Virus msn
Résolu/Fermé
r@zi
-
20 oct. 2008 à 03:07
Destrio5 Messages postés 85926 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 21 oct. 2008 à 20:48
Destrio5 Messages postés 85926 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 21 oct. 2008 à 20:48
A voir également:
- Virus msn
- Msn - Télécharger - Messagerie
- Tinyurl virus - Forum Virus / Sécurité
- Svchost.exe virus - Guide
- Tlauncher virus ✓ - Forum Jeux vidéo
- Retrouver conversation msn ✓ - Forum MSN / WLM
12 réponses
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
21 oct. 2008 à 00:33
21 oct. 2008 à 00:33
---> Fais un scan avec MBAM :
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
21 oct. 2008 à 07:24
21 oct. 2008 à 07:24
mya ---> Merci de créer ton propre topic.
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
21 oct. 2008 à 07:40
21 oct. 2008 à 07:40
ga fé un scan avec malware mais je veux pas predre le risque deffacer nimporte koi....voici le rapport:
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1298
Windows 5.1.2600 Service Pack 2
21/10/2008 01:19:05
mbam-log-2008-10-21 (01-18-57).txt
Type de recherche: Examen rapide
Eléments examinés: 45446
Temps écoulé: 8 minute(s), 12 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 10
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1298
Windows 5.1.2600 Service Pack 2
21/10/2008 01:19:05
mbam-log-2008-10-21 (01-18-57).txt
Type de recherche: Examen rapide
Eléments examinés: 45446
Temps écoulé: 8 minute(s), 12 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 10
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{6d430275-c3ac-4b4a-901c-5789bb2f8865}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{f614337c-8c7c-45e8-a412-815bd5f8018e}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.154,85.255.112.155 -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
21 oct. 2008 à 20:48
21 oct. 2008 à 20:48
Clique sur Supprimer la sélection.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut!
moi j'ai essayé le sdfix et le virus est toujours la! mon rappport est le suivant! quelqu'un peut m'aider?
PS: mon scan ne part pas de runThis.bat mais de catchme
merci d'avance pour votre aide
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-21 00:25:01
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94158b0d]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:49c96ec6
"s2"=dword:fb0e5351
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:d0,a2,ac,0e,b9,30,6a,86,5a,1a,74,85,ce,64,a1,9a,c1,66,bc,aa,1b,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,90,c0,dd,0f,81,35,16,f9,08,5c,74,ad,44,15,14,c3,c6,..
"khjeh"=hex:bf,2d,02,b9,d6,93,a5,17,90,a7,e9,98,fa,60,1f,2a,f7,ba,19,1a,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:78,95,0f,97,66,d6,6c,a1,6f,e9,54,31,ad,26,8f,a1,2a,e5,42,54,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a94158b0d]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:d0,a2,ac,0e,b9,30,6a,86,5a,1a,74,85,ce,64,a1,9a,c1,66,bc,aa,1b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,90,c0,dd,0f,81,35,16,f9,08,5c,74,ad,44,15,14,c3,c6,..
"khjeh"=hex:bf,2d,02,b9,d6,93,a5,17,90,a7,e9,98,fa,60,1f,2a,f7,ba,19,1a,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:78,95,0f,97,66,d6,6c,a1,6f,e9,54,31,ad,26,8f,a1,2a,e5,42,54,fc,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1
moi j'ai essayé le sdfix et le virus est toujours la! mon rappport est le suivant! quelqu'un peut m'aider?
PS: mon scan ne part pas de runThis.bat mais de catchme
merci d'avance pour votre aide
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-21 00:25:01
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a94158b0d]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:49c96ec6
"s2"=dword:fb0e5351
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:d0,a2,ac,0e,b9,30,6a,86,5a,1a,74,85,ce,64,a1,9a,c1,66,bc,aa,1b,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,90,c0,dd,0f,81,35,16,f9,08,5c,74,ad,44,15,14,c3,c6,..
"khjeh"=hex:bf,2d,02,b9,d6,93,a5,17,90,a7,e9,98,fa,60,1f,2a,f7,ba,19,1a,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:78,95,0f,97,66,d6,6c,a1,6f,e9,54,31,ad,26,8f,a1,2a,e5,42,54,fc,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000a94158b0d]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:d0,a2,ac,0e,b9,30,6a,86,5a,1a,74,85,ce,64,a1,9a,c1,66,bc,aa,1b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,90,c0,dd,0f,81,35,16,f9,08,5c,74,ad,44,15,14,c3,c6,..
"khjeh"=hex:bf,2d,02,b9,d6,93,a5,17,90,a7,e9,98,fa,60,1f,2a,f7,ba,19,1a,72,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:78,95,0f,97,66,d6,6c,a1,6f,e9,54,31,ad,26,8f,a1,2a,e5,42,54,fc,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
20 oct. 2008 à 03:08
20 oct. 2008 à 03:08
Salut,
- Télécharge MSNFix.zip (de !aur3n7) sur le bureau:
http://sosvirus.changelog.fr/MSNFix.zip
- Décompresse-le (clic droit >> Extraire ici).
- Double-clique sur le fichier MSNFix.bat.
- Exécute l'option R.
Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
Note : Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur.
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.t, poste-le.
- Télécharge MSNFix.zip (de !aur3n7) sur le bureau:
http://sosvirus.changelog.fr/MSNFix.zip
- Décompresse-le (clic droit >> Extraire ici).
- Double-clique sur le fichier MSNFix.bat.
- Exécute l'option R.
Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
Note : Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur.
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.t, poste-le.
voici le resultat:: [C:\WINDOWS\system32\winchat.exe] 2A99260794224489F29B628717B7947E
[C:\WINDOWS\system32\WinFXDocObj.exe] 660336AD0305C852122C5EEBBACE9BAF
[C:\WINDOWS\system32\winhlp32.exe] 577624F19D0441C9111F2AF26C81E04D
[C:\WINDOWS\system32\winlogon.exe] D2DE785AEAB0BB8CA4C14A8A199DBE4E
[C:\WINDOWS\system32\winmine.exe] EA682C022F7204CC8E8C9EF5DCE29356
[C:\WINDOWS\system32\winmsd.exe] 7EBF8A4B608AFB79C67F4E4A9C5885BB
[C:\WINDOWS\system32\winspool.exe] 0B4B94B78123E8035B84105BC024F9F8
[C:\WINDOWS\system32\winver.exe] CE30DCEF79B94D17A8B3BEC26FEF90A3
[C:\WINDOWS\system32\WinFXDocObj.exe] 660336AD0305C852122C5EEBBACE9BAF
[C:\WINDOWS\system32\winhlp32.exe] 577624F19D0441C9111F2AF26C81E04D
[C:\WINDOWS\system32\winlogon.exe] D2DE785AEAB0BB8CA4C14A8A199DBE4E
[C:\WINDOWS\system32\winmine.exe] EA682C022F7204CC8E8C9EF5DCE29356
[C:\WINDOWS\system32\winmsd.exe] 7EBF8A4B608AFB79C67F4E4A9C5885BB
[C:\WINDOWS\system32\winspool.exe] 0B4B94B78123E8035B84105BC024F9F8
[C:\WINDOWS\system32\winver.exe] CE30DCEF79B94D17A8B3BEC26FEF90A3
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
20 oct. 2008 à 18:48
20 oct. 2008 à 18:48
---> Télécharge SDFix (créé par AndyManchesta) sur ton Bureau :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
- Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
- Redémarre ton ordinateur en mode sans échec.
---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ton compte.
---> Déroule la liste des instructions ci-dessous :
- Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
- Appuie sur Y pour commencer le processus de nettoyage.
- Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
- Appuie sur une touche pour redémarrer le PC.
- Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
- Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
- Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
- Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
- Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
- Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
- Redémarre ton ordinateur en mode sans échec.
---> Pour redémarrer en mode sans échec :
- Redémarre ton PC.
- Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
- Dans le menu d'options avancées, choisis Mode sans échec.
- Choisis ton compte.
---> Déroule la liste des instructions ci-dessous :
- Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
- Appuie sur Y pour commencer le processus de nettoyage.
- Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
- Appuie sur une touche pour redémarrer le PC.
- Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
- Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
- Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
- Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
- Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
20 oct. 2008 à 20:56
20 oct. 2008 à 20:56
Tu peux faire SDFix ?
Destrio5
Messages postés
85926
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
21 oct. 2008 à 00:12
21 oct. 2008 à 00:12
Peux-tu me donner le rapport ?
[b]SDFix: Version 1.236 [/b]
Run by pc on 20/10/2008 at 18:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\8060\SVCHOST.EXE - Deleted
C:\Documents and Settings\pc\Local Settings\Temp\utt4F.tmp.exe - Deleted
Folder C:\resycled - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-20 18:14:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:Bluetooth Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Enabled:Wish Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\11a41d638ef27a23b34b1e497227d8e3\BIT6.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT1A.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1df60e2d17c7a7cd18c479e61c6f5678\BIT12.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT22.tmp"
Mon 20 Oct 2008 8,129,896 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT11.tmp"
Mon 20 Oct 2008 824,360 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\299d8333b0b5f75c41264b2d951282b6\BITA.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2af54949ef6051d62a22acc8e774eeac\BIT23.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2f92d48fd4dd6c3e29f57417ec6cf1d9\BIT17.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT8.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\362520815834b2885654806c1b614ff4\BIT16.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\37cc3320d848589a26c262a19e379099\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT19.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\405ae8e48aa46e265982686e1678047b\BIT24.tmp"
Mon 20 Oct 2008 151,273 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\47579c4e4d4a7c17ed2f9ed42a2d13e0\BIT5.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d8bae15f4220c10cdeb74bfa142239a\BIT1E.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5e8a8c4e3fdc3a6b3a3ac1083accf81e\BIT1D.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f8bbff06b2da0a7956609cdcd5aa176\BIT15.tmp"
Mon 20 Oct 2008 251,126 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6acede1e468d41897e38ed4288f48a59\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b5238beec36f1d5713ea9960c9a4277\BIT1B.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT1C.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7db42668d42f9076e9e8ddd6009e6a70\BIT7.tmp"
Mon 20 Oct 2008 251,597 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dcccc5b489f481a52c50584f0656cad\BIT8.tmp"
Mon 20 Oct 2008 7,568,097 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7faa20870c6776cd1f316e4a996e02a0\BIT1.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\870d6779549b04d883b960d23ee70cec\BITE.tmp"
Mon 20 Oct 2008 665,128 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8c581c8fec97076352bfe9cacef351a4\BITC.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cd85f12420c94f4e35f4e73c4f6941c\BIT20.tmp"
Mon 20 Oct 2008 103,460 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8dea9f1a41c351f3472747bffaacf3c7\BIT3.tmp"
Mon 20 Oct 2008 4,198,322 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9042a53c4572f5a2c03d7cf3c7b8c660\BIT10.tmp"
Mon 20 Oct 2008 2,120,111 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9061177f9b7567187f271c144d4c929a\BIT2.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9508b4e5ba6851c2778692a72a1c6e54\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\987c3b688890de8e02e30776ca6934c0\BIT9.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9b0f9ae87ca3aec341fe4670654daf22\BITA.tmp"
Mon 20 Oct 2008 565,800 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a36bb6443ceaa68703da0a54bd9660c7\BITE.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a839252010b2a3660b4ca84580ecd8c3\BIT1F.tmp"
Mon 20 Oct 2008 1,318,440 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\adfeed9c54076be35af21edea11595cd\BIT4.tmp"
Mon 20 Oct 2008 8,944,680 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bf37fddad7fb230cb22cecf94c616ad2\BITB.tmp"
Mon 20 Oct 2008 4,002,699 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc3ce62a39662452960d7e2161be823a\BITB.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e43605c24c1590c9b3f6144c850d6e5b\BIT13.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e71bb1ae17e6ea9293a3416175c7f9ec\BIT14.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e895bb203e07bbdfe868440e8348993a\BIT21.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ef3ec9e913ae29480457dbf484419923\BITC.tmp"
Mon 20 Oct 2008 1,945,267 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT9.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT10.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT11.tmp"
Mon 4 Aug 2008 614,076 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT12.tmp"
Sun 19 Oct 2008 1,319 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic2.tmp"
Wed 15 Oct 2008 400 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic24.tmp"
Sun 19 Oct 2008 370 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic4A.tmp"
Mon 20 Oct 2008 1,390,774 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f5d7738acf9c48c006cd814026ee1a38\download\BIT2B.tmp"
Fri 3 Oct 2008 94,720 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\dotnetfx3530729.01\1033\dotnetfx30\BIT8.tmp"
[b]Finished![/b]
Run by pc on 20/10/2008 at 18:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\8060\SVCHOST.EXE - Deleted
C:\Documents and Settings\pc\Local Settings\Temp\utt4F.tmp.exe - Deleted
Folder C:\resycled - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-20 18:14:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:Bluetooth Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Enabled:Wish Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\11a41d638ef27a23b34b1e497227d8e3\BIT6.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT1A.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1df60e2d17c7a7cd18c479e61c6f5678\BIT12.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT22.tmp"
Mon 20 Oct 2008 8,129,896 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT11.tmp"
Mon 20 Oct 2008 824,360 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\299d8333b0b5f75c41264b2d951282b6\BITA.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2af54949ef6051d62a22acc8e774eeac\BIT23.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2f92d48fd4dd6c3e29f57417ec6cf1d9\BIT17.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT8.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\362520815834b2885654806c1b614ff4\BIT16.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\37cc3320d848589a26c262a19e379099\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT19.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\405ae8e48aa46e265982686e1678047b\BIT24.tmp"
Mon 20 Oct 2008 151,273 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\47579c4e4d4a7c17ed2f9ed42a2d13e0\BIT5.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d8bae15f4220c10cdeb74bfa142239a\BIT1E.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5e8a8c4e3fdc3a6b3a3ac1083accf81e\BIT1D.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f8bbff06b2da0a7956609cdcd5aa176\BIT15.tmp"
Mon 20 Oct 2008 251,126 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6acede1e468d41897e38ed4288f48a59\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b5238beec36f1d5713ea9960c9a4277\BIT1B.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT1C.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7db42668d42f9076e9e8ddd6009e6a70\BIT7.tmp"
Mon 20 Oct 2008 251,597 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dcccc5b489f481a52c50584f0656cad\BIT8.tmp"
Mon 20 Oct 2008 7,568,097 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7faa20870c6776cd1f316e4a996e02a0\BIT1.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\870d6779549b04d883b960d23ee70cec\BITE.tmp"
Mon 20 Oct 2008 665,128 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8c581c8fec97076352bfe9cacef351a4\BITC.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cd85f12420c94f4e35f4e73c4f6941c\BIT20.tmp"
Mon 20 Oct 2008 103,460 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8dea9f1a41c351f3472747bffaacf3c7\BIT3.tmp"
Mon 20 Oct 2008 4,198,322 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9042a53c4572f5a2c03d7cf3c7b8c660\BIT10.tmp"
Mon 20 Oct 2008 2,120,111 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9061177f9b7567187f271c144d4c929a\BIT2.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9508b4e5ba6851c2778692a72a1c6e54\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\987c3b688890de8e02e30776ca6934c0\BIT9.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9b0f9ae87ca3aec341fe4670654daf22\BITA.tmp"
Mon 20 Oct 2008 565,800 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a36bb6443ceaa68703da0a54bd9660c7\BITE.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a839252010b2a3660b4ca84580ecd8c3\BIT1F.tmp"
Mon 20 Oct 2008 1,318,440 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\adfeed9c54076be35af21edea11595cd\BIT4.tmp"
Mon 20 Oct 2008 8,944,680 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bf37fddad7fb230cb22cecf94c616ad2\BITB.tmp"
Mon 20 Oct 2008 4,002,699 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc3ce62a39662452960d7e2161be823a\BITB.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e43605c24c1590c9b3f6144c850d6e5b\BIT13.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e71bb1ae17e6ea9293a3416175c7f9ec\BIT14.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e895bb203e07bbdfe868440e8348993a\BIT21.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ef3ec9e913ae29480457dbf484419923\BITC.tmp"
Mon 20 Oct 2008 1,945,267 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT9.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT10.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT11.tmp"
Mon 4 Aug 2008 614,076 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT12.tmp"
Sun 19 Oct 2008 1,319 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic2.tmp"
Wed 15 Oct 2008 400 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic24.tmp"
Sun 19 Oct 2008 370 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic4A.tmp"
Mon 20 Oct 2008 1,390,774 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f5d7738acf9c48c006cd814026ee1a38\download\BIT2B.tmp"
Fri 3 Oct 2008 94,720 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\dotnetfx3530729.01\1033\dotnetfx30\BIT8.tmp"
[b]Finished![/b]
[b]SDFix: Version 1.236 [/b]
Run by pc on 20/10/2008 at 18:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\8060\SVCHOST.EXE - Deleted
C:\Documents and Settings\pc\Local Settings\Temp\utt4F.tmp.exe - Deleted
Folder C:\resycled - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-20 18:14:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:Bluetooth Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Enabled:Wish Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\11a41d638ef27a23b34b1e497227d8e3\BIT6.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT1A.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1df60e2d17c7a7cd18c479e61c6f5678\BIT12.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT22.tmp"
Mon 20 Oct 2008 8,129,896 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT11.tmp"
Mon 20 Oct 2008 824,360 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\299d8333b0b5f75c41264b2d951282b6\BITA.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2af54949ef6051d62a22acc8e774eeac\BIT23.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2f92d48fd4dd6c3e29f57417ec6cf1d9\BIT17.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT8.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\362520815834b2885654806c1b614ff4\BIT16.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\37cc3320d848589a26c262a19e379099\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT19.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\405ae8e48aa46e265982686e1678047b\BIT24.tmp"
Mon 20 Oct 2008 151,273 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\47579c4e4d4a7c17ed2f9ed42a2d13e0\BIT5.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d8bae15f4220c10cdeb74bfa142239a\BIT1E.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5e8a8c4e3fdc3a6b3a3ac1083accf81e\BIT1D.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f8bbff06b2da0a7956609cdcd5aa176\BIT15.tmp"
Mon 20 Oct 2008 251,126 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6acede1e468d41897e38ed4288f48a59\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b5238beec36f1d5713ea9960c9a4277\BIT1B.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT1C.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7db42668d42f9076e9e8ddd6009e6a70\BIT7.tmp"
Mon 20 Oct 2008 251,597 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dcccc5b489f481a52c50584f0656cad\BIT8.tmp"
Mon 20 Oct 2008 7,568,097 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7faa20870c6776cd1f316e4a996e02a0\BIT1.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\870d6779549b04d883b960d23ee70cec\BITE.tmp"
Mon 20 Oct 2008 665,128 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8c581c8fec97076352bfe9cacef351a4\BITC.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cd85f12420c94f4e35f4e73c4f6941c\BIT20.tmp"
Mon 20 Oct 2008 103,460 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8dea9f1a41c351f3472747bffaacf3c7\BIT3.tmp"
Mon 20 Oct 2008 4,198,322 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9042a53c4572f5a2c03d7cf3c7b8c660\BIT10.tmp"
Mon 20 Oct 2008 2,120,111 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9061177f9b7567187f271c144d4c929a\BIT2.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9508b4e5ba6851c2778692a72a1c6e54\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\987c3b688890de8e02e30776ca6934c0\BIT9.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9b0f9ae87ca3aec341fe4670654daf22\BITA.tmp"
Mon 20 Oct 2008 565,800 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a36bb6443ceaa68703da0a54bd9660c7\BITE.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a839252010b2a3660b4ca84580ecd8c3\BIT1F.tmp"
Mon 20 Oct 2008 1,318,440 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\adfeed9c54076be35af21edea11595cd\BIT4.tmp"
Mon 20 Oct 2008 8,944,680 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bf37fddad7fb230cb22cecf94c616ad2\BITB.tmp"
Mon 20 Oct 2008 4,002,699 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc3ce62a39662452960d7e2161be823a\BITB.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e43605c24c1590c9b3f6144c850d6e5b\BIT13.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e71bb1ae17e6ea9293a3416175c7f9ec\BIT14.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e895bb203e07bbdfe868440e8348993a\BIT21.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ef3ec9e913ae29480457dbf484419923\BITC.tmp"
Mon 20 Oct 2008 1,945,267 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT9.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT10.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT11.tmp"
Mon 4 Aug 2008 614,076 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT12.tmp"
Sun 19 Oct 2008 1,319 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic2.tmp"
Wed 15 Oct 2008 400 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic24.tmp"
Sun 19 Oct 2008 370 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic4A.tmp"
Mon 20 Oct 2008 1,390,774 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f5d7738acf9c48c006cd814026ee1a38\download\BIT2B.tmp"
Fri 3 Oct 2008 94,720 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\dotnetfx3530729.01\1033\dotnetfx30\BIT8.tmp"
[b]Finished![/b]
Run by pc on 20/10/2008 at 18:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\8060\SVCHOST.EXE - Deleted
C:\Documents and Settings\pc\Local Settings\Temp\utt4F.tmp.exe - Deleted
Folder C:\resycled - Removed
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-20 18:14:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026]
"001e45c1b114"=hex:65,f6,1c,76,ab,a8,b0,26,f0,8a,f4,0e,24,ff,8c,f9
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:Bluetooth Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Enabled:Wish Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\11a41d638ef27a23b34b1e497227d8e3\BIT6.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT1A.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1df60e2d17c7a7cd18c479e61c6f5678\BIT12.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT22.tmp"
Mon 20 Oct 2008 8,129,896 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT11.tmp"
Mon 20 Oct 2008 824,360 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\299d8333b0b5f75c41264b2d951282b6\BITA.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2af54949ef6051d62a22acc8e774eeac\BIT23.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2f92d48fd4dd6c3e29f57417ec6cf1d9\BIT17.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT8.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\362520815834b2885654806c1b614ff4\BIT16.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\37cc3320d848589a26c262a19e379099\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT19.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\405ae8e48aa46e265982686e1678047b\BIT24.tmp"
Mon 20 Oct 2008 151,273 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\47579c4e4d4a7c17ed2f9ed42a2d13e0\BIT5.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d8bae15f4220c10cdeb74bfa142239a\BIT1E.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5e8a8c4e3fdc3a6b3a3ac1083accf81e\BIT1D.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f8bbff06b2da0a7956609cdcd5aa176\BIT15.tmp"
Mon 20 Oct 2008 251,126 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6acede1e468d41897e38ed4288f48a59\BITD.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b5238beec36f1d5713ea9960c9a4277\BIT1B.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT1C.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7db42668d42f9076e9e8ddd6009e6a70\BIT7.tmp"
Mon 20 Oct 2008 251,597 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dcccc5b489f481a52c50584f0656cad\BIT8.tmp"
Mon 20 Oct 2008 7,568,097 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7faa20870c6776cd1f316e4a996e02a0\BIT1.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\870d6779549b04d883b960d23ee70cec\BITE.tmp"
Mon 20 Oct 2008 665,128 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8c581c8fec97076352bfe9cacef351a4\BITC.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8cd85f12420c94f4e35f4e73c4f6941c\BIT20.tmp"
Mon 20 Oct 2008 103,460 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8dea9f1a41c351f3472747bffaacf3c7\BIT3.tmp"
Mon 20 Oct 2008 4,198,322 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9042a53c4572f5a2c03d7cf3c7b8c660\BIT10.tmp"
Mon 20 Oct 2008 2,120,111 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9061177f9b7567187f271c144d4c929a\BIT2.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9508b4e5ba6851c2778692a72a1c6e54\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\987c3b688890de8e02e30776ca6934c0\BIT9.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9b0f9ae87ca3aec341fe4670654daf22\BITA.tmp"
Mon 20 Oct 2008 565,800 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a36bb6443ceaa68703da0a54bd9660c7\BITE.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a839252010b2a3660b4ca84580ecd8c3\BIT1F.tmp"
Mon 20 Oct 2008 1,318,440 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\adfeed9c54076be35af21edea11595cd\BIT4.tmp"
Mon 20 Oct 2008 8,944,680 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\bf37fddad7fb230cb22cecf94c616ad2\BITB.tmp"
Mon 20 Oct 2008 4,002,699 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BITF.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc3ce62a39662452960d7e2161be823a\BITB.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e43605c24c1590c9b3f6144c850d6e5b\BIT13.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e71bb1ae17e6ea9293a3416175c7f9ec\BIT14.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e895bb203e07bbdfe868440e8348993a\BIT21.tmp"
Mon 20 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ef3ec9e913ae29480457dbf484419923\BITC.tmp"
Mon 20 Oct 2008 1,945,267 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT9.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT10.tmp"
Mon 4 Aug 2008 614,074 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT11.tmp"
Mon 4 Aug 2008 614,076 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT12.tmp"
Sun 19 Oct 2008 1,319 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic2.tmp"
Wed 15 Oct 2008 400 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic24.tmp"
Sun 19 Oct 2008 370 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\Free Download Manager\tic4A.tmp"
Mon 20 Oct 2008 1,390,774 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f5d7738acf9c48c006cd814026ee1a38\download\BIT2B.tmp"
Fri 3 Oct 2008 94,720 A..H. --- "C:\Documents and Settings\pc\Local Settings\Temp\dotnetfx3530729.01\1033\dotnetfx30\BIT8.tmp"
[b]Finished![/b]