|
ÃÑÌæßã Íá ááÎØà 0xc00007b
ÈÓã Çááå ÇáÑÍãÇä ÇáÑÍíã ÃÎæÇäí ÇáÃÚÒÇÁ åÐå ÇáãÏÉ ÍÕá áí ÎØà ÝÞáÊ ãÇ ÃáÇÞí Íá ÅáÇ Ýí ÒíÒææã æåÐå ÕæÑÉ ááÎØà ÚÐÑÇ áÃä äÙÇãí ÈÇáÝÑäÓíÉ æåÐÇ ÊÞÑíÑ ÇáÝÍÕ ÓÑíÚ ááÜ Bitdefender ßæÏ: QuickScan Beta 32-bit v0.9.9.35 ßæÏ: ------------------------------- Scan date: Fri Sep 03 19:12:40 2010 Machine ID: B08D8298 Found 39 infected files! ------------------------ C:\WINDOWS\system32\wuauclt.exe --> Win32.Parite.B --> Process wuauclt.exe (1476) --> Process wuauclt.exe (680) C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uha7.tmp --> Trojan.Generic.2616149 --> Process explorer.exe (196) --> Process wuauclt.exe (680) C:\WINDOWS\system32\msfeedssync.exe --> Win32.Parite.B --> c:\windows\tasks\user_feed_synchronization-{06c0b234-1af6-4fbb-8b75-5d7b361e633a}.job --> c:\windows\tasks\user_feed_synchronization-{47813102-7cf0-45e9-a4b9-7a7b09e2ee75}.job C:\WINDOWS\system32\sessmgr.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\RDSessMgr\"Imag ePath" C:\WINDOWS\system32\msiexec.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\MSIServer\"Imag ePath" C:\WINDOWS\system32\netdde.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\NetDDEdsdm\"Ima gePath" C:\WINDOWS\system32\cisvc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\CiSvc\"ImagePat h" C:\WINDOWS\System32\ups.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\UPS\"ImagePath" C:\Program Files\Real\RealUpgrade\realupgrade.exe --> Win32.Parite.B --> c:\windows\tasks\realupgradelogontasks-1-5-21-776561741-1336601894-1644491937-500.job --> c:\windows\tasks\realupgradescheduledtasks-1-5-21-776561741-1336601894-1644491937-500.job C:\WINDOWS\system32\msdtc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\MSDTC\"ImagePat h" C:\WINDOWS\Temp\jra2.tmp --> Trojan.Generic.2616149 --> Process vmware-authd.exe (2044) C:\WINDOWS\system32\clipsrv.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\ClipSrv\"ImageP ath" C:\WINDOWS\Temp\wbqCA.tmp --> Trojan.Generic.2616149 --> Process wuauclt.exe (1476) C:\WINDOWS\System32\dmadmin.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\dmadmin\"ImageP ath" C:\WINDOWS\system32\locator.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\RpcLocator\"Ima gePath" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\clr_optimizatio n_v2.0.50727_32\"ImagePath" C:\WINDOWS\system32\tlntsvr.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\TlntSvr\"ImageP ath" C:\WINDOWS\system32\imapi.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\ImapiService\"I magePath" C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\clr_optimizatio n_v4.0.30319_32\"ImagePath" C:\WINDOWS\system32\cmd.exe --> Win32.Parite.B --> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\"Al ternateShell" C:\WINDOWS\Network Diagnostic\xpnetdiag.exe --> Win32.Parite.B --> HKLM\Software\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}\"Exec" C:\WINDOWS\Temp\uxa4.tmp --> Trojan.Generic.2616149 --> Process vmware-authd.exe (2044) C:\Program Files\faceplus\pre_faceplus.exe --> Win32.Parite.B --> HKLM\Software\Microsoft\Windows\CurrentVersion\Run \"Face-Plus" C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\aspnet_state\"I magePath" C:\WINDOWS\system32\dllhost.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\COMSysApp\"Imag ePath" --> HKLM\System\ControlSet001\services\SwPrv\"ImagePat h" C:\WINDOWS\system32\rsvp.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\RSVP\"ImagePath " C:\WINDOWS\System32\alg.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\ALG\"ImagePath" C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\gusvc\"ImagePat h" C:\WINDOWS\System32\vssvc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\VSS\"ImagePath" C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\WPFFontCache_v0 400\"ImagePath" C:\WINDOWS\system32\smlogsvc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\SysmonLog\"Imag ePath" C:\WINDOWS\system32\spupdsvc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\spupdsvc\"Image Path" C:\WINDOWS\System32\SCardSvr.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\SCardSvr\"Image Path" C:\WINDOWS\system32\mnmsrvc.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\mnmsrvc\"ImageP ath" C:\WINDOWS\system32\spoolsv.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\Spooler\"ImageP ath" C:\Program Files\PC Connectivity Solution\ServiceLayer.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\ServiceLayer\"I magePath" c:\windows\system32\userinit.exe --> Win32.Parite.B --> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Userinit" C:\WINDOWS\system32\KB905474\wgasetup.exe --> Win32.Parite.B --> c:\windows\tasks\wgasetup.job C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe --> Win32.Parite.B --> HKLM\System\ControlSet001\services\ufad-ws60\"ImagePath" Processes --------- Face-Plus Application 1452 C:\Program Files\faceplus\faceplus.exe Microsoft® Windows® Operating System 680 C:\WINDOWS\system32\wuauclt.exe Microsoft® Windows® Operating System 1476 C:\WINDOWS\system32\wuauclt.exe Realtek Sound Manager 1092 C:\WINDOWS\soundman.exe Système d'exploitation Microsoft® Windo 196 C:\WINDOWS\explorer.exe Système d'exploitation Microsoft® Windo 1660 C:\WINDOWS\system32\winlogon.exe Google Update 1692 C:\Program Files\Google\Update\GoogleUpdate.exe Java(TM) Platform SE 6 U21 1588 C:\Program Files\Java\jre6\bin\jqs.exe Microsoft® Windows® Operating System 1516 C:\WINDOWS\system32\csrss.exe Microsoft® Windows® Operating System 1956 C:\WINDOWS\system32\lsass.exe Microsoft® Windows® Operating System 452 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 556 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1388 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1508 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 2012 C:\WINDOWS\system32\svchost.exe RealPlayer (32-bit) 1032 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe Système d'exploitation Microsoft® Windo 1904 C:\WINDOWS\system32\services.exe Système d'exploitation Microsoft® Windo 928 C:\WINDOWS\system32\smss.exe Système d'exploitation Microsoft® Windo 788 C:\WINDOWS\system32\wbem\wmiapsrv.exe VMware Workstation 216 C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe VMware Workstation 2044 C:\Program Files\VMware\VMware Workstation\vmware-authd.exe VMware Workstation 1736 C:\WINDOWS\system32\vmnat.exe VMware Workstation 1636 C:\WINDOWS\system32\vmnetdhcp.exe Windows® Internet Explorer 712 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 800 C:\Program Files\Internet Explorer\iexplore.exe Network activity ---------------- Process iexplore.exe (800) connected on port 80 (HTTP) --> 209.85.227.139 Process iexplore.exe (800) connected on port 80 (HTTP) --> 88.221.61.115 Process iexplore.exe (800) connected on port 80 (HTTP) --> 77.67.29.32 Process iexplore.exe (800) connected on port 80 (HTTP) --> 77.67.29.32 Process iexplore.exe (800) connected on port 80 (HTTP) --> 69.63.176.186 Process iexplore.exe (800) connected on port 80 (HTTP) --> 92.123.148.20 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 173.192.230.28 Process iexplore.exe (800) connected on port 80 (HTTP) --> 69.63.190.18 Process svchost.exe (556) listens on ports: 135 (RPC) Process vmware-authd.exe (2044) listens on ports: 912 Autoruns and critical files --------------------------- Application faceplus C:\Program Files\faceplus\pre_faceplus.exe MemoryDefrag.exe C:\Program Files\Windows Doctor\MemoryDefrag.exe Microsoft Genuine Advantage C:\WINDOWS\system32\KB905474\wgasetup.exe Realtek Sound Manager C:\WINDOWS\soundman.exe RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe Google Update C:\Program Files\Google\Update\GoogleUpdate.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll RealPlayer (32-bit) C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\upnpui.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll WindowBlinds 5.x for x86 machines C:\WINDOWS\system32\wbsys.dll Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- Download.dll C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\Download.dll facemoods.com c:\program files\facemoods.com\facemoods\1.3.60.23\facemoodst lbr.dll Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll Java(TM) Platform SE 6 U21 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Namoroka C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\components\firedo wnload.dll Namoroka C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\components\fir etorrent.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.6.7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll QuickTime Plug-in 7.6.7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll RealJukebox NS Plugin C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll RealPlayer(tm) HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll tb.dll c:\program files\yoono sidebar\tb.dll ybho.dll c:\program files\yoono sidebar\ybho.dll Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll getPlusPlus for Adobe 16287 C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll getPlusPlus for Adobe 16287 C:\Program Files\Mozilla Firefox\plugins\np_gp.dll Google Update C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.d ll Java Deployment Toolkit 6.0.210.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll Java(TM) Platform SE 6 U21 C:\Program Files\Java\jre6\bin\jp2ssv.dll Java(TM) Platform SE 6 U21 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Microsoft® Windows Live Login Helper C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll nppdf32.FRA C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll RealPlayer Download and Record Plugin C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll VMware Workstation C:\Program Files\VMware\VMware Workstation\vsocklib.dll Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll Missing files ------------- File not found: C:\Program Files\Avira\AntiVir Desktop\avgio.sys --> HKLM\System\ControlSet001\services\avgio\"ImagePat h" File not found: C:\Program Files\Avira\AntiVir Desktop\avguard.exe --> HKLM\System\ControlSet001\services\AntiVirService\ "ImagePath" File not found: C:\Program Files\Avira\AntiVir Desktop\sched.exe --> HKLM\System\ControlSet001\services\AntiVirSchedule rService\"ImagePath" File not found: C:\Program Files\Microsoft Security Essentials\MsMpEng.exe --> HKLM\System\ControlSet001\services\MsMpSvc\"ImageP ath" File not found: C:\WINDOWS\System32\hidserv.dll --> HKLM\System\ControlSet001\services\HidServ\Paramet ers\"ServiceDll" File not found: C:\WINDOWS\system32\nvsvc32.exe --> HKLM\System\ControlSet001\services\NVSvc\"ImagePat h" File not found: C:\WINDOWS\system32\zntport.sys --> HKLM\System\ControlSet001\services\zntport\"ImageP ath" File not found: system32\DRIVERS\VBoxNetFlt.sys --> HKLM\System\ControlSet001\services\VBoxNetFlt\"Ima gePath" File not found: system32\drivers\pmfilt.sys --> HKLM\System\ControlSet001\services\pmfilt\"ImagePa th" File not found: system32\drivers\pmhelp.sys --> HKLM\System\ControlSet001\services\pmhelp\"ImagePa th" Scan ---- MD5: caaff050997b84a1e7347adb34ca63b9 C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\components\firedo wnload.dll MD5: a5d8bb31502ad806907650c5d53d583b C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\Download.dll MD5: 2fa45b1544eea6f34c56e07b2d21c484 C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tatlsl8z.default\ext ensions\[email protected]\components\fir etorrent.dll MD5: 13f611ad51310d4a6ef0d87d7d4e8ea5 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ho ok\rpchromebrowserrecordhelper.dll MD5: 33e87713c7fe08c5f861e2819ed33a0e C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll MD5: 685f1cbd4af30a1d0c25f252d399a666 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uha7.tmp MD5: 1184b7de8056d0028337afcf9bdbcaf1 c:\program files\facemoods.com\facemoods\1.3.60.23\facemoodst lbr.dll MD5: 9643d8313de882fc659a873b28b22d51 C:\Program Files\faceplus\faceplus.exe MD5: f3982c20cef573fa8e9689c63f167db6 C:\Program Files\faceplus\pre_faceplus.exe MD5: 2caaef5ab410a5d69d57e3be0870e589 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA MD5: cb9852db1b4e56a9740fdc6e8de94e63 C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe MD5: ff801260d36068c07a5308bcf5819baf C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll MD5: 4a93524b0dfeea362de46b441c7667dc C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll MD5: 9bf1a8af22aadc7727f4e395c5c09b1b C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: 2d5394ff0e31ffefb5049f0911e91d89 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll MD5: bb926d30d9f25c11f05ddd9ac9482ddd C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll MD5: ae6e41e603ec3bec8afa2c7fec7f6a62 C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll MD5: bf7fddf686d4d8f5ca9409222309632f C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll MD5: af8038213a2470645a1995fc4376ad0e C:\Program Files\PC Connectivity Solution\ServiceLayer.exe MD5: 65aaaae3683285cb07e94017f49e11cc C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx MD5: 6ef18117cfc0f0e8ea301cc6c1abd511 C:\Program Files\QuickTime\QTSystem\QTCF.dll MD5: adb44517a839ee94132da3d548a16ad2 C:\Program Files\QuickTime\QTSystem\QuickTime.qts MD5: c5818fc1b9a04d2e1ecaf9241412257f C:\Program Files\QuickTime\QTSystem\QuickTime.Resources\Quick Time.dll MD5: 769ba2c0516c2cb44fdfc7329ea3c762 C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx MD5: b5a0c3c92ec381f93f7ee2ea9705d0e6 C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qt x MD5: ccda4f5727c3604c9d58506ad52d8b57 C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx MD5: 56dd59d810d58dbe439d6b58909b09e7 C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx MD5: 55127512330f03f76edbe9cda25f83e3 C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx MD5: 8c9a49dc6f15b66c532037e66ff7c625 C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx MD5: 45a0d2a39dbe8d853b1a81c0215864b0 C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx MD5: b128c415af501a475586d9c9017dff18 C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx MD5: b4f6b2b3abfa003689d3eeaff107adb7 C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx MD5: 65a7906b958481d62f44291cdc675ac0 C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.q tx MD5: 7f7e9ac081de86a2b89c5e1182552487 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx MD5: 89b63d322b51d547d10e6203c057ea26 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx MD5: 0fbce675bbe6a3ed430b815d59304d14 C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.q tx MD5: d95ec0ebc0bfd69ad3f4033ff09fc8c2 C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx MD5: 50e52d2f6da19c3629ab5382697a3921 C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx MD5: a64d04d44b671afe73f26de2047e6489 C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthori ng.qtx MD5: e91688c175f69cd4bbd67cad5a83c0ec C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras. qtx MD5: 2cef75d60c98bd02e7b5624da6f150e2 C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx MD5: 8a6b109de0918ead7c3181ed016164a0 C:\Program Files\Real\RealPlayer\hxaudiodevicehook.dll MD5: 0092348e1204f47c90e6c167ed46a504 C:\Program Files\Real\RealPlayer\lang\rpbrp_fr.dll MD5: ae6e41e603ec3bec8afa2c7fec7f6a62 C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll MD5: bf7fddf686d4d8f5ca9409222309632f C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll MD5: 58d8500f83639c46a5d3272c74178628 C:\Program Files\Real\RealUpgrade\realupgrade.exe MD5: b73395ac594243fe083eab8f18728be6 C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe MD5: 87a041ec63b4ac64edb5fe4abe148fa8 C:\Program Files\Windows Doctor\MemoryDefrag.exe MD5: ce611449c858ad3644807b3dbb75a474 C:\Program Files\Windows Media Player\WMPNetwk.exe MD5: 313438f7d1389c5478ff85feda13d95c c:\program files\yoono sidebar\tb.dll MD5: 4dcfb2fb637344df409bff9134935800 c:\program files\yoono sidebar\ybho.dll MD5: 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\explorer.exe MD5: 1bf5adcdc841b69ab00187abd53253a1 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll MD5: 844d0ba303d37e73b860d684f35e0ca1 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe MD5: f7e2b42a1a4d28d8932d437d0c6091af C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe MD5: 38c1c9e5fc2e06179b136f8bc75e4ffe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe MD5: 8747b0175f9dc1d4e23b59376ccd999f C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe MD5: 18cac7e8dafb1e02df2af60c252ec5f5 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe MD5: 326fa02660b40a63a71b0205362aa0a4 C:\WINDOWS\Network Diagnostic\xpnetdiag.exe MD5: fa8f537e02c8ddcff0eebef8ef9df5bf C:\WINDOWS\soundman.exe MD5: 36da51ee199b4180656b272e00582169 C:\WINDOWS\System32\alg.exe MD5: 17de9951b59201d52b98ba04fea9873c C:\WINDOWS\system32\batmeter.dll MD5: a96b52ea121afc13f4f3be184b9a7cc9 C:\WINDOWS\system32\browseui.dll MD5: 34a4f18969e61df5c069881cbb5a2877 C:\WINDOWS\system32\cisvc.exe MD5: 14053e23f08d0f700fa55876ffae703e C:\WINDOWS\system32\clipsrv.exe MD5: f4e34c54298da77015ffb92a17bf094c C:\WINDOWS\system32\cmd.exe MD5: d449df66b6335b443508a58b1e8db996 C:\WINDOWS\system32\comctl32.dll MD5: 065dd2c839e1f0e58aa2dfea15664feb C:\WINDOWS\system32\comdlg32.dll MD5: 699d22b70d6cd1b9759a14d10256a715 C:\WINDOWS\system32\comres.dll MD5: b69eaef94b25e53728d81c6d1f423b27 C:\WINDOWS\system32\credui.dll MD5: 40135c166ab6f5bd748465257effd300 C:\WINDOWS\system32\cryptui.dll MD5: 2104dfd839be5ce971ac3be0c0087c82 C:\WINDOWS\system32\cscdll.dll MD5: cf0729e54791621ab9a2e1af371c750a C:\WINDOWS\system32\cscui.dll MD5: 7e2830254fc158ac40a59dfdeb3a8bd5 C:\WINDOWS\system32\dllhost.exe MD5: 6555147d91ee6652a5f932fd047d0998 C:\WINDOWS\System32\dmadmin.exe MD5: b13408a5d89dcc39992ca0ddce3c86ba C:\WINDOWS\system32\drivers\DMBOOT.sys MD5: 4b8e401eebf76cd726834a16794a7b58 C:\WINDOWS\system32\drivers\TCPIP.sys MD5: afb10ad9aa91d2f70c9f0e6bda0d119b C:\WINDOWS\System32\Drivers\vmusb.sys MD5: acb3e43df97925df1964699c13c8da2b C:\WINDOWS\system32\imapi.exe MD5: a55db42bc32099bb6008d66fd339753a C:\WINDOWS\system32\KB905474\wgasetup.exe MD5: 2967cc2473e9dbc07cba43a20e3ed047 C:\WINDOWS\system32\locator.exe MD5: 88fad0d7dc19f39a40d3604c7839aa5c C:\WINDOWS\system32\logonui.exe MD5: ab7a783f77fbead0e4882a278ab785aa C:\WINDOWS\system32\mnmsrvc.exe MD5: 32537d99a4c936cbb9f2e9e67809f9e4 C:\WINDOWS\system32\modemui.dll MD5: bb6daf2d8db7d4e8f4255b93d38c67e8 C:\WINDOWS\system32\msdtc.exe MD5: 907fca99cb1cd67bdbd58628434f558d C:\WINDOWS\system32\msfeedssync.exe MD5: a603d8f0a7cdf0a459af2c51fafa9358 C:\WINDOWS\system32\msgina.dll MD5: f45d32bea6ba4406034b504795c646c5 C:\WINDOWS\system32\msieftp.dll MD5: 1d4a2b4baa0d9802c0b16a6a4c99a001 C:\WINDOWS\system32\msiexec.exe MD5: 1874bbad9ae4c993b74b7abaa8b9d535 C:\WINDOWS\system32\msvcp71.dll MD5: e5eecec5b24009c09069e5fa25bd4e7c C:\WINDOWS\system32\netdde.exe MD5: 45f3f687e9f6d0f03fcd1a40105b454b C:\WINDOWS\system32\netshell.dll MD5: b437b76fade0e9401b6ccc739355fcdd C:\WINDOWS\system32\ntshrui.dll MD5: b063b4b5a8ad27b1fd0aa41795d75167 C:\WINDOWS\system32\odbcint.dll MD5: 9549e1c756c86a77292069176c2ba1b6 C:\WINDOWS\system32\rasdlg.dll MD5: 992f82babbac10f149147d32c9322e80 C:\WINDOWS\system32\rsvp.exe MD5: 4595c451d8534e2f532189e051a20743 C:\WINDOWS\System32\SCardSvr.exe MD5: 27f668822a74bc7b93794b20b8079be7 C:\WINDOWS\system32\sessmgr.exe MD5: 9f46795bfb317a6f12297da807194d8c C:\WINDOWS\system32\setupapi.dll MD5: 766cc1864f4ac12932f356cb656dcd89 C:\WINDOWS\system32\sfc_os.dll MD5: 2c466bd74b623caf9d0df591954796c9 C:\WINDOWS\system32\shdoclc.dll MD5: 8182451a19f742a25f3722be3b21522a C:\WINDOWS\system32\shdocvw.dll MD5: 2fbbc95e5ff442f2a87fc326348f19fd C:\WINDOWS\system32\smlogsvc.exe MD5: 9cd7ba3f089dafeff6a3eb11ed127ac1 C:\WINDOWS\system32\spoolsv.exe MD5: 527d1b730127f5d8ee9e45acd525b7d2 C:\WINDOWS\system32\spupdsvc.exe MD5: ef00e20a39cf6d3e934c6ec21b72e2bf C:\WINDOWS\system32\stobject.dll MD5: 771ae5e97a7726cea2b3d26cc7c18217 C:\WINDOWS\system32\sxs.dll MD5: 47588de6fcd8b40a1070a61e8487eab5 C:\WINDOWS\system32\themeui.dll MD5: f83be5cdc104724ac6b3c9235b940cd0 C:\WINDOWS\system32\tlntsvr.exe MD5: b3f58cfc014741bd6427aa6b00896f25 C:\WINDOWS\system32\unimdm.tsp MD5: acfcf610cea607cb4b80b47847b27d53 C:\WINDOWS\System32\ups.exe MD5: de4a4ac7328fc80156034e7eb283676d C:\WINDOWS\system32\user32.dll MD5: 7dcfbf259c4c310a2fb40b63944cf1d8 c:\windows\system32\userinit.exe MD5: ddc3a522442309e1e069c17fb10d003d C:\WINDOWS\system32\uxtheme.dll MD5: ba1a4a2b0be95eb117a7c461aff9cdad C:\WINDOWS\System32\vssvc.exe MD5: de669722494cf41f6e39a62b3b08525c C:\WINDOWS\system32\winlogon.exe MD5: 640712ddfd3de3ad1fda456bd08374a3 C:\WINDOWS\system32\winsrv.dll MD5: ed2811f3650bf3b08c2ca3c9caa539e9 C:\WINDOWS\system32\wuauclt.exe MD5: 685f1cbd4af30a1d0c25f252d399a666 C:\WINDOWS\Temp\jra2.tmp MD5: 685f1cbd4af30a1d0c25f252d399a666 C:\WINDOWS\Temp\uxa4.tmp MD5: 685f1cbd4af30a1d0c25f252d399a666 C:\WINDOWS\Temp\wbqCA.tmp The following file(s) must be uploaded for server-side scanning: C:\Program Files\Real\RealUpgrade\realupgrade.exe C:\WINDOWS\System32\dmadmin.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\Network Diagnostic\xpnetdiag.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\vssvc.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\KB905474\wgasetup.exe C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe Upload started - 11 file(s) imapi.exe (328156) realupgrade.exe (353750) vmware-ufad.exe (370144) GoogleUpdaterService.exe (372192) dmadmin.exe (402902) vssvc.exe (473054) cmd.exe (580576) wgasetup.exe (631770) ServiceLayer.exe (793566) xpnetdiag.exe (885720) WPFFontCache_v0400.exe (931286) Upload speed - 45 KB/s Upload finished - 11 uploaded, 0 failed Scan finished - communication took 132 sec Total traffic - 5.86 MB sent, 1.36 KB recvd Scanned 737 files and modules - 184 seconds ================================================== ============================ æåÐÇ ÊÞÑíÑ HijackThis ßæÏ: Logfile of Trend Micro HijackThis v2.0.2 ßæÏ: Scan saved at 19:34:31, on 03/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\WINDOWS\system32\vmnat.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\Program Files\VMware\VMware Workstation\vmware-authd.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\faceplus\faceplus.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/?pc=AVBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=snd&s={searchTerms}&f=4 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Yoono BHO - {CC24584F-A50F-4138-B1B7-F0255274DB9A} - C:\PROGRA~1\YOONOS~1\ybho.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.3.60.23\facemoodsT lbr.dll O3 - Toolbar: Yoono toolbar - {D86FA331-DF95-46C8-8978-4C00D084C9A1} - C:\PROGRA~1\YOONOS~1\tb.dll O4 - HKLM\..\Run: [Face-Plus] C:\Program Files\faceplus\pre_faceplus.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user') O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...Q&n=2010071909 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Télécharger avec Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm O9 - Extra button: Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll O9 - Extra 'Tools' menuitem: Display Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll O15 - Trusted IP range: http://192.168.1.1 O15 - ESC Trusted IP range: http://192.168.1.1 O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing) O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing) O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe -- End of file - 6710 bytes æåÐÇ ÊÞÑíÑ ÇáÜ Runscanner ÃÊãäì ãäßã Íá Ýí ÃÓÑ æÞÊ áÃääí ÃÝßÑ Ýí ÇáÝæÑãÇÊ ÃßËÑ... |
| ÇáÓÇÚÉ ÇáÂä 08:26 PM |
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
ãäÊÏíÇÊ ÈáÇß ÈíÑí
mjawshy.net
ÇáãÌÇæÔí ááÊÞäíÉ ÇáãÊÞÏãÉ