A voir également:
- Virus MSN retour 2 !!!!!
- Msn - Télécharger - Messagerie
- Retour à la ligne excel - Guide
- Msn actu - Télécharger - Médias et Actualité
- Word numéro de page 1/2 - Guide
- 2 ecran pc - Guide
2 réponses
dou-l
Messages postés
2860
Date d'inscription
vendredi 29 février 2008
Statut
Membre
Dernière intervention
29 décembre 2012
61
24 mars 2008 à 13:57
24 mars 2008 à 13:57
salut,
2 foi ben dis donc
Pour ton problème télécharge sdfix:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Télécharge le sur le bureau
-
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
-Redémarre ton ordinateur
-Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
-A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
-Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
-Choisis ton compte.
-Déroule la liste des instructions ci-dessous :
-Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
-Appuie sur Y pour commencer le processus de nettoyage.
-Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
-Appuie sur une touche pour redémarrer le PC.
-Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
-Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
-Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
-Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
2 foi ben dis donc
Pour ton problème télécharge sdfix:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Télécharge le sur le bureau
-
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
-Redémarre ton ordinateur
-Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
-A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
-Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
-Choisis ton compte.
-Déroule la liste des instructions ci-dessous :
-Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
-Appuie sur Y pour commencer le processus de nettoyage.
-Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
-Appuie sur une touche pour redémarrer le PC.
-Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
-Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
-Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
-Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
dou-l
Messages postés
2860
Date d'inscription
vendredi 29 février 2008
Statut
Membre
Dernière intervention
29 décembre 2012
61
24 mars 2008 à 14:59
24 mars 2008 à 14:59
fait un rapport hijackthis:
ftp://ftp.commentcamarche.com/download/HJTInstall.exe
Fait un clic droit sur l'icone hijackthis.
/!\Renome hijackthis en skim.exe ( a le place de hijacktihs.exe) c'est important.
Après avoir fais ca double-clic dessus.
Clic sur Do a system scan and save the log
A la fin de l'analyse un rapport va etre générer colle le ici.
Une démo d'hijackthis :
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Tient moi au courant @ +.
ftp://ftp.commentcamarche.com/download/HJTInstall.exe
Fait un clic droit sur l'icone hijackthis.
/!\Renome hijackthis en skim.exe ( a le place de hijacktihs.exe) c'est important.
Après avoir fais ca double-clic dessus.
Clic sur Do a system scan and save the log
A la fin de l'analyse un rapport va etre générer colle le ici.
Une démo d'hijackthis :
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Tient moi au courant @ +.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:21, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sex.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [firewall settings] winshare.exe
O4 - HKLM\..\Run: [Microsoft Registry Service] wlmsngr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [Services Hoster] kavs.exe
O4 - HKLM\..\RunServices: [firewall settings] winshare.exe
O4 - HKLM\..\RunServices: [Microsoft Registry Service] wlmsngr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?54a97a60f98d4dc9ac3e4d7d86c245f9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?54a97a60f98d4dc9ac3e4d7d86c245f9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft DCOM - Unknown owner - C:\WINDOWS\winati.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Seagate Communication - Unknown owner - C:\WINDOWS\System32\dllcache\seagatecom.exe (file missing)
Scan saved at 15:04:21, on 24/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sex.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul1.dll
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [firewall settings] winshare.exe
O4 - HKLM\..\Run: [Microsoft Registry Service] wlmsngr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [Services Hoster] kavs.exe
O4 - HKLM\..\RunServices: [firewall settings] winshare.exe
O4 - HKLM\..\RunServices: [Microsoft Registry Service] wlmsngr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?54a97a60f98d4dc9ac3e4d7d86c245f9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?54a97a60f98d4dc9ac3e4d7d86c245f9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft DCOM - Unknown owner - C:\WINDOWS\winati.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Seagate Communication - Unknown owner - C:\WINDOWS\System32\dllcache\seagatecom.exe (file missing)
24 mars 2008 à 14:53
bonne lecture :
[b]SDFix: Version 1.160 [/b]
Run by remy on 24/03/2008 at 14:26
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Service xpdx - Deleted after Reboot
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\27031_~1.EXE - Deleted
C:\WINDOWS\SYSTEM32\27031_~2.EXE - Deleted
C:\WINDOWS\SYSTEM32\AGLDCC~1.EXE - Deleted
C:\WINDOWS\SYSTEM32\FTPUPD.EXE - Deleted
C:\WINDOWS\SYSTEM32\HMM.EXE - Deleted
C:\WINDOWS\SYSTEM32\KOLGYOES.EXE - Deleted
C:\WINDOWS\SYSTEM32\R.EXE - Deleted
C:\WINDOWS\SYSTEM32\REWXEJ~1.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINMGRS.EXE - Deleted
C:\WINDOWS\Temp\winF26.tmp.exe - Deleted
C:\WINDOWS\Temp\winF26.tmp.exe - Deleted
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe - Deleted
C:\WINDOWS\system32\r.exe - Deleted
C:\WINDOWS\system32\TFTP1100 - Deleted
C:\WINDOWS\system32\TFTP1216 - Deleted
C:\WINDOWS\system32\TFTP1256 - Deleted
C:\WINDOWS\system32\TFTP1304 - Deleted
C:\WINDOWS\system32\TFTP1368 - Deleted
C:\WINDOWS\system32\TFTP1476 - Deleted
C:\WINDOWS\system32\TFTP148 - Deleted
C:\WINDOWS\system32\TFTP1496 - Deleted
C:\WINDOWS\system32\TFTP1544 - Deleted
C:\WINDOWS\system32\TFTP1564 - Deleted
C:\WINDOWS\system32\TFTP1568 - Deleted
C:\WINDOWS\system32\TFTP1580 - Deleted
C:\WINDOWS\system32\TFTP1724 - Deleted
C:\WINDOWS\system32\TFTP188 - Deleted
C:\WINDOWS\system32\TFTP192 - Deleted
C:\WINDOWS\system32\TFTP1928 - Deleted
C:\WINDOWS\system32\TFTP1956 - Deleted
C:\WINDOWS\system32\TFTP2192 - Deleted
C:\WINDOWS\system32\TFTP220 - Deleted
C:\WINDOWS\system32\TFTP2240 - Deleted
C:\WINDOWS\system32\TFTP2380 - Deleted
C:\WINDOWS\system32\TFTP2384 - Deleted
C:\WINDOWS\system32\TFTP2420 - Deleted
C:\WINDOWS\system32\TFTP2424 - Deleted
C:\WINDOWS\system32\TFTP2544 - Deleted
C:\WINDOWS\system32\TFTP2580 - Deleted
C:\WINDOWS\system32\TFTP2600 - Deleted
C:\WINDOWS\system32\TFTP2632 - Deleted
C:\WINDOWS\system32\TFTP2708 - Deleted
C:\WINDOWS\system32\TFTP2724 - Deleted
C:\WINDOWS\system32\TFTP2772 - Deleted
C:\WINDOWS\system32\TFTP2776 - Deleted
C:\WINDOWS\system32\TFTP2804 - Deleted
C:\WINDOWS\system32\TFTP2852 - Deleted
C:\WINDOWS\system32\TFTP2936 - Deleted
C:\WINDOWS\system32\TFTP3056 - Deleted
C:\WINDOWS\system32\TFTP3152 - Deleted
C:\WINDOWS\system32\TFTP3156 - Deleted
C:\WINDOWS\system32\TFTP3212 - Deleted
C:\WINDOWS\system32\TFTP3396 - Deleted
C:\WINDOWS\system32\TFTP3404 - Deleted
C:\WINDOWS\system32\TFTP3432 - Deleted
C:\WINDOWS\system32\TFTP3480 - Deleted
C:\WINDOWS\system32\TFTP3540 - Deleted
C:\WINDOWS\system32\TFTP3560 - Deleted
C:\WINDOWS\system32\TFTP3644 - Deleted
C:\WINDOWS\system32\TFTP3664 - Deleted
C:\WINDOWS\system32\TFTP3708 - Deleted
C:\WINDOWS\system32\TFTP3716 - Deleted
C:\WINDOWS\system32\TFTP3728 - Deleted
C:\WINDOWS\system32\TFTP3772 - Deleted
C:\WINDOWS\system32\TFTP3804 - Deleted
C:\WINDOWS\system32\TFTP3820 - Deleted
C:\WINDOWS\system32\TFTP3840 - Deleted
C:\WINDOWS\system32\TFTP3884 - Deleted
C:\WINDOWS\system32\TFTP4056 - Deleted
C:\WINDOWS\system32\TFTP4060 - Deleted
C:\WINDOWS\system32\TFTP4064 - Deleted
C:\WINDOWS\system32\TFTP4092 - Deleted
C:\WINDOWS\system32\TFTP428 - Deleted
C:\WINDOWS\system32\TFTP488 - Deleted
C:\WINDOWS\system32\TFTP544 - Deleted
C:\WINDOWS\system32\TFTP712 - Deleted
C:\WINDOWS\system32\TFTP844 - Deleted
C:\WINDOWS\system32\TFTP916 - Deleted
C:\WINDOWS\system32\i - Deleted
C:\WINDOWS\system32\Tilecomgm.com - Deleted
C:\WINDOWS\system32\WinrarCO.com - Deleted
C:\WINDOWS\Temp\removalfile.bat - Deleted
C:\WINDOWS\system32\xpdx.sys - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-24 14:33:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\mrf.exe"="C:\\WINDOWS\\System32\\mrf.exe:*:Enabled:Mircosoft Remote Server"
"C:\\WINDOWS\\TEMP\\winF17.tmp.exe"="C:\\WINDOWS\\TEMP\\winF17.tmp.exe:*:Enabled:winF17.tmp"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\DOCUME~1\\remy\\LOCALS~1\\Temp\\toub‚‚œ'œ'%''msn'Š%'fix''.exe"="C:\\DOCUME~1\\remy\\LOCALS~1\\Temp\\toub‚‚œ'œ'%''msn'Š%'fix''.exe:*:Enabled:Flash Media"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Tue 16 Jan 2007 25,521,880 A..H. --- "C:\WINDOWS\avg75afwt_423a810.exe"
Wed 1 Aug 2007 518,656 A.SHR --- "C:\WINDOWS\winati.exe~"
Sun 18 Feb 2007 2,824 A..H. --- "C:\WINDOWS\system32\fdwaeh.exe"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Sun 18 Feb 2007 18,868 A..H. --- "C:\WINDOWS\system32\fznayfp.exe"
Thu 29 Aug 2002 581,632 ..SHR --- "C:\WINDOWS\system32\regsrvc.exe"
Sun 18 Feb 2007 22,016 A..H. --- "C:\WINDOWS\system32\rscycd.exe"
Sun 18 Feb 2007 1,536 A..H. --- "C:\WINDOWS\system32\wtpu.exe"
Mon 20 Aug 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Fri 26 Jan 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\02418795bf9ae0332d2724a0721b3b6a\BIT1D.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\04d77a314e978a6d2e5e499ece3dd910\BIT22.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\06119f7f007fbf3388fb7f012fd2ce49\BIT4A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\09d89c4f86a37cea40e36ccd20da027b\BIT1C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\12c9c7b74d009cd8f751411d54cc4b11\BIT19.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\17e3f23ff72184333b78d75c8e81cda8\BIT5D.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\222426828c4507f67ae73404f850464e\BIT40.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\BIT64.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\29f6d57cd4efa945b402cdec2ffedddf\BIT5F.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2b0ec6af95107cd747155f214801a1de\BIT4F.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3887d65d3ab5fa0d45001f504bed5b37\BIT38.tmp"
Mon 24 Mar 2008 10,703,680 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3a4b17774256790710b116f48cad024c\BIT15.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3d626d96e6e22b8a5867784640121555\BIT55.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\42526a992b20eef1df8750beb4f78f35\BIT63.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\428a8e1b8036b8225440fd6ce9cf9a62\BIT23.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4610eb579ac4422debd468205f9d4838\BIT16.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4724ea0e197f99f5dc110621c05f3367\BIT33.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\48507772aceb60b61525fdb208c39514\BIT52.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4896e7eb404b9f0d2ec9221b3c0f425b\BIT3E.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4ad242756613df3e539d49e3db7fff27\BIT6A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4c5c888ff189ce65af20cc141b13bcd3\BIT18.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4febda7b78da8f94eaee96a8b432d591\BIT30.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5857fd464a38367b479c179d651cd5d4\BIT50.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\598b3ea05d3c2f275520ea46f80fb98d\BIT5E.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5cbce544ba5a58e170acdb52973e4471\BIT28.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5d24ad19cee78bba662249a4deccb260\BIT61.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f04040f0ee4f5284e03d88e1fa5a7e1\BIT62.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6067d5deb7173c35afab0355ff048bd7\BITB.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\60ed62953e03ee5bf235cba11ef6e53b\BIT37.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\61cb8cabb47496dec6d7e4c842c3b827\BIT20.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6291f486ec5de5182ec3cff2071af184\BIT53.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\65c2e436f9d7efd0bb1d2fcc20c6d135\BIT2C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6c75180874e00b1d103af2b8b2b3b170\BIT2A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\72480a427b1c43ed1a1d42cac8cadfc7\BIT3B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7351a9d6fb0d30de886b0cdad6ea8ae1\BIT41.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\79dfe016119d9f9104f7a081382c2de7\BIT56.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7a40be1d5e41517009a903a286bf28bd\BIT34.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7bd07c1089c2af7712a37e4bc06b52c1\BIT1F.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7d67df8d2fa218514bbe5a22ae12a9b3\BIT66.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\80e94bc9a445720e72a4fe463ab5766a\BIT17.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\813a989071c1720c8fca52f421b7b9e5\BIT54.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\84db8362c64a1369b93bd1a60a67cb01\BIT49.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\84fbc956da54d159058962d983555052\BIT25.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\89e0a774addcd98f9a5c68206d820d9d\BIT26.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8aba0967f899f346d112e436c1f1b5c7\BIT39.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cf13444ad5b33cad5e4b774633810f9\BIT29.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8d31f6e93a03bc7a736602ed1adb9986\BIT3D.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8d788a6c74bdc379d0d986e24df63dac\BIT1B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\90e550d1a108d8bbd6da9841aafd83a8\BIT67.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\90eded57e7780b832eed3339a922a322\BIT3A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\98e4ab2cb14986b0be91146bef7a2943\BIT27.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a04a8dce324b141449b6bb4b762ae54a\BIT60.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a0a06594bec34f1a4bfbddf6cd27d688\BIT1E.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a3debb4e9e3b20d27b1821077eb58bad\BIT42.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a957c596efa7d0ec1b4b7fdc1e1c5705\BIT5A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b848f7bbcc1590afa157f879b74964b2\BIT21.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ba502b35f31a2bf19a595db79d7bef15\BIT44.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bb90dbe09191684047872513e6885070\BIT5B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bd2f344a6cea520182f159a127c8f5ad\BIT4C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bfd81cbd42e5265d12677c96600c0804\BIT57.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\BIT3C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\BIT65.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cb942767c499e4e5e870a77375906298\BIT35.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cbee9c95b55c0a7f59376a89c9a3d3c1\BIT5C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT45.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cff3276a5659b39e9143e4a62e333028\BIT2B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d14d0217f816e7b705d500838dec3aae\BIT36.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d3d2665eb84adc5cc6608cb37fdec27a\BIT1A.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d3d59acde4bc99f07df90298fa402c77\BIT68.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d8cfedd5cfd3f0881276825d82978e5d\BIT59.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d92c462d05652e1246e67f0b8524027c\BIT4B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d983f6bace749011714a05db9ad756fb\BIT2F.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e2ee6701f2679c24dd339050a068b193\BIT4D.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e6709a5593e8edb948fefef2ae74a35e\BIT24.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e8ac11bc9e4687d6c2a32699ff0541d6\BIT58.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\BIT43.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\edf770ea565c428bca41a4befcabb97b\BIT3F.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ef76b58e91ae8084bf0833c90d4b9382\BIT51.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f32bfa5d1049b53eae766f9d37379ea6\BIT69.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fde0566446f6dd640c536f419fe1216a\BIT4E.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\02970179a133da43483e5e8495d03f51\download\BITB.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0736b9819d78ce6fd28d7a44be52cc29\download\BIT6B.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\126216e1ea5a965d65b4b02390ca8357\download\BIT11.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\171d2120022f92869484c921d3263cc3\download\BITA.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\302e1056006644b6630bcb41e5969ade\download\BIT7.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4cabbc33d9fa3ea879d2330766ba6ff1\download\BIT48.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\50b1dbf091e5ad2003668acab0cb3bc0\download\BIT9.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\773244b80a35d887f4682727f34cdcce\download\BIT16.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\abca9e2bf0dd5e18df937d2b7f598387\download\BIT6D.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\download\BIT8.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e17d2630592b6b8b86888b3ce879a3ab\download\BIT6C.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\eb96ceab77261e76cdbe943d8cf8e4cc\download\BIT17.tmp"
Mon 24 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\eb9fda4f2f8a691ab294ebfcbb58c737\download\BIT10.tmp"
[b]Finished![/b]