[XP] Fenetre MS DOS 16bits indesirable
Résolu/Fermé
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
-
15 avril 2006 à 11:05
Onizuka63 Messages postés 27 Date d'inscription samedi 6 août 2005 Statut Membre Dernière intervention 19 janvier 2009 - 21 avril 2006 à 20:05
Onizuka63 Messages postés 27 Date d'inscription samedi 6 août 2005 Statut Membre Dernière intervention 19 janvier 2009 - 21 avril 2006 à 20:05
A voir également:
- [XP] Fenetre MS DOS 16bits indesirable
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Cle windows xp - Guide
- Raccourci agrandir fenetre - Guide
- Fenetre privée - Guide
- Mail indésirable - Guide
15 réponses
hello
applique smitfrauFix
http://users.skynet.be/BernieClub/index.html#frau
et passes ensuite Ewido antitrojan
a+
applique smitfrauFix
http://users.skynet.be/BernieClub/index.html#frau
et passes ensuite Ewido antitrojan
a+
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 13:31
15 avril 2006 à 13:31
Me voila !
Donc voici les resultats des tests:
Ewido:
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 11:26 -=On!ZùK@=-, 15/04/2006
+ Somme de contrôle: E936F1F4
+ Résultats du scan:
HKLM\SOFTWARE\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
HKU\S-1-5-21-861567501-688789844-725345543-1003\Software\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
[932] C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
[1676] C:\WINDOWS\ICROSO~1.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@paypopup[1].txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@yadro[2].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\3FDMVUGT\srvunh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\rdgUS2404[1].exe -> Downloader.Small.ayl : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\96IMVU6T\srvdnh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvdum[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvrbz[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvwpl[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Program Files\АppPatch\nοtepad.exe -> Adware.PurityScan : Nettoyer et sauvegarder
C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
C:\WINDOWS\Temp\agbpnbmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\aomelnnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cbjfohnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cgfakind.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\efboeknd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ffjbdamd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\hilkhfnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ifmkmmnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\kbbjjcmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\lciialnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\mbehhpnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\nnaecgnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win15.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win2B.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win4.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\winB.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Мicrosoft.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder
::Fin du rapport
BitDefender:
BitDefender Online Scanner
Scan report generated at: Sat, Apr 15, 2006 - 13:11:56
Scan path: A:\;C:\;E:\;F:\;
Statistics
Time
01:37:09
Files
552928
Folders
3319
Boot Sectors
2
Archives
26409
Packed Files
44049
Results
Identified Viruses
15
Infected Files
105
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
150
Engines Info
Virus Definitions
369945
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Infected with: Trojan.Dropper.Vb.KK
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Deleted
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Infected with: Exploit.Html.Codebase.Exec.Gen
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Deleted
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Infected with: Trojan.Dialer.OY
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Infected with: Trojan.Downloader.Purityscan.W
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Infected with: Trojan.Downloader.Purityscan.W
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Infected with: Trojan.Downloader.Purityscan.BE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Infected with: Trojan.Startpage.EX
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Infected with: Trojan.Dropper.Vb.KK
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Deleted
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Infected with: Trojan.Agent.QT
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Disinfection failed
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Delete failed
C:\WINDOWS\Temp\win35.tmp.exe
Infected with: Trojan.Dialer.OY
C:\WINDOWS\Temp\win35.tmp.exe
Disinfection failed
C:\WINDOWS\Temp\win35.tmp.exe
Delete failed
C:\WINDOWS\winres.dll
Infected with: Trojan.Startpage.EX
C:\WINDOWS\winres.dll
Disinfection failed
C:\WINDOWS\winres.dll
Deleted
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Infected with: Trojan.PurityScan.AT
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Disinfection failed
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Deleted
HiJackThis:
Logfile of HijackThis v1.99.1
Scan saved at 13:35 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Voila... j'espere que ce que j'ai fait est ok .
Merci pour vos reponses
Donc voici les resultats des tests:
Ewido:
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 11:26 -=On!ZùK@=-, 15/04/2006
+ Somme de contrôle: E936F1F4
+ Résultats du scan:
HKLM\SOFTWARE\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
HKU\S-1-5-21-861567501-688789844-725345543-1003\Software\PVM -> Adware.Hotsurprise : Nettoyer et sauvegarder
[932] C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
[1676] C:\WINDOWS\ICROSO~1.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@paypopup[1].txt -> TrackingCookie.Paypopup : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@yadro[2].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Cookies\onizuka63@zedo[1].txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\3FDMVUGT\srvunh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\rdgUS2404[1].exe -> Downloader.Small.ayl : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\96IMVU6T\srvdnh[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvdum[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvrbz[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\WR4NUJ8L\srvwpl[1].exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\Program Files\АppPatch\nοtepad.exe -> Adware.PurityScan : Nettoyer et sauvegarder
C:\WINDOWS\system32\dfrgsrv.exe -> Trojan.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\winbug32.dll -> Trojan.Agent.qt : Nettoyer et sauvegarder
C:\WINDOWS\Temp\agbpnbmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\aomelnnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cbjfohnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\cgfakind.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\efboeknd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ffjbdamd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\hilkhfnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\ifmkmmnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\kbbjjcmd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\lciialnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\mbehhpnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\nnaecgnd.exe -> Trojan.Dialer.ay : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win15.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win2B.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\win4.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Temp\winB.tmp.exe -> Trojan.Dialer.oy : Nettoyer et sauvegarder
C:\WINDOWS\Мicrosoft.NET\winspool.exe -> Downloader.PurityScan.w : Nettoyer et sauvegarder
::Fin du rapport
BitDefender:
BitDefender Online Scanner
Scan report generated at: Sat, Apr 15, 2006 - 13:11:56
Scan path: A:\;C:\;E:\;F:\;
Statistics
Time
01:37:09
Files
552928
Folders
3319
Boot Sectors
2
Archives
26409
Packed Files
44049
Results
Identified Viruses
15
Infected Files
105
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
150
Engines Info
Virus Definitions
369945
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Infected with: Trojan.Dropper.Vb.KK
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temp\svshost.exe
Deleted
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Infected with: Exploit.Html.Codebase.Exec.Gen
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\1DL2FJTY\support[1].htm
Deleted
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Infected with: Trojan.Dialer.OY
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Disinfection failed
C:\Documents and Settings\Onizuka63\Local Settings\Temporary Internet Files\Content.IE5\6EV3LOR3\srvxvc[1].exe
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\0585312A.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\058C5611.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1DD56908.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\218C1612.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2190400E.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23D91784.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23DD4180.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\23E06B7C.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\27070DB0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\298424FE.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2B3F1CA0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2BD31C74.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2C6920E1.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\397811CA.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4505492F.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\45A0065B.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\460F2EE6.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47B95457.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4E3D73C0.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4F521D07.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6275666E.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\639D4708.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\63BC46FF.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\65933FAA.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047083.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP141\A0047136.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Infected with: Trojan.Downloader.Purityscan.W
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047357.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP142\A0047369.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047535.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047536.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047537.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047538.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047539.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047540.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047541.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047545.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP143\A0047546.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047668.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Infected with: Trojan.Downloader.Purityscan.W
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047669.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Infected with: Trojan.Downloader.Purityscan.BE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047672.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Infected with: Trojan.Downloader.Small.AYL
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP144\A0047686.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047750.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047751.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047752.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047753.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047754.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047755.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047756.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047757.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047759.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047760.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047761.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047762.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047763.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047764.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047765.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047766.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047767.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047768.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047769.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047770.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047771.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047772.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047773.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047774.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047775.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047776.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047777.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Infected with: Trojan.Startpage.EX
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047778.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Infected with: Trojan.Dialer.OY
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047779.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047780.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047781.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047782.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047783.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Infected with: Trojan.Dropper.Vb.KK
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047822.exe
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047982.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Insta.A
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047983.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047984.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047985.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047986.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Infected with: Trojan.PurityScan.AT
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047987.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047988.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047989.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047990.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.LO
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047991.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047992.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047993.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047994.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047995.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047996.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047997.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.FLQ
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047998.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0047999.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ON
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048000.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048001.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048002.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Purityscan.BT
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048003.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Infected with: Trojan.Dialer.EE
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{E8006C91-8EBA-407D-A9F5-C18270AD5137}\RP145\A0048004.exe=>(Quarantine-2)
Deleted
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Infected with: Trojan.Agent.QT
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Disinfection failed
C:\WINDOWS\system32\__delete_on_reboot__winbug32.dll
Delete failed
C:\WINDOWS\Temp\win35.tmp.exe
Infected with: Trojan.Dialer.OY
C:\WINDOWS\Temp\win35.tmp.exe
Disinfection failed
C:\WINDOWS\Temp\win35.tmp.exe
Delete failed
C:\WINDOWS\winres.dll
Infected with: Trojan.Startpage.EX
C:\WINDOWS\winres.dll
Disinfection failed
C:\WINDOWS\winres.dll
Deleted
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Infected with: Trojan.PurityScan.AT
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Disinfection failed
C:\WINDOWS\ICROSO~1.NET\__delete_on_reboot__winspool.exe
Deleted
HiJackThis:
Logfile of HijackThis v1.99.1
Scan saved at 13:35 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Voila... j'espere que ce que j'ai fait est ok .
Merci pour vos reponses
re
tu as fais le smitfrauFix??
déjà pas mal nettoyé, ok,
passes aussi procédure l2mfix
http://users.skynet.be/BernieClub/index.html#l2mfix
a+
tu as fais le smitfrauFix??
déjà pas mal nettoyé, ok,
passes aussi procédure l2mfix
http://users.skynet.be/BernieClub/index.html#l2mfix
a+
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 14:53
15 avril 2006 à 14:53
SmitFraudFix v2.29
Rapport fait à 14:56:02,68, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\amcompat.tlb PRESENT !
C:\WINDOWS\system32\nscompat.tlb PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
[HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Rapport fait à 14:56:02,68, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\amcompat.tlb PRESENT !
C:\WINDOWS\system32\nscompat.tlb PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Onizuka63\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
[HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 15:16
15 avril 2006 à 15:16
Alors rapport Highjackthis :
Logfile of HijackThis v1.99.1
Scan saved at 15:16 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Rapport Smitfrau option 2 :
SmitFraudFix v2.29
Rapport fait à 15:09:41,98, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Mes documents\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\amcompat.tlb supprimé
C:\WINDOWS\system32\nscompat.tlb supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Le reste arrive...
Logfile of HijackThis v1.99.1
Scan saved at 15:16 , on 15/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Rapport Smitfrau option 2 :
SmitFraudFix v2.29
Rapport fait à 15:09:41,98, 15/04/2006
Executé à partir de C:\Documents and Settings\Onizuka63\Mes documents\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\amcompat.tlb supprimé
C:\WINDOWS\system32\nscompat.tlb supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Le reste arrive...
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 15:19
15 avril 2006 à 15:19
L2MFIX find log 032106
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbug32]
"Asynchronous"=dword:00000001
"DllName"="winbug32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{1EBC3533-B289-409F-9924-B84B3F0717D2}"="AceFTP Context Menu Shell Extension"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{2AA59FC0-31E8-42DA-9D3C-E9A52953853B}"="CopyToCD shell extension"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
browseui.dll Sat 4 Mar 2006 5:34:58 A.... 1 023 488 999,50 K
cdfview.dll Sat 4 Mar 2006 5:34:58 A.... 152 064 148,50 K
cygwin1.dll Fri 14 Apr 2006 22:59:26 A.... 1 126 281 1,07 M
cygz.dll Fri 14 Apr 2006 22:59:26 A.... 35 328 34,50 K
danim.dll Sat 4 Mar 2006 5:34:58 A.... 1 056 768 1,01 M
dxtrans.dll Sat 4 Mar 2006 5:34:58 A.... 205 312 200,50 K
extmgr.dll Sat 4 Mar 2006 5:34:58 A.... 55 808 54,50 K
ff_vfw.dll Fri 27 Jan 2006 15:36:06 A.... 6 144 6,00 K
iepeers.dll Sat 4 Mar 2006 5:34:58 A.... 251 392 245,50 K
inetcomm.dll Fri 17 Mar 2006 11:11:46 A.... 679 424 663,50 K
inseng.dll Sat 4 Mar 2006 5:34:58 A.... 96 768 94,50 K
lame_enc.dll Fri 14 Apr 2006 23:25:00 A.... 237 568 232,00 K
mshtml.dll Thu 23 Mar 2006 22:35:42 A.... 3 074 560 2,93 M
mshtmled.dll Sat 4 Mar 2006 5:35:00 A.... 448 512 438,00 K
msrating.dll Sat 4 Mar 2006 5:35:00 A.... 146 432 143,00 K
mstime.dll Sat 4 Mar 2006 5:35:02 A.... 532 480 520,00 K
pngfilt.dll Sat 4 Mar 2006 5:35:02 A.... 39 424 38,50 K
shdocvw.dll Thu 30 Mar 2006 11:26:12 A.... 1 492 992 1,42 M
shell32.dll Fri 17 Mar 2006 6:07:40 A.... 8 508 416 8,11 M
shlwapi.dll Sat 4 Mar 2006 5:35:02 A.... 474 624 463,50 K
urlmon.dll Sat 18 Mar 2006 13:09:54 A.... 615 424 601,00 K
wininet.dll Sat 4 Mar 2006 5:35:02 A.... 662 528 647,00 K
wmp.dll Fri 10 Mar 2006 6:09:14 A.... 5 533 696 5,28 M
x264vfw.dll Wed 8 Feb 2006 17:31:12 A.... 454 162 443,52 K
xpsp3res.dll Thu 30 Mar 2006 3:16:46 A.... 17 920 17,50 K
25 items found: 25 files, 0 directories.
Total of file sizes: 26 927 515 bytes 25,68 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D81A-DF92
R‚pertoire de C:\WINDOWS\System32
14/04/2006 23:30 -=On!Z—K@=- 12ÿ208 KGyGaAvL.sys
12/04/2006 17:46 -=On!Z—K@=- <REP> dllcache
28/11/2005 20:38 -=On!Z—K@=- <REP> Microsoft
1 fichier(s) 12ÿ208 octets
2 R‚p(s) 18ÿ942ÿ226ÿ432 octets libres
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbug32]
"Asynchronous"=dword:00000001
"DllName"="winbug32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"
"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{1EBC3533-B289-409F-9924-B84B3F0717D2}"="AceFTP Context Menu Shell Extension"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{2AA59FC0-31E8-42DA-9D3C-E9A52953853B}"="CopyToCD shell extension"
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"
**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:
C:\WINDOWS\SYSTEM32\
browseui.dll Sat 4 Mar 2006 5:34:58 A.... 1 023 488 999,50 K
cdfview.dll Sat 4 Mar 2006 5:34:58 A.... 152 064 148,50 K
cygwin1.dll Fri 14 Apr 2006 22:59:26 A.... 1 126 281 1,07 M
cygz.dll Fri 14 Apr 2006 22:59:26 A.... 35 328 34,50 K
danim.dll Sat 4 Mar 2006 5:34:58 A.... 1 056 768 1,01 M
dxtrans.dll Sat 4 Mar 2006 5:34:58 A.... 205 312 200,50 K
extmgr.dll Sat 4 Mar 2006 5:34:58 A.... 55 808 54,50 K
ff_vfw.dll Fri 27 Jan 2006 15:36:06 A.... 6 144 6,00 K
iepeers.dll Sat 4 Mar 2006 5:34:58 A.... 251 392 245,50 K
inetcomm.dll Fri 17 Mar 2006 11:11:46 A.... 679 424 663,50 K
inseng.dll Sat 4 Mar 2006 5:34:58 A.... 96 768 94,50 K
lame_enc.dll Fri 14 Apr 2006 23:25:00 A.... 237 568 232,00 K
mshtml.dll Thu 23 Mar 2006 22:35:42 A.... 3 074 560 2,93 M
mshtmled.dll Sat 4 Mar 2006 5:35:00 A.... 448 512 438,00 K
msrating.dll Sat 4 Mar 2006 5:35:00 A.... 146 432 143,00 K
mstime.dll Sat 4 Mar 2006 5:35:02 A.... 532 480 520,00 K
pngfilt.dll Sat 4 Mar 2006 5:35:02 A.... 39 424 38,50 K
shdocvw.dll Thu 30 Mar 2006 11:26:12 A.... 1 492 992 1,42 M
shell32.dll Fri 17 Mar 2006 6:07:40 A.... 8 508 416 8,11 M
shlwapi.dll Sat 4 Mar 2006 5:35:02 A.... 474 624 463,50 K
urlmon.dll Sat 18 Mar 2006 13:09:54 A.... 615 424 601,00 K
wininet.dll Sat 4 Mar 2006 5:35:02 A.... 662 528 647,00 K
wmp.dll Fri 10 Mar 2006 6:09:14 A.... 5 533 696 5,28 M
x264vfw.dll Wed 8 Feb 2006 17:31:12 A.... 454 162 443,52 K
xpsp3res.dll Thu 30 Mar 2006 3:16:46 A.... 17 920 17,50 K
25 items found: 25 files, 0 directories.
Total of file sizes: 26 927 515 bytes 25,68 M
Locate .tmp files:
No matches found.
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est D81A-DF92
R‚pertoire de C:\WINDOWS\System32
14/04/2006 23:30 -=On!Z—K@=- 12ÿ208 KGyGaAvL.sys
12/04/2006 17:46 -=On!Z—K@=- <REP> dllcache
28/11/2005 20:38 -=On!Z—K@=- <REP> Microsoft
1 fichier(s) 12ÿ208 octets
2 R‚p(s) 18ÿ942ÿ226ÿ432 octets libres
re
il faudra passer aussi par http://users.skynet.be/BernieClub/index.html#lspexplorer
car tu es infecté par LOP (www.prosearching.com = lop.com)
a+
il faudra passer aussi par http://users.skynet.be/BernieClub/index.html#lspexplorer
car tu es infecté par LOP (www.prosearching.com = lop.com)
a+
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 15:42
15 avril 2006 à 15:42
L2mfix 032106
Creating Account.
Le compte existe d‚j….
Vous obtiendrez une aide suppl‚mentaire en entrant NET HELPMSG 2224.
Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful
Running From:
C:\WINDOWS\system32
Killing Processes!
Running From:
C:\WINDOWS\system32
Killing Processes!
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 668 'smss.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'win
Creating Account.
Le compte existe d‚j….
Vous obtiendrez une aide suppl‚mentaire en entrant NET HELPMSG 2224.
Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful
Running From:
C:\WINDOWS\system32
Killing Processes!
Running From:
C:\WINDOWS\system32
Killing Processes!
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 668 'smss.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'winlogon.exe'
Killing PID 920 'win
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 15:46
15 avril 2006 à 15:46
Voila le dernier demandé...
LSP Explorer export.
Created on:15/04/2006 15:49:12
---------------------------------------------
Layered Service Providers
MSAFD Tcpip [TCP/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1001
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020066
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_GRACEFUL_CLOSE
XP1_EXPEDITED_DATA
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $00000000
Security Sheme : 0
Byte Order : Big Endian
Protocol : 6
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Stream
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD Tcpip [UDP/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1002
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 17
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD Tcpip [RAW/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1003
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $0000000C
PFL_HIDDEN
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 0
Protocol MaxOffset : $000000FF
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
RSVP UDP Service Provider
Filename : C:\WINDOWS\system32\rsvpsp.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : Microsoft Windows Rsvp 1.0 Service Provider
File version : 5.1.2600.0 (xpclient.010817-1148)
Internal name : rsvpsp.dll
Original filename : rsvpsp.dll
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.0
Version : 6
Catalog Entry : 1004
Address Family : internetwork: UDP, TCP, etc.
Provider : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Service Flags 1 : $00022609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_QOS_SUPPORTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 17
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 87881860
RSVP TCP Service Provider
Filename : C:\WINDOWS\system32\rsvpsp.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : Microsoft Windows Rsvp 1.0 Service Provider
File version : 5.1.2600.0 (xpclient.010817-1148)
Internal name : rsvpsp.dll
Original filename : rsvpsp.dll
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.0
Version : 6
Catalog Entry : 1005
Address Family : internetwork: UDP, TCP, etc.
Provider : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Service Flags 1 : $00022066
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_GRACEFUL_CLOSE
XP1_EXPEDITED_DATA
XP1_QOS_SUPPORTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $00000000
Security Sheme : 0
Byte Order : Big Endian
Protocol : 6
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Stream
Protocol Chain length : 1
Protocol Chain Entry (0) : 1835400
MSAFD NetBIOS [\Device\NetBT_Tcpip_{284ACCBD-D3B7-43AD-9E8B-8BA3642336CF}] SEQPACKET 4
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1046
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -4
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{284ACCBD-D3B7-43AD-9E8B-8BA3642336CF}] DATAGRAM 4
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1047
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -4
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E53C8FE-44D2-467F-80C4-8574FF8CE8B9}] SEQPACKET 3
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1048
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -3
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E53C8FE-44D2-467F-80C4-8574FF8CE8B9}] DATAGRAM 3
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1049
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -3
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{77FEBB28-2F29-4FFF-B728-49564485983B}] SEQPACKET 0
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1050
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2147483648
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{77FEBB28-2F29-4FFF-B728-49564485983B}] DATAGRAM 0
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1051
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2147483648
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{417C75DE-E3A7-4DD6-BB06-07460DFC3080}] SEQPACKET 1
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1052
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -1
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{417C75DE-E3A7-4DD6-BB06-07460DFC3080}] DATAGRAM 1
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1053
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -1
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE364666-7F09-4F4E-B7D9-FFE74A4F2BE1}] SEQPACKET 2
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1054
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE364666-7F09-4F4E-B7D9-FFE74A4F2BE1}] DATAGRAM 2
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1055
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
Name Space Providers
Description : TCP/IP
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
NameSpace : NS_DNS
Active : Yes
Protocol Version : 0
Provider : {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Description : NTDS
Filename : C:\WINDOWS\system32\winrnr.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : LDAP RnR Provider DLL
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : winrnr
Original filename : winrnr
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.2180
NameSpace : NS_NTDS
Active : Yes
Protocol Version : 0
Provider : {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Description : Espace de noms NLA (Network Location Awareness)
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
NameSpace : Unknown
Active : Yes
Protocol Version : 0
Provider : {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
LSP Explorer export.
Created on:15/04/2006 15:49:12
---------------------------------------------
Layered Service Providers
MSAFD Tcpip [TCP/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1001
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020066
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_GRACEFUL_CLOSE
XP1_EXPEDITED_DATA
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $00000000
Security Sheme : 0
Byte Order : Big Endian
Protocol : 6
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Stream
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD Tcpip [UDP/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1002
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 17
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD Tcpip [RAW/IP]
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1003
Address Family : internetwork: UDP, TCP, etc.
Provider : {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Service Flags 1 : $00020609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $0000000C
PFL_HIDDEN
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 0
Protocol MaxOffset : $000000FF
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
RSVP UDP Service Provider
Filename : C:\WINDOWS\system32\rsvpsp.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : Microsoft Windows Rsvp 1.0 Service Provider
File version : 5.1.2600.0 (xpclient.010817-1148)
Internal name : rsvpsp.dll
Original filename : rsvpsp.dll
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.0
Version : 6
Catalog Entry : 1004
Address Family : internetwork: UDP, TCP, etc.
Provider : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Service Flags 1 : $00022609
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_MULTIPOINT
XP1_QOS_SUPPORTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FFBB
Security Sheme : 0
Byte Order : Big Endian
Protocol : 17
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 87881860
RSVP TCP Service Provider
Filename : C:\WINDOWS\system32\rsvpsp.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : Microsoft Windows Rsvp 1.0 Service Provider
File version : 5.1.2600.0 (xpclient.010817-1148)
Internal name : rsvpsp.dll
Original filename : rsvpsp.dll
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.0
Version : 6
Catalog Entry : 1005
Address Family : internetwork: UDP, TCP, etc.
Provider : {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Service Flags 1 : $00022066
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_GRACEFUL_CLOSE
XP1_EXPEDITED_DATA
XP1_QOS_SUPPORTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $00000000
Security Sheme : 0
Byte Order : Big Endian
Protocol : 6
Protocol MaxOffset : $00000000
Min Socket Address : $00000010
Max Socket Address : $00000010
Socket Type : Stream
Protocol Chain length : 1
Protocol Chain Entry (0) : 1835400
MSAFD NetBIOS [\Device\NetBT_Tcpip_{284ACCBD-D3B7-43AD-9E8B-8BA3642336CF}] SEQPACKET 4
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1046
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -4
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{284ACCBD-D3B7-43AD-9E8B-8BA3642336CF}] DATAGRAM 4
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1047
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -4
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E53C8FE-44D2-467F-80C4-8574FF8CE8B9}] SEQPACKET 3
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1048
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -3
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0E53C8FE-44D2-467F-80C4-8574FF8CE8B9}] DATAGRAM 3
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1049
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -3
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{77FEBB28-2F29-4FFF-B728-49564485983B}] SEQPACKET 0
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1050
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2147483648
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{77FEBB28-2F29-4FFF-B728-49564485983B}] DATAGRAM 0
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1051
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000008
PFL_MATCHES_PROTOCOL_ZERO
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2147483648
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{417C75DE-E3A7-4DD6-BB06-07460DFC3080}] SEQPACKET 1
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1052
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -1
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{417C75DE-E3A7-4DD6-BB06-07460DFC3080}] DATAGRAM 1
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1053
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -1
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE364666-7F09-4F4E-B7D9-FFE74A4F2BE1}] SEQPACKET 2
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1054
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $0002000E
XP1_GUARANTEED_DELIVERY
XP1_GUARANTEED_ORDER
XP1_MESSAGE_ORIENTED
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Unknown
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
MSAFD NetBIOS [\Device\NetBT_Tcpip_{DE364666-7F09-4F4E-B7D9-FFE74A4F2BE1}] DATAGRAM 2
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
Version : 2
Catalog Entry : 1055
Address Family : NetBios-style addresses
Provider : {8D5F1830-C273-11CF-95C8-00805F48A192}
Service Flags 1 : $00020209
XP1_CONNECTIONLESS
XP1_MESSAGE_ORIENTED
XP1_SUPPORT_BROADCAST
XP1_SUPPORT_BROADCAST
XP1_IFS_HANDLES
Service Flags 2 : $00000000
Service Flags 3 : $00000000
Service Flags 4 : $00000000
Provider Flags : $00000000
Maximum Message Size : $0000FA00
Security Sheme : 0
Byte Order : Big Endian
Protocol : -2
Protocol MaxOffset : $00000000
Min Socket Address : $00000014
Max Socket Address : $00000014
Socket Type : Datagram
Protocol Chain length : 1
Protocol Chain Entry (0) : 0
Name Space Providers
Description : TCP/IP
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
NameSpace : NS_DNS
Active : Yes
Protocol Version : 0
Provider : {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Description : NTDS
Filename : C:\WINDOWS\system32\winrnr.dll
Legal copyright : Microsoft Corporation. All rights reserved.
Company name : Microsoft Corporation
File desicription : LDAP RnR Provider DLL
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : winrnr
Original filename : winrnr
Product name : Microsoft Windows Operating System
Product version : 5.1.2600.2180
NameSpace : NS_NTDS
Active : Yes
Protocol Version : 0
Provider : {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Description : Espace de noms NLA (Network Location Awareness)
Filename : C:\WINDOWS\system32\mswsock.dll
Legal copyright : Microsoft Corporation. Tous droits r serv s.
Company name : Microsoft Corporation
File desicription : Fournisseur de service Sockets 2.0 de Microsoft Windows
File version : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Internal name : mswsock.dll
Original filename : mswsock.dll
Product name : Syst me d'exploitation Microsoft Windows
Product version : 5.1.2600.2180
NameSpace : Unknown
Active : Yes
Protocol Version : 0
Provider : {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
15 avril 2006 à 15:49
15 avril 2006 à 15:49
Desolé je n'avais pas vu que la fin du rapport de L2MFIX n'etait pas apparu....
Voila la suite :
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1824 'explorer.exe'
Killing PID 1824 'explorer.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 2976 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful
Scanning First Pass. Please Wait!
First Pass Completed
Second Pass Scanning
Second pass Completed!
Restoring Windows Update Certificates.:
The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbug32]
"Asynchronous"=dword:00000001
"DllName"="winbug32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
The following are the files found:
****************************************************************************
Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*
zip error: Nothing to do! (backup.zip)
adding: backregs/notibac.reg (164 bytes security) (deflated 87%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)
Voila j'espere que tout est la ! :)
Voila la suite :
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1824 'explorer.exe'
Killing PID 1824 'explorer.exe'
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 2976 'rundll32.exe'
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful
Scanning First Pass. Please Wait!
First Pass Completed
Second Pass Scanning
Second pass Completed!
Restoring Windows Update Certificates.:
The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbug32]
"Asynchronous"=dword:00000001
"DllName"="winbug32.dll"
"Impersonate"=dword:00000000
"Startup"="EvtStartup"
"Shutdown"="EvtShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
The following are the files found:
****************************************************************************
Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
REGEDIT4
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*
zip error: Nothing to do! (backup.zip)
adding: backregs/notibac.reg (164 bytes security) (deflated 87%)
adding: backregs/shell.reg (164 bytes security) (deflated 73%)
Voila j'espere que tout est la ! :)
re
0. Installe ce nettoyeur CCLEANER https://www.ccleaner.com/ ou lien direct là http://www.filehippo.com/download_ccleaner.html (la flèche)
Tutorial là https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
ensuite
*Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
2. Relances Hijackthis et coche (puis FIX)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com >> toutes lignes R1 et R0 avec ce prosearching.com
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
3. Effacer ces programmes .EXE et .DLL( et à la fin vider la corbeille)
C:\WINDOWS\ICROSO~1.NET\ > le répertoire
C:\Program Files\?ppPatch\ > le répertoire
5. vider les répertoires temps et la corbeille, en lançant Ccleaner
a+
0. Installe ce nettoyeur CCLEANER https://www.ccleaner.com/ ou lien direct là http://www.filehippo.com/download_ccleaner.html (la flèche)
Tutorial là https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
ensuite
*Configure ton ordi pour tous scan à exécuter complétement, il faut pouvoir scanner tous les dossiers caché et système donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
2. Relances Hijackthis et coche (puis FIX)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com >> toutes lignes R1 et R0 avec ce prosearching.com
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1162
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
3. Effacer ces programmes .EXE et .DLL( et à la fin vider la corbeille)
C:\WINDOWS\ICROSO~1.NET\ > le répertoire
C:\Program Files\?ppPatch\ > le répertoire
5. vider les répertoires temps et la corbeille, en lançant Ccleaner
a+
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
17 avril 2006 à 20:35
17 avril 2006 à 20:35
Salut !
Voila j'ai fais les demarches indiquées ci dessus.
Par contre je n'ai pas trouvé :
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
C:\WINDOWS\ICROSO~1.NET\ > le répertoire
Voila , sinon tout a l'air de fonctionner ,je n'ai plus de fanetre intempestive. :)
Je mets mon dernier rapport de HT :
Logfile of HijackThis v1.99.1
Scan saved at 20:29 , on 17/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Voila j'espere qui tout est bon cette fois .
Merci a toi Bernie61 ! ;)
Voila j'ai fais les demarches indiquées ci dessus.
Par contre je n'ai pas trouvé :
O4 - HKCU\..\Run: [Noes] "C:\WINDOWS\ICROSO~1.NET\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Wcwk] C:\Program Files\?ppPatch\n?tepad.exe
C:\WINDOWS\ICROSO~1.NET\ > le répertoire
Voila , sinon tout a l'air de fonctionner ,je n'ai plus de fanetre intempestive. :)
Je mets mon dernier rapport de HT :
Logfile of HijackThis v1.99.1
Scan saved at 20:29 , on 17/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Voila j'espere qui tout est bon cette fois .
Merci a toi Bernie61 ! ;)
re
ok pour moi, juste celle-ci à ocher et FIX avec hijackthis
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
bon surf a+
ok pour moi, juste celle-ci à ocher et FIX avec hijackthis
O20 - Winlogon Notify: winbug32 - winbug32.dll (file missing)
bon surf a+
Onizuka63
Messages postés
27
Date d'inscription
samedi 6 août 2005
Statut
Membre
Dernière intervention
19 janvier 2009
21 avril 2006 à 20:05
21 avril 2006 à 20:05
Merci a toi Bernie61
@++
@++