Téléchargement
illégal
Posez votre question Signaler

Rapport Hijackthis suite à message erreur

so - Dernière réponse le 8 nov. 2009 à 18:43
Bonjour,
En allumant mon ordinateur, j'ai le message suivant: Windows script host:
C:/WINDOWS/system32/VirusRemoval.vbs
J'ai lancé Hijackthis. Voici le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by So at 2009-11-08 16:32:36
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 18 GB (47%) free of 38 GB
Total RAM: 191 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:33:20, on 08/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\So\Bureau\RSIT.exe
C:\Downloads\Software\So.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sujin.com.np/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Sujin.com.np
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\VirusRemoval.vbs
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.01net.com/telecharger/
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Lire la suite 

Rapport Hijackthis suite à message erreur »

3 réponses
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 8 nov. 2009 à 17:05
salut :

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre le sur ton bureau

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

▶colle le contenu dans ta prochaine réponse

Ajouter un commentaire
so - 8 nov. 2009 à 17:50
Merci beaucoup de m'avoir répondu. Donc voici le
nouveau rapport:

List'em by g3n-h@ckm@n 1.0.5.2

Thx to Chiquitine29.....

User : So (Administrateurs) # PC-SO
Update on 07/11/2009 by g3n-h@ckm@n ::::: 20.00
Start at: 17:36:07 | 08/11/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Celeron(R) CPU 2.80GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : BitDefender Antivirus 12.0 [ (!) Disabled | Updated ]
FW : BitDefender Firewall[ (!) Disabled ]12.0

C:\ -> Disque fixe local | 37,25 Go (17,32 Go free) | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque fixe local | 232,88 Go (46,83 Go free) [disque externe So] | NTFS

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

C:\WINDOWS\System32\smss.exe 824
C:\WINDOWS\system32\csrss.exe 872
C:\WINDOWS\system32\winlogon.exe 896
C:\WINDOWS\system32\services.exe 940
C:\WINDOWS\system32\lsass.exe 952
C:\WINDOWS\system32\Ati2evxx.exe 1100
C:\WINDOWS\system32\svchost.exe 1120
C:\WINDOWS\system32\svchost.exe 1184
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe 1220
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe 1252
C:\WINDOWS\System32\svchost.exe 1344
C:\WINDOWS\system32\svchost.exe 1392
C:\WINDOWS\system32\svchost.exe 1524
C:\WINDOWS\system32\spoolsv.exe 1916
C:\WINDOWS\system32\svchost.exe 1992
C:\Program Files\Executive Software\Diskeeper\DkService.exe 2040
C:\WINDOWS\system32\HPZipm12.exe 180
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 216
C:\WINDOWS\system32\svchost.exe 288
C:\WINDOWS\system32\Ati2evxx.exe 1380
C:\WINDOWS\Explorer.EXE 396
C:\WINDOWS\system32\wbem\wmiapsrv.exe 792
C:\WINDOWS\System32\alg.exe 1256
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe 2524
C:\Program Files\Apoint2K\Apoint.exe 2556
C:\WINDOWS\AGRSMMSG.exe 2568
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe 2596
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe 2608
C:\Program Files\Free Download Manager\fdm.exe 2624
C:\WINDOWS\system32\ctfmon.exe 2656
C:\Program Files\Apoint2K\Apntex.exe 2956
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe 2996
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN 3028
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe 3320
C:\Program Files\Internet Explorer\iexplore.exe 3440
C:\Program Files\Internet Explorer\iexplore.exe 2516
C:\Program Files\Internet Explorer\iexplore.exe 2788
C:\Program Files\Internet Explorer\iexplore.exe 4036
C:\WINDOWS\system32\wscntfy.exe 3128
C:\Downloads\Software\List_Killem.exe 776
C:\WINDOWS\system32\cmd.exe 492
C:\WINDOWS\system32\wbem\wmiprvse.exe 3840
C:\Documents and Settings\So\Local Settings\Temp\96.tmp\pv.exe 3656

======================
Cles de demarrage "Run"
======================
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="\"C:\\Program Files\\Free Download Manager\\fdm.exe\" -autorun"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"DiskeeperSystray"="\"C:\\Program Files\\Executive Software\\Diskeeper\\DkIcon.exe\""
"BDAgent"="\"C:\\Program Files\\BitDefender\\BitDefender 2009\\bdagent.exe\""
"BitDefender Antiphishing Helper"="\"C:\\Program Files\\BitDefender\\BitDefender 2009\\IEShow.exe\""
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
"ATIModeChange"="Ati2mdxx.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb12.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
@=""

=====================
cles additionnelles
=====================
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

===============
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000

===============
===============
===============
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

======
BHO :
======
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
@="AcroIEHelperStub"
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
"NoExplorer"=dword:00000001

==========================

===============
Path : C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Executive Software\Diskeeper;C:\Program Files\ESTsoft\ALZip;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ESTsoft\ALZip
===============
¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\System32\_003998_.tmp.dll
C:\WINDOWS\System32\_003999_.tmp.dll
C:\WINDOWS\System32\_004000_.tmp.dll
C:\WINDOWS\System32\_004001_.tmp.dll
C:\WINDOWS\System32\_004006_.tmp.dll
C:\WINDOWS\System32\_004007_.tmp.dll
C:\WINDOWS\System32\_004008_.tmp.dll
C:\WINDOWS\System32\_004009_.tmp.dll
C:\WINDOWS\System32\_004010_.tmp.dll
C:\WINDOWS\System32\_004011_.tmp.dll
C:\WINDOWS\System32\_004012_.tmp.dll
C:\WINDOWS\System32\_004013_.tmp.dll
C:\WINDOWS\System32\_004014_.tmp.dll
C:\WINDOWS\System32\_004015_.tmp.dll
C:\WINDOWS\System32\_004017_.tmp.dll
C:\WINDOWS\System32\_004018_.tmp.dll
C:\WINDOWS\System32\_004020_.tmp.dll
C:\WINDOWS\System32\_004021_.tmp.dll
C:\WINDOWS\System32\_004022_.tmp.dll
C:\WINDOWS\System32\_004024_.tmp.dll
C:\WINDOWS\System32\_004026_.tmp.dll
C:\WINDOWS\System32\_004027_.tmp.dll
C:\WINDOWS\System32\_004028_.tmp.dll
C:\WINDOWS\System32\_004031_.tmp.dll
C:\WINDOWS\System32\_004032_.tmp.dll
C:\WINDOWS\System32\_004033_.tmp.dll
C:\WINDOWS\System32\_004034_.tmp.dll
C:\WINDOWS\System32\_004035_.tmp.dll
C:\WINDOWS\System32\_004036_.tmp.dll
C:\WINDOWS\System32\_004037_.tmp.dll
C:\WINDOWS\System32\_004038_.tmp.dll
C:\WINDOWS\System32\_004040_.tmp.dll
C:\WINDOWS\System32\_004041_.tmp.dll
C:\WINDOWS\System32\_004042_.tmp.dll
C:\WINDOWS\System32\_004043_.tmp.dll
C:\WINDOWS\System32\_004044_.tmp.dll
C:\WINDOWS\System32\_004045_.tmp.dll
C:\WINDOWS\System32\_004046_.tmp.dll
C:\WINDOWS\System32\_004047_.tmp.dll
C:\WINDOWS\System32\_004048_.tmp.dll
C:\WINDOWS\System32\_004049_.tmp.dll
C:\WINDOWS\System32\_004050_.tmp.dll
C:\WINDOWS\System32\_004051_.tmp.dll
C:\WINDOWS\System32\_004054_.tmp.dll
C:\WINDOWS\System32\_004055_.tmp.dll
C:\WINDOWS\System32\_004056_.tmp.dll
C:\WINDOWS\System32\_004058_.tmp.dll
C:\WINDOWS\System32\_004059_.tmp.dll
C:\WINDOWS\System32\_004060_.tmp.dll
C:\WINDOWS\System32\_004062_.tmp.dll
C:\WINDOWS\System32\_004064_.tmp.dll
C:\WINDOWS\System32\_004065_.tmp.dll
C:\WINDOWS\System32\_004066_.tmp.dll
C:\WINDOWS\System32\_004070_.tmp.dll
C:\WINDOWS\System32\_004071_.tmp.dll
C:\WINDOWS\System32\_004073_.tmp.dll
C:\WINDOWS\System32\_004075_.tmp.dll
C:\WINDOWS\System32\_004076_.tmp.dll
C:\WINDOWS\System32\_004078_.tmp.dll
C:\WINDOWS\System32\_004079_.tmp.dll
C:\WINDOWS\System32\_004080_.tmp.dll
C:\WINDOWS\System32\_004081_.tmp.dll
C:\WINDOWS\System32\_004084_.tmp.dll
C:\WINDOWS\System32\_004085_.tmp.dll
C:\WINDOWS\System32\_004086_.tmp.dll
C:\WINDOWS\System32\_004087_.tmp.dll
C:\WINDOWS\System32\_004088_.tmp.dll
C:\WINDOWS\System32\_004093_.tmp.dll
C:\WINDOWS\System32\drivers\_003973_.tmp.dll
C:\WINDOWS\System32\drivers\_003981_.tmp.dll
C:\WINDOWS\System32\SET1065.tmp
C:\WINDOWS\System32\SET1067.tmp
C:\WINDOWS\System32\SET1068.tmp
C:\WINDOWS\System32\SET106D.tmp
C:\WINDOWS\System32\SET1072.tmp
C:\WINDOWS\System32\SET1080.tmp
C:\WINDOWS\System32\SET10A9.tmp
C:\WINDOWS\System32\SET10D5.tmp
C:\WINDOWS\System32\SET1137.tmp
C:\WINDOWS\System32\SET113A.tmp
C:\WINDOWS\System32\SET113F.tmp
C:\WINDOWS\System32\SET1144.tmp
C:\WINDOWS\System32\SET1152.tmp
C:\WINDOWS\System32\SET117B.tmp
C:\WINDOWS\System32\SET11A7.tmp
C:\WINDOWS\System32\SET143.tmp
C:\WINDOWS\System32\SET144.tmp
C:\WINDOWS\System32\SET146.tmp
C:\WINDOWS\System32\SET148.tmp
C:\WINDOWS\System32\SET149.tmp
C:\WINDOWS\System32\SET14A.tmp
C:\WINDOWS\System32\SET151.tmp
C:\WINDOWS\System32\SET152.tmp
C:\WINDOWS\System32\SET155.tmp
C:\WINDOWS\System32\SET160.tmp
C:\WINDOWS\System32\SET161.tmp
C:\WINDOWS\System32\SET163.tmp
C:\WINDOWS\System32\SET165.tmp
C:\WINDOWS\System32\SET166.tmp
C:\WINDOWS\System32\SET167.tmp
C:\WINDOWS\System32\SET16A.tmp
C:\WINDOWS\System32\SET16E.tmp
C:\WINDOWS\System32\SET16F.tmp
C:\WINDOWS\System32\SET172.tmp
C:\WINDOWS\System32\SET173.tmp
C:\WINDOWS\System32\SET174.tmp
C:\WINDOWS\System32\SET177.tmp
C:\WINDOWS\System32\SET178.tmp
C:\WINDOWS\System32\SET179.tmp
C:\WINDOWS\System32\SET17B.tmp
C:\WINDOWS\System32\SET17C.tmp
C:\WINDOWS\System32\SET17F.tmp
C:\WINDOWS\System32\SET180.tmp
C:\WINDOWS\System32\SET181.tmp
C:\WINDOWS\System32\SET182.tmp
C:\WINDOWS\System32\SET187.tmp
C:\WINDOWS\System32\SET188.tmp
C:\WINDOWS\System32\SET18A.tmp
C:\WINDOWS\System32\SET18B.tmp
C:\WINDOWS\System32\SET18C.tmp
C:\WINDOWS\System32\SET18D.tmp
C:\WINDOWS\System32\SET18F.tmp
C:\WINDOWS\System32\SET190.tmp
C:\WINDOWS\System32\SET193.tmp
C:\WINDOWS\System32\SET194.tmp
C:\WINDOWS\System32\SET195.tmp
C:\WINDOWS\System32\SET199.tmp
C:\WINDOWS\System32\SET19A.tmp
C:\WINDOWS\System32\SET19B.tmp
C:\WINDOWS\System32\SET19C.tmp
C:\WINDOWS\System32\SET19F.tmp
C:\WINDOWS\System32\SET1A1.tmp
C:\WINDOWS\System32\SET1A2.tmp
C:\WINDOWS\System32\SET1A3.tmp
C:\WINDOWS\System32\SET1A4.tmp
C:\WINDOWS\System32\SET1A5.tmp
C:\WINDOWS\System32\SET1A7.tmp
C:\WINDOWS\System32\SET1A9.tmp
C:\WINDOWS\System32\SET1AA.tmp
C:\WINDOWS\System32\SET1AE.tmp
C:\WINDOWS\System32\SET1B0.tmp
C:\WINDOWS\System32\SET1B1.tmp
C:\WINDOWS\System32\SET1B3.tmp
C:\WINDOWS\System32\SET1B4.tmp
C:\WINDOWS\System32\SET1B5.tmp
C:\WINDOWS\System32\SET1B6.tmp
C:\WINDOWS\System32\SET1B7.tmp
C:\WINDOWS\System32\SET1B8.tmp
C:\WINDOWS\System32\SET1B9.tmp
C:\WINDOWS\System32\SET1BB.tmp
C:\WINDOWS\System32\SET1BC.tmp
C:\WINDOWS\System32\SET1BD.tmp
C:\WINDOWS\System32\SET1BE.tmp
C:\WINDOWS\System32\SET1BF.tmp
C:\WINDOWS\System32\SET1C2.tmp
C:\WINDOWS\System32\SET1C5.tmp
C:\WINDOWS\System32\SET1C6.tmp
C:\WINDOWS\System32\SET1C7.tmp
C:\WINDOWS\System32\SET1C8.tmp
C:\WINDOWS\System32\SET1C9.tmp
C:\WINDOWS\System32\SET1CC.tmp
C:\WINDOWS\System32\SET1CE.tmp
C:\WINDOWS\System32\SET1CF.tmp
C:\WINDOWS\System32\SET1D2.tmp
C:\WINDOWS\System32\SET1D5.tmp
C:\WINDOWS\System32\SET1D6.tmp
C:\WINDOWS\System32\SET1D7.tmp
C:\WINDOWS\System32\SET1DD.tmp
C:\WINDOWS\System32\SET1DE.tmp
C:\WINDOWS\System32\SET1DF.tmp
C:\WINDOWS\System32\SET1E0.tmp
C:\WINDOWS\System32\SET1E1.tmp
C:\WINDOWS\System32\SET1E4.tmp
C:\WINDOWS\System32\SET1E5.tmp
C:\WINDOWS\System32\SET1E8.tmp
C:\WINDOWS\System32\SET1E9.tmp
C:\WINDOWS\System32\SET1EE.tmp
C:\WINDOWS\System32\SET1EF.tmp
C:\WINDOWS\System32\SET1F2.tmp
C:\WINDOWS\System32\SET1F3.tmp
C:\WINDOWS\System32\SET1F4.tmp
C:\WINDOWS\System32\SET1F5.tmp
C:\WINDOWS\System32\SET1F6.tmp
C:\WINDOWS\System32\SET1F7.tmp
C:\WINDOWS\System32\SET1F8.tmp
C:\WINDOWS\System32\SET1F9.tmp
C:\WINDOWS\System32\SET1FC.tmp
C:\WINDOWS\System32\SET1FD.tmp
C:\WINDOWS\System32\SET208.tmp
C:\WINDOWS\System32\SET20B.tmp
C:\WINDOWS\System32\SET20C.tmp
C:\WINDOWS\System32\SET20D.tmp
C:\WINDOWS\System32\SET20F.tmp
C:\WINDOWS\System32\SET211.tmp
C:\WINDOWS\System32\SET212.tmp
C:\WINDOWS\System32\SET213.tmp
C:\WINDOWS\System32\SET214.tmp
C:\WINDOWS\System32\SET216.tmp
C:\WINDOWS\System32\SET217.tmp
C:\WINDOWS\System32\SET219.tmp
C:\WINDOWS\System32\SET21A.tmp
C:\WINDOWS\System32\SET21B.tmp
C:\WINDOWS\System32\SET21C.tmp
C:\WINDOWS\System32\SET21D.tmp
C:\WINDOWS\System32\SET21E.tmp
C:\WINDOWS\System32\SET220.tmp
C:\WINDOWS\System32\SET221.tmp
C:\WINDOWS\System32\SET224.tmp
C:\WINDOWS\System32\SET227.tmp
C:\WINDOWS\System32\SET228.tmp
C:\WINDOWS\System32\SET229.tmp
C:\WINDOWS\System32\SET231.tmp
C:\WINDOWS\System32\SET234.tmp
C:\WINDOWS\System32\SET237.tmp
C:\WINDOWS\System32\SET238.tmp
C:\WINDOWS\System32\SET239.tmp
C:\WINDOWS\System32\SET23B.tmp
C:\WINDOWS\System32\SET23D.tmp
C:\WINDOWS\System32\SET23E.tmp
C:\WINDOWS\System32\SET240.tmp
C:\WINDOWS\System32\SET242.tmp
C:\WINDOWS\System32\SET243.tmp
C:\WINDOWS\System32\SET244.tmp
C:\WINDOWS\System32\SET245.tmp
C:\WINDOWS\System32\SET248.tmp
C:\WINDOWS\System32\SET249.tmp
C:\WINDOWS\System32\SET24A.tmp
C:\WINDOWS\System32\SET24E.tmp
C:\WINDOWS\System32\SET24F.tmp
C:\WINDOWS\System32\SET250.tmp
C:\WINDOWS\System32\SET251.tmp
C:\WINDOWS\System32\SET253.tmp
C:\WINDOWS\System32\SET254.tmp
C:\WINDOWS\System32\SET255.tmp
C:\WINDOWS\System32\SET258.tmp
C:\WINDOWS\System32\SET259.tmp
C:\WINDOWS\System32\SET25A.tmp
C:\WINDOWS\System32\SET260.tmp
C:\WINDOWS\System32\SET261.tmp
C:\WINDOWS\System32\SET262.tmp
C:\WINDOWS\System32\SET263.tmp
C:\WINDOWS\System32\SET264.tmp
C:\WINDOWS\System32\SET265.tmp
C:\WINDOWS\System32\SET268.tmp
C:\WINDOWS\System32\SET26A.tmp
C:\WINDOWS\System32\SET26D.tmp
C:\WINDOWS\System32\SET270.tmp
C:\WINDOWS\System32\SET273.tmp
C:\WINDOWS\System32\SET274.tmp
C:\WINDOWS\System32\SET275.tmp
C:\WINDOWS\System32\SET277.tmp
C:\WINDOWS\System32\SET278.tmp
C:\WINDOWS\System32\SET27B.tmp
C:\WINDOWS\System32\SET27C.tmp
C:\WINDOWS\System32\SET27D.tmp
C:\WINDOWS\System32\SET27E.tmp
C:\WINDOWS\System32\SET281.tmp
C:\WINDOWS\System32\SET282.tmp
C:\WINDOWS\System32\SET284.tmp
C:\WINDOWS\System32\SET289.tmp
C:\WINDOWS\System32\SET28A.tmp
C:\WINDOWS\System32\SET28C.tmp
C:\WINDOWS\System32\SET28D.tmp
C:\WINDOWS\System32\SET28E.tmp
C:\WINDOWS\System32\SET28F.tmp
C:\WINDOWS\System32\SET290.tmp
C:\WINDOWS\System32\SET291.tmp
C:\WINDOWS\System32\SET293.tmp
C:\WINDOWS\System32\SET294.tmp
C:\WINDOWS\System32\SET295.tmp
C:\WINDOWS\System32\SET297.tmp
C:\WINDOWS\System32\SET298.tmp
C:\WINDOWS\System32\SET299.tmp
C:\WINDOWS\System32\SET29B.tmp
C:\WINDOWS\System32\SET29E.tmp
C:\WINDOWS\System32\SET29F.tmp
C:\WINDOWS\System32\SET2A3.tmp
C:\WINDOWS\System32\SET2A4.tmp
C:\WINDOWS\System32\SET2A5.tmp
C:\WINDOWS\System32\SET2A8.tmp
C:\WINDOWS\System32\SET2AA.tmp
C:\WINDOWS\System32\SET2AB.tmp
C:\WINDOWS\System32\SET2AC.tmp
C:\WINDOWS\System32\SET2AD.tmp
C:\WINDOWS\System32\SET2AE.tmp
C:\WINDOWS\System32\SET2B0.tmp
C:\WINDOWS\System32\SET2B1.tmp
C:\WINDOWS\System32\SET2B2.tmp
C:\WINDOWS\System32\SET2B3.tmp
C:\WINDOWS\System32\SET2B4.tmp
C:\WINDOWS\System32\SET2B5.tmp
C:\WINDOWS\System32\SET2B7.tmp
C:\WINDOWS\System32\SET2B8.tmp
C:\WINDOWS\System32\SET2BA.tmp
C:\WINDOWS\System32\SET2BB.tmp
C:\WINDOWS\System32\SET2BE.tmp
C:\WINDOWS\System32\SET2BF.tmp
C:\WINDOWS\System32\SET2C6.tmp
C:\WINDOWS\System32\SET2C8.tmp
C:\WINDOWS\System32\SET2C9.tmp
C:\WINDOWS\System32\SET2CB.tmp
C:\WINDOWS\System32\SET2CC.tmp
C:\WINDOWS\System32\SET2CD.tmp
C:\WINDOWS\System32\SET2D0.tmp
C:\WINDOWS\System32\SET2D2.tmp
C:\WINDOWS\System32\SET2D3.tmp
C:\WINDOWS\System32\SET2D4.tmp
C:\WINDOWS\System32\SET2D6.tmp
C:\WINDOWS\System32\SET2D7.tmp
C:\WINDOWS\System32\SET2D9.tmp
C:\WINDOWS\System32\SET2DE.tmp
C:\WINDOWS\System32\SET2E0.tmp
C:\WINDOWS\System32\SET2E1.tmp
C:\WINDOWS\System32\SET2E2.tmp
C:\WINDOWS\System32\SET2E3.tmp
C:\WINDOWS\System32\SET2E4.tmp
C:\WINDOWS\System32\SET2E5.tmp
C:\WINDOWS\System32\SET2E7.tmp
C:\WINDOWS\System32\SET2E8.tmp
C:\WINDOWS\System32\SET2E9.tmp
C:\WINDOWS\System32\SET2EA.tmp
C:\WINDOWS\System32\SET2EB.tmp
C:\WINDOWS\System32\SET2EC.tmp
C:\WINDOWS\System32\SET2ED.tmp
C:\WINDOWS\System32\SET2EE.tmp
C:\WINDOWS\System32\SET2F0.tmp
C:\WINDOWS\System32\SET2F2.tmp
C:\WINDOWS\System32\SET2F5.tmp
C:\WINDOWS\System32\SET2F8.tmp
C:\WINDOWS\System32\SET2FA.tmp
C:\WINDOWS\System32\SET2FC.tmp
C:\WINDOWS\System32\SET2FD.tmp
C:\WINDOWS\System32\SET2FF.tmp
C:\WINDOWS\System32\SET301.tmp
C:\WINDOWS\System32\SET302.tmp
C:\WINDOWS\System32\SET303.tmp
C:\WINDOWS\System32\SET305.tmp
C:\WINDOWS\System32\SET307.tmp
C:\WINDOWS\System32\SET30A.tmp
C:\WINDOWS\System32\SET30B.tmp
C:\WINDOWS\System32\SET30C.tmp
C:\WINDOWS\System32\SET30E.tmp
C:\WINDOWS\System32\SET30F.tmp
C:\WINDOWS\System32\SET311.tmp
C:\WINDOWS\System32\SET312.tmp
C:\WINDOWS\System32\SET313.tmp
C:\WINDOWS\System32\SET314.tmp
C:\WINDOWS\System32\SET315.tmp
C:\WINDOWS\System32\SET316.tmp
C:\WINDOWS\System32\SET318.tmp
C:\WINDOWS\System32\SET319.tmp
C:\WINDOWS\System32\SET31A.tmp
C:\WINDOWS\System32\SET31C.tmp
C:\WINDOWS\System32\SET31D.tmp
C:\WINDOWS\System32\SET31E.tmp
C:\WINDOWS\System32\SET320.tmp
C:\WINDOWS\System32\SET321.tmp
C:\WINDOWS\System32\SET324.tmp
C:\WINDOWS\System32\SET325.tmp
C:\WINDOWS\System32\SET326.tmp
C:\WINDOWS\System32\SET327.tmp
C:\WINDOWS\System32\SET328.tmp
C:\WINDOWS\System32\SET32B.tmp
C:\WINDOWS\System32\SET32E.tmp
C:\WINDOWS\System32\SET32F.tmp
C:\WINDOWS\System32\SET330.tmp
C:\WINDOWS\System32\SET333.tmp
C:\WINDOWS\System32\SET335.tmp
C:\WINDOWS\System32\SET337.tmp
C:\WINDOWS\System32\SET338.tmp
C:\WINDOWS\System32\SET339.tmp
C:\WINDOWS\System32\SET33B.tmp
C:\WINDOWS\System32\SET33C.tmp
C:\WINDOWS\System32\SET33D.tmp
C:\WINDOWS\System32\SET340.tmp
C:\WINDOWS\System32\SET342.tmp
C:\WINDOWS\System32\SET343.tmp
C:\WINDOWS\System32\SET344.tmp
C:\WINDOWS\System32\SET346.tmp
C:\WINDOWS\System32\SET348.tmp
C:\WINDOWS\System32\SET349.tmp
C:\WINDOWS\System32\SET34C.tmp
C:\WINDOWS\System32\SET34F.tmp
C:\WINDOWS\System32\SET350.tmp
C:\WINDOWS\System32\SET351.tmp
C:\WINDOWS\System32\SET358.tmp
C:\WINDOWS\System32\SET35A.tmp
C:\WINDOWS\System32\SET35D.tmp
C:\WINDOWS\System32\SET35F.tmp
C:\WINDOWS\System32\SET363.tmp
C:\WINDOWS\System32\SET365.tmp
C:\WINDOWS\System32\SET367.tmp
C:\WINDOWS\System32\SET368.tmp
C:\WINDOWS\System32\SET369.tmp
C:\WINDOWS\System32\SET36C.tmp
C:\WINDOWS\System32\SET36D.tmp
C:\WINDOWS\System32\SET36E.tmp
C:\WINDOWS\System32\SET371.tmp
C:\WINDOWS\System32\SET376.tmp
C:\WINDOWS\System32\SET378.tmp
C:\WINDOWS\System32\SET37A.tmp
C:\WINDOWS\System32\SET37B.tmp
C:\WINDOWS\System32\SET381.tmp
C:\WINDOWS\System32\SET382.tmp
C:\WINDOWS\System32\SET383.tmp
C:\WINDOWS\System32\SET384.tmp
C:\WINDOWS\System32\SET385.tmp
C:\WINDOWS\System32\SET386.tmp
C:\WINDOWS\System32\SET387.tmp
C:\WINDOWS\System32\SET388.tmp
C:\WINDOWS\System32\SET38A.tmp
C:\WINDOWS\System32\SET38B.tmp
C:\WINDOWS\System32\SET38C.tmp
C:\WINDOWS\System32\SET38E.tmp
C:\WINDOWS\System32\SET391.tmp
C:\WINDOWS\System32\SET392.tmp
C:\WINDOWS\System32\SET395.tmp
C:\WINDOWS\System32\SET396.tmp
C:\WINDOWS\System32\SET398.tmp
C:\WINDOWS\System32\SET39D.tmp
C:\WINDOWS\System32\SET39F.tmp
C:\WINDOWS\System32\SET3A0.tmp
C:\WINDOWS\System32\SET3A1.tmp
C:\WINDOWS\System32\SET3A2.tmp
C:\WINDOWS\System32\SET3A4.tmp
C:\WINDOWS\System32\SET3A5.tmp
C:\WINDOWS\System32\SET3A6.tmp
C:\WINDOWS\System32\SET3A7.tmp
C:\WINDOWS\System32\SET3A8.tmp
C:\WINDOWS\System32\SET3AA.tmp
C:\WINDOWS\System32\SET3AF.tmp
C:\WINDOWS\System32\SET3B0.tmp
C:\WINDOWS\System32\SET3B2.tmp
C:\WINDOWS\System32\SET3B3.tmp
C:\WINDOWS\System32\SET3B4.tmp
C:\WINDOWS\System32\SET3BB.tmp
C:\WINDOWS\System32\SET3BF.tmp
C:\WINDOWS\System32\SET3C7.tmp
C:\WINDOWS\System32\SET3CB.tmp
C:\WINDOWS\System32\SET3CC.tmp
C:\WINDOWS\System32\SET3CD.tmp
C:\WINDOWS\System32\SET3CE.tmp
C:\WINDOWS\System32\SET3D1.tmp
C:\WINDOWS\System32\SET3D2.tmp
C:\WINDOWS\System32\SET3D3.tmp
C:\WINDOWS\System32\SET3DB.tmp
C:\WINDOWS\System32\SET3DD.tmp
C:\WINDOWS\System32\SET3DF.tmp
C:\WINDOWS\System32\SET3E3.tmp
C:\WINDOWS\System32\SET3E5.tmp
C:\WINDOWS\System32\SET3E6.tmp
C:\WINDOWS\System32\SET3ED.tmp
C:\WINDOWS\System32\SET3EF.tmp
C:\WINDOWS\System32\SET3F4.tmp
C:\WINDOWS\System32\SET3F5.tmp
C:\WINDOWS\System32\SET3F8.tmp
C:\WINDOWS\System32\SET3FC.tmp
C:\WINDOWS\System32\SET3FD.tmp
C:\WINDOWS\System32\SET400.tmp
C:\WINDOWS\System32\SET407.tmp
C:\WINDOWS\System32\SET408.tmp
C:\WINDOWS\System32\SET409.tmp
C:\WINDOWS\System32\SET40B.tmp
C:\WINDOWS\System32\SET40C.tmp
C:\WINDOWS\System32\SET40D.tmp
C:\WINDOWS\System32\SET40E.tmp
C:\WINDOWS\System32\SET410.tmp
C:\WINDOWS\System32\SET412.tmp
C:\WINDOWS\System32\SET413.tmp
C:\WINDOWS\System32\SET415.tmp
C:\WINDOWS\System32\SET418.tmp
C:\WINDOWS\System32\SET419.tmp
C:\WINDOWS\System32\SET41A.tmp
C:\WINDOWS\System32\SET41E.tmp
C:\WINDOWS\System32\SET41F.tmp
C:\WINDOWS\System32\SET420.tmp
C:\WINDOWS\System32\SET422.tmp
C:\WINDOWS\System32\SET424.tmp
C:\WINDOWS\System32\SET428.tmp
C:\WINDOWS\System32\SET42B.tmp
C:\WINDOWS\System32\SET42E.tmp
C:\WINDOWS\System32\SET430.tmp
C:\WINDOWS\System32\SET435.tmp
C:\WINDOWS\System32\SET439.tmp
C:\WINDOWS\System32\SET43C.tmp
C:\WINDOWS\System32\SET43E.tmp
C:\WINDOWS\System32\SET442.tmp
C:\WINDOWS\System32\SET445.tmp
C:\WINDOWS\System32\SET446.tmp
C:\WINDOWS\System32\SET447.tmp
C:\WINDOWS\System32\SET449.tmp
C:\WINDOWS\System32\SET44B.tmp
C:\WINDOWS\System32\SET44C.tmp
C:\WINDOWS\System32\SET450.tmp
C:\WINDOWS\System32\SET451.tmp
C:\WINDOWS\System32\SET453.tmp
C:\WINDOWS\System32\SET455.tmp
C:\WINDOWS\System32\SET456.tmp
C:\WINDOWS\System32\SET457.tmp
C:\WINDOWS\System32\SET45C.tmp
C:\WINDOWS\System32\SET45E.tmp
C:\WINDOWS\System32\SET45F.tmp
C:\WINDOWS\System32\SET463.tmp
C:\WINDOWS\System32\SET464.tmp
C:\WINDOWS\System32\SET465.tmp
C:\WINDOWS\System32\SET467.tmp
C:\WINDOWS\System32\SET46F.tmp
C:\WINDOWS\System32\SET475.tmp
C:\WINDOWS\System32\SET477.tmp
C:\WINDOWS\System32\SET478.tmp
C:\WINDOWS\System32\SET479.tmp
C:\WINDOWS\System32\SET485.tmp
C:\WINDOWS\System32\SET490.tmp
C:\WINDOWS\System32\SET4A3.tmp
C:\WINDOWS\System32\SET4A4.tmp
C:\WINDOWS\System32\SET4B7.tmp
C:\WINDOWS\System32\SET4C9.tmp
C:\WINDOWS\System32\SET4CE.tmp
C:\WINDOWS\System32\SET4D1.tmp
C:\WINDOWS\System32\SET4D8.tmp
C:\WINDOWS\System32\SET4D9.tmp
C:\WINDOWS\System32\SET4DA.tmp
C:\WINDOWS\System32\SET4DC.tmp
C:\WINDOWS\System32\SET4DD.tmp
C:\WINDOWS\System32\SET4DE.tmp
C:\WINDOWS\System32\SET4DF.tmp
C:\WINDOWS\System32\SET4E1.tmp
C:\WINDOWS\System32\SET4E3.tmp
C:\WINDOWS\System32\SET4E4.tmp
C:\WINDOWS\System32\SET4E6.tmp
C:\WINDOWS\System32\SET4E9.tmp
C:\WINDOWS\System32\SET4EB.tmp
C:\WINDOWS\System32\SET4F0.tmp
C:\WINDOWS\System32\SET4F1.tmp
C:\WINDOWS\System32\SET4F9.tmp
C:\WINDOWS\System32\SET4FF.tmp
C:\WINDOWS\System32\SET506.tmp
C:\WINDOWS\System32\SET50A.tmp
C:\WINDOWS\System32\SET50D.tmp
C:\WINDOWS\System32\SET50F.tmp
C:\WINDOWS\System32\SET513.tmp
C:\WINDOWS\System32\SET516.tmp
C:\WINDOWS\System32\SET517.tmp
C:\WINDOWS\System32\SET51C.tmp
C:\WINDOWS\System32\SET51D.tmp
C:\WINDOWS\System32\SET521.tmp
C:\WINDOWS\System32\SET522.tmp
C:\WINDOWS\System32\SET527.tmp
C:\WINDOWS\System32\SET52D.tmp
C:\WINDOWS\System32\SET53.tmp
C:\WINDOWS\System32\SET530.tmp
C:\WINDOWS\System32\SET534.tmp
C:\WINDOWS\System32\SET536.tmp
C:\WINDOWS\System32\SET538.tmp
C:\WINDOWS\System32\SET57.tmp
C:\WINDOWS\System32\SET5F.tmp
C:\WINDOWS\System32\SETA7.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

AGRSMMSG.EXE-0034A7F7.pf
APNTEX.EXE-2C02AAE6.pf
APOINT.EXE-1B53748D.pf
ATI2MDXX.EXE-00F23993.pf
ATIPRBXX.EXE-28AA41C0.pf
ATIPTAXX.EXE-18FE8D8B.pf
BDAGENT.EXE-11EBF49E.pf
CMD.EXE-087B4001.pf
CONTROL.EXE-013DBFB5.pf
CSCRIPT.EXE-1C26180C.pf
CTFMON.EXE-0E17969B.pf
DEFRAG.EXE-273F131E.pf
DFRGNTFS.EXE-269967DF.pf
DKICON.EXE-253EAB47.pf
DUMPREP.EXE-1B46F901.pf
DWWIN.EXE-30875ADC.pf
FDM.EXE-1EBA87D2.pf
HELPSVC.EXE-2878DDA2.pf
HIJACKTHIS(1).EXE-21C2E761.pf
HPZTSB12.EXE-0B929B9E.pf
IESHOW.EXE-0AED1730.pf
IEXPLORE.EXE-27122324.pf
IMAPI.EXE-0BF740A4.pf
IMJPMIG.EXE-03882F7A.pf
Layout.ini
LIST_KILLEM.EXE-2AC91642.pf
LOGON.SCR-151EFAEA.pf
LOGONUI.EXE-0AF22957.pf
MBAM.EXE-0BEE0439.pf
MBAMGUI.EXE-1286D63B.pf
MODE.COM-31685BAE.pf
NOTEPAD.EXE-336351A9.pf
NTOSBOOT-B00DFAAD.pf
OSA.EXE-2CD63980.pf
PV.EXE-33724C27.pf
QUICKSTART.EXE-1CEE9C20.pf
READER_SL.EXE-2B4EA1CB.pf
REG.EXE-0D2A95F7.pf
REGSVR32.EXE-25EEFE2F.pf
RSIT.EXE-08FC3919.pf
RUNDLL32.EXE-3D97474F.pf
RUNDLL32.EXE-451FC2C0.pf
SECCENTER.EXE-0C3FA3AC.pf
SIGNCHECK.EXE-28675D39.pf
SO.EXE-0C12C600.pf
SOFFICE.BIN-242AA534.pf
SOFFICE.EXE-2C1A3A5B.pf
STCLIENT_WRAPPER.EXE-0FBCE9FC.pf
TINTSETP.EXE-39BF0732.pf
UISCAN.EXE-1D502E3C.pf
UPGREPL.EXE-24BD643C.pf
VERCLSID.EXE-3667BD89.pf
WMIADAP.EXE-2DF425B2.pf
WMIPRVSE.EXE-28F301A9.pf
WSCNTFY.EXE-1B24F5EB.pf
WUAUCLT.EXE-399A8E72.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Ajouter un commentaire
Réponse
+0
moins plus
gen-hackman 68344Messages postés 30 avril 2008Date d'inscription 11 juin 2011Dernière intervention 8 nov. 2009 à 18:43
REDEMARRE EN MODE SANS ECHEC , puis :

▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

mais cette fois-ci :

▶ choisis l'option 2 = Mode Destruction

laisse travailler l'outil.

en fin de scan un rapport s'ouvre ,ferme-le
puis un scond , ferme-le

puis redemarre

▶ colle le contenu dans ta reponse apres avoir redemarré en mode normal :

C:\Kill'em.txt

Ajouter un commentaire
Ajouter un commentaire
Posez votre question
Ce document intitulé « rapport Hijackthis suite à message erreur » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?