-01-21 13:31 -------- d-------- C:\Program Files\symantec
2007-01-21 13:00 -------- d-------- C:\Program Files\messenger
2007-01-21 12:53 -------- d-------- C:\Program Files\google
2007-01-21 12:20 -------- d-------- C:\DOCUME~1\Myk\Application Data\symantec
2007-01-20 19:00 98304 --a------ C:\WINDOWS\system32\cmdlineext.dll
2007-01-18 22:04 -------- d-------- C:\Program Files\ramboost xp
2007-01-17 16:02 -------- d-------- C:\DOCUME~1\Myk\Application Data\hamachi
2007-01-11 19:42 -------- d-------- C:\Program Files\ea sports
2007-01-11 19:08 -------- d---s---- C:\DOCUME~1\Myk\Application Data\microsoft
2007-01-09 20:16 -------- d-------- C:\Program Files\warcraft iii
2007-01-09 12:23 -------- d-------- C:\Program Files\quicktime
2007-01-07 18:36 -------- d-------- C:\Program Files\wc3banlist
2007-01-05 15:01 -------- d-------- C:\Program Files\controle parental 2 not use
2006-12-25 13:13 -------- d-------- C:\Program Files\ea games
2006-12-24 13:45 -------- d-------- C:\Program Files\winpcap
2006-12-15 07:57 -------- d-------- C:\Program Files\daemon tools
2006-12-15 07:53 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-12-14 19:15 2829 --a------ C:\WINDOWS\war3unin.pif
2006-12-14 19:15 139264 --a------ C:\WINDOWS\war3unin.exe
2006-12-13 19:50 -------- d-------- C:\Program Files\newdotnet
2006-12-08 15:08 -------- d-------- C:\Program Files\messenger plus! live
2006-11-08 08:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-02 19:16 48824 --a------ C:\WINDOWS\system32\s32evnt1.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"nForce Tray Options"="sstray.exe /r"
"snpstd"="C:\\WINDOWS\\vsnpstd.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"EoEngine"=""
"EoSudoku"=""
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Bluetooth Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\Bluetooth Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Toshiba\\BLUETO~1\\TOSBTM~1.EXE "
"item"="Bluetooth Manager"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hp psc 1000 series.lnk"
"backup"="C:\\WINDOWS\\pss\\hp psc 1000 series.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpohmr08.exe "
"item"="hp psc 1000 series"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\hpoddt01.exe.lnk"
"backup"="C:\\WINDOWS\\pss\\hpoddt01.exe.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe "
"item"="hpoddt01.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\InterVideo WinCinema Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE "
"item"="InterVideo WinCinema Manager"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Picture Package Menu.lnk"
"backup"="C:\\WINDOWS\\pss\\Picture Package Menu.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\SONYCO~1\\PICTUR~1\\PICTUR~3\\SonyTray.exe "
"item"="Picture Package Menu"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Picture Package VCD Maker.lnk"
"backup"="C:\\WINDOWS\\pss\\Picture Package VCD Maker.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\SONYCO~1\\PICTUR~1\\PICTUR~1\\RESIDE~1.EXE -h"
"item"="Picture Package VCD Maker"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Myk^Menu Démarrer^Programmes^Démarrage^Registration Prince of Persia T2T.LNK]
"path"="C:\\Documents and Settings\\Myk\\Menu Démarrer\\Programmes\\Démarrage\\Registration Prince of Persia T2T.LNK"
"backup"="C:\\WINDOWS\\pss\\Registration Prince of Persia T2T.LNKStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\Ubisoft\\PRINCE~1\\Support\\Register\\REGIST~1.EXE -d 802968 -l french -r 7 -g Prince of Persia T2T -c fr -i 2430"
"item"="Registration Prince of Persia T2T"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTCDA_Pro]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ltcda"
"hkey"="HKLM"
"command"="C:\\Program Files\\LTCDA Pro\\ltcda.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RssReader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RssReader"
"hkey"="HKCU"
"command"="C:\\Program Files\\RssReader\\RssReader.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Valve\\Steam\\Steam.exe\" -silent"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="whSurvey"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\webHancer\\Programs\\whSurvey.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Shell"
"hkey"="HKCU"
"command"="C:\\PROGRA~1\\Wanadoo\\Shell.exe appLaunchClientZone.shl|PARAM= cnx"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Watch"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{B7BC5CCE-E6CE-43DB-B3E3-DA47DDDD4A5E}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geebb
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winjgf32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1087935391.job
C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Myk.job
C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - Propri‚taire.job

Completion time: 07-01-25 19:55:50

m0rpheus97 4

Profil : IDNaute

Plus d'informations

25-01-2007 à 16:54:17

Masquer

Ah si !!! Je sais quoi faire !!! Un petit rapport Hijackthis !!!

Logfile of HijackThis v1.99.1
Scan saved at 20:08:09, on 25/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Myk\Bureau\Bureau\hijackthis\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
O2 - BHO: (no name) - {317BFEF3-B0B4-435B-91B8-AE9E4361B89A} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B7BC5CCE-E6CE-43DB-B3E3-DA47DDDD4A5E} - C:\WINDOWS\system32\awtssst.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FC80FBC8-6B25-4278-B54D-910407409B5A} - C:\WINDOWS\system32\ddccy.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet3_88.dll' missing
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version8/Applet/wchatsign.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/p [...] nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (A

Messages similaires

Dans l'actualité

Nouvelle extension Firefox pirate

Trojan Remover 4.9.6

Windows Live Messenger diffuse une publicité dissimulant un malware

Les pires virus de 2007

Les téléchargements

Ressources relatives

Les derniers dossiers

Upgrader son portable en 9 leçons

Les logiciels indispensables après un formatage

Que choisir ? Home Cinema 5.1 ou projecteur de son ?

Test du Nokia N96 : la vie sans écran tactile