Flux rss
Ils ont besoin de votre aide
Collection CommentCaMarche.net
Rechercher : dans
Par : Pertinence Date Nom d'utilisateur
Statut : Résolu

[XP] Fenetre MS DOS 16bits indesirable

Onizuka63, le samedi 15 avril 2006 à 11:05:02
Salut

Voila mon probleme.

Depuis une semaine une fenetre s'affiche :
- une avec ecran noir c:\Windows\temp\h91746.exe
- une autre m'indiquant une erreur :
Sous Systeme MS DOS 16 Bits
c:\Windows\temp\h91746.exe
Le processeur NTVDM a rencontré une instuction non autorisée.
CS:0f2f IP:01d4 OP:63 68 65 2f 31 Choississez "fermer" pour mettre fin a l'application.
2 choix possible : Fermer ou ignorer

De plus des fenetres publicitaires "s'approprient" mon ecran.

J'ai fais plusieurs recherche de virus avec Norton , A2 , Ad Aware, Spybot. Cela me detecte plein de fichiers malveillants mais la fenetre revient a chaque fois.

Le fichier "h91746.exe" ne peut pas etre supprimé en Mode normal , je l'ai donc supprimé en mode sans echec mais il est revenu.
Si quelqu'un as une idée , merci ! :)

Suite au message de Michel LATOUFFE, j'ai deplacé mon post au bon endroit .
je fais les tests et je collerai les résultats. :)
Répondre à Onizuka63  Signaler ce message aux modérateurs Aller au dernier message

1


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
bernie61, le samedi 15 avril 2006 à 11:06:51
hello
applique smitfrauFix
http://users.skynet.be/BernieClub/index.html#frau

et passes ensuite Ewido antitrojan
a+
   
Répondre à bernie61

2


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Onizuka63, le samedi 15 avril 2006 à 13:31:02
Me voila !

Donc voici les resultats des tests:

Ewido:

ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 11:26 -=On!ZùK@=-, 15/04/2006
+ Somme de contrôle: E936F1F4

+ Résultats du scan:

HKLM\SOFTWARE\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
HKU\S-1-5-21-861567501-688789844-725345543-1003\Software\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
[932] C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
[1676] C:\WINDOWS\ICROSO~1.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@paypopup[1].txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@yadro[2].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\3FDMVUGT\srvunh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\rdgUS2404[1].exe -> Downloader.Small.ayl : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\96IMVU6T\srvdnh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvdum[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvrbz[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvwpl[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Program Files\АppPatch\nοtepad.exe -> Adware.PurityScan : Nettoyer et sauvegarder
C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
C:\WINDOWS\Temp\agbpnbmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\aomelnnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cbjfohnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cgfakind.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\efboeknd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ffjbdamd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\hilkhfnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ifmkmmnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\kbbjjcmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\lciialnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\mbehhpnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\nnaecgnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win15.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win2B.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win4.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\winB.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Мicrosoft.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder


::Fin du rapport

BitDefender:

BitDefender Online Scanner

Scan report generated at: Sat, Apr 15, 2006 - 13:11:56

Scan path: A:\;C:\;E:\;F:\;

Statistics

Time
01:37:09

Files
552928

Folders
3319

Boot Sectors
2

Archives
26409

Packed Files
44049




Results

Identified Viruses
15

Infected Files
105

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
150




Engines Info

Virus Definitions
369945

Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins
13

Archive plugins
39

Unpack plugins
4

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Infected with: Trojan.Dropper.Vb.KK

C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Disinfection failed

C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Deleted

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Infected with: Exploit.Html.Codebase.Exec.Gen

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Disinfection failed

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Deleted

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Infected with: Trojan.Dialer.OY

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Disinfection failed

C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A

C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO

C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT

C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO

C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ

C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A

C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT

C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Infected with: Trojan.Downloader.Small.AYL

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Infected with: Trojan.Downloader.Small.AYL

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Infected with: Trojan.Downloader.Purityscan.W

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Infected with: Trojan.Downloader.Small.AYL

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Infected with: Trojan.Downloader.Small.AYL

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Infected with: Trojan.Downloader.Purityscan.W

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Infected with: Trojan.Downloader.Purityscan.BE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Infected with: Trojan.Downloader.Small.AYL

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Infected with: Trojan.Startpage.EX

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Infected with: Trojan.Dialer.OY

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Infected with: Trojan.Dropper.Vb.KK

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Deleted

C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Infected with: Trojan.Agent.QT

C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Disinfection failed

C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Delete failed

C:\WINDOWS\Temp\win35.tmp.exe
Infected with: Trojan.Dialer.OY

C:\WINDOWS\Temp\win35.tmp.exe
Disinfection failed

C:\WINDOWS\Temp\win35.tmp.exe
Delete failed

C:\WINDOWS\winres.dll
Infected with: Trojan.Startpage.EX

C:\WINDOWS\winres.dll
Disinfection failed

C:\WINDOWS\winres.dll
Deleted

C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Infected with: Trojan.PurityScan.AT

C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Disinfection failed

C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Deleted


HiJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 13:35 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe


Voila... j'espere que ce que j'ai fait est ok .
Merci pour vos reponses
   
Répondre à Onizuka63

3


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
bernie61, le samedi 15 avril 2006 à 13:35:41
re
tu as fais le smitfrauFix??

déjà pas mal nettoyé, ok,

passes aussi procédure l2mfix
http://users.skynet.be/BernieClub/index.html#l2mfix
a+
   
Répondre à bernie61

4


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Onizuka63, le samedi 15 avril 2006 à 14:53:47
SmitFraudFix v2.29

Rapport fait à 14:56:02,68, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\amcompat.tlb PRESENT !
C:\WINDOWS\system32\nscompat.tlb PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

[HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

[HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
   
Répondre à Onizuka63

5


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
bernie61, le samedi 15 avril 2006 à 15:06:06
re
ok et la suite de smitfrau... option 2

puis l2mfix
a+
   
Répondre à bernie61

6


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Onizuka63, le samedi 15 avril 2006 à 15:16:03
Alors rapport Highjackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:16 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Rapport Smitfrau option 2 :

SmitFraudFix v2.29

Rapport fait à 15:09:41,98, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Mes documents\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\amcompat.tlb supprimé
C:\WINDOWS\system32\nscompat.tlb supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Le reste arrive...
   
Répondre à Onizuka63

7


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Onizuka63, le samedi 15 avril 2006 à 15:19:49
L2MFIX find log 032106
These are the registry keys present
************************************************************­**********************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbug32]
"Asynchronous"=dword:00000001
"DllName"="winbug32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11C