Infection Win32:Horst-DZ[Trj]
Lamalas
Messages postés
35
Statut
Membre
-
philae83 Messages postés 12854 Statut Contributeur sécurité -
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour à tous,
Voilà je suis (étais) infesté par Win32:Horst-DZ[Trj] d'après ce que me disais Avast.
Après recherche j'ai trouvé un message ici me donnant une solution.
(voir virus win32 horst dz trj#8 )
J'ai donc suivis la procédure du message n°8 de la page en question et voici les rapports :
SDFix :
Et voici Hijackthis :
Je voudrai donc savoir ce que vous en pensez et si mon problème est réglé (apparement oui mais j'aimerai en être sur)
Voilà je suis (étais) infesté par Win32:Horst-DZ[Trj] d'après ce que me disais Avast.
Après recherche j'ai trouvé un message ici me donnant une solution.
(voir virus win32 horst dz trj#8 )
J'ai donc suivis la procédure du message n°8 de la page en question et voici les rapports :
SDFix :
SDFix: Version 1.58
12/01/2007 - 18:28:38,20
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
Path:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting
Normal Mode:
Checking Files:
Files will be copied to Backups folder then removed:
C:\DOCUME~1\DarKent\LOCALS~1\Temp\5exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\70exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\10exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\52exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\17exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\66exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\52exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\87exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\31exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\97exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\75exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\56exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\89exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\26exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\38exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\38exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\19exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\8exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\8exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\93exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\21exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\74exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\62exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\60exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\97exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\28exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\13exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\85exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\98exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\81exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\78exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\55exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\46exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\69exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\33exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\14exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\25exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\35exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\71exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\16exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\79exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\47exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\91exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\73exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\49exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\16exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\44exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\22exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\39exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\9exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\95exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\94exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\22exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\59exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\35exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\65exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\53exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\95exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\1exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\12exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\37exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\88exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\15exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\48exssd32.a2.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\83exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\30exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\46exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\2exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\90exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\40exhdd.y.exe - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\modul32g.2.exe.conf - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\ssd32.a2.exe.conf - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\hdd.y.exe.conf - Deleted
C:\DOCUME~1\DarKent\LOCALS~1\Temp\autorun.inf - Deleted
Alternate Stream Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\IncrediMail\\bin\\ImLc.exe"="C:\\Program Files\\IncrediMail\\bin\\ImLc.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Mozilla Firefox\\FIREFOX.EXE"="C:\\Program Files\\Mozilla Firefox\\FIREFOX.EXE:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Listing Files with hidden attributes:
C:\NTDETECT.COM
C:\WINDOWS\system32\NTICDMK7.dll
C:\WINDOWS\system32\NTIMPEG2.dll
C:\WINDOWS\system32\NTIFCD3.dll
C:\WINDOWS\system32\NTIBUN4.dll
C:\WINDOWS\system32\NTIMP3.dll
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\pagefile.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\hiberfil.sys
Finished
Et voici Hijackthis :
Logfile of HijackThis v1.99.1 Scan saved at 18:32:44, on 12/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\DarKent\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\tgtsoft\StyleXP\TGT_BHO.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O5 "LPT1:" /M "Stylus C42" O4 - HKLM\..\Run: [MOD] C:\Program Files\Microangelo\muamgr.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second O4 - HKLM\..\RunOnce: [SDFix] C:\SDFIX\RUNTHIS.BAT /second O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\tgtsoft\StyleXP\StyleXP.exe -Hide O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/ O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Je voudrai donc savoir ce que vous en pensez et si mon problème est réglé (apparement oui mais j'aimerai en être sur)
A voir également:
- Infection Win32:Horst-DZ[Trj]
- Trojan win32 - Forum Virus
- Puadimanager win32/offercore ✓ - Forum Virus
- Puabundler win32 rostpay ✓ - Forum Antivirus
- PUA:Win32/InstallCore detecté par windows sécurité ✓ - Forum Virus
- Win32 pup gen ✓ - Forum Linux / Unix
