Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Déclenchement antivir pour 'JS/FakeAV.62361' (Résolu)

 

LOGICIELS : pperey33 et 91 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1  2  3  4
Dernière Page
Page Suivante
Page Précédente
Première Page
Auteur
 Sujet :

Déclenchement antivir pour 'JS/FakeAV.62361' (Résolu)

Prévenir les modérateurs en cas d'abus 
missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 23/04/2010 à 20:24:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Sur le PC de mon fils, antivir s'est activé à plusieurs reprises. le PC a l'air ralenti et il plante par moments; j'ai passé spybot qui m"a nettoyé qq trucs et malweb. qui n'a rien détecté. je me demande néanmoins s'il n'y a pas qq chose; Merci de votre aide.
 Dom
 XP

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/04/2010 à 19:29:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,
 Je suis toujours infecté. Peut-on m'aider SVP ?
 Merci
 Dom

(Publicité)
  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 26/04/2010 à 20:09:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,
 on va verifier tous sa :

 Telecharge RSIT (de random/random) ici:
 http://images.malwareremoval.com/random/RSIT.exe

 --> Enregistre le sur ton burreau, et clique droit de ta souris et selectionne executer en tant qu'administrateur (POUR VISTA/7)
 --> une page va safficher, clique sur continue,
 --> Tu sera peut etre amener a accepter les contrat de license si hijackthis n'est pas installer sur la machine, Accepte le...
 --> en fin de scan deux fenetre saffiche automatiquement..( log.txt.....info.txt...)
 --> poste les deux rapport ici STP..

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/04/2010 à 20:31:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
info.txt logfile of random's system information tool 1.06 2010-04-26 22:27:03

 ======Uninstall list======

 -->C:\WINDOWS\system32\Macrome​d\Flash\uninstall_plugin.exe
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 2007 Microsoft Office system-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714​CF3BA126B}
 Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81​200000003}
 Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93​000000001}
 Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Ad​obe\Shockwave 11\uninstaller.exe"
 Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A​67E2D0415}
 Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8​D1C18F4EE}
 Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F4​95BE32033}
 Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-963​57B70F4FE}
 Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18​E473546C7}
 Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
 AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
 AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager​\unins000.exe"
 AVS YouTube Uploader version 2.1-->"C:\Program Files\AVS4YOU\AVSYouTubeUpload​er\unins000.exe"
 AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavig​ator\unins000.exe"
 Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2​600E01EF6}
 Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D7​77245C35B}
 BurnRecovery-->MsiExec.exe /I{9AE395DB-6BC3-4CA9-B894-351​CB8DE915A}
 CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
 Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUn​installKB939683$\spuninst\spun​inst.exe"
 Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUn​installKB952287$\spuninst\spun​inst.exe"
 Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUn​installKB961118$\spuninst\spun​inst.exe"
 Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$N​tUninstallKB970653-v3$\spunins​t\spuninst.exe"
 Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$N​tUninstallKB976098-v2$\spunins​t\spuninst.exe"
 Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUn​installKB979306$\spuninst\spun​inst.exe"
 ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstall​er.exe
 Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F​0C37541F1}
 Glary Utilities 2.21.0.863-->"C:\Program Files\Glary Utilities\unins000.exe"
 HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A​786E658} /qb+ REBOOTPROMPT=""
 Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUn​installKB929399$\spuninst\spun​inst.exe"
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C​063A63F31}
 Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\i​gxpun.exe -uninstall
 iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE8​22511B761}
 Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216011FF}
 Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C​48E991DE5}
 Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
 LimeWire 5.2.13-->"C:\Program Files\LimeWire\uninstall.exe"
 Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 Marco Polo Français Espagnol 2.3-->"C:\Program Files\Marco Polo Français Espagnol\unins000.exe"
 Marco Polo Français-Anglais Thematic v.4.1.-->"C:\Program Files\Marco Polo Français-Anglais Thematic\unins000.exe"
 Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1​D67F2073F}
 Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8D​CCDE8F8C7}
 Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
 Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4​DCF5C5BD9}
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallM​SCompPackV1$\spuninst\spuninst​.exe"
 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallIDNMitigationAPIs$​\spuninst\spuninst.exe"
 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallNLSDownlevelMappin​g$\spuninst\spuninst.exe"
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-00000​00FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87​C4264C0}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A​230AD5B}
 Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-000​0000FF1CE}
 Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-000​0000FF1CE}
 Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A6​6D0D1A9CC}
 Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-000​0000FF1CE}
 Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-000​0000FF1CE}
 Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-000​0000FF1CE}
 Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-000​0000FF1CE}
 Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-000​0000FF1CE}
 Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-000​0000FF1CE}
 Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-000​0000FF1CE}
 Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-000​0000FF1CE}
 Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-000​0000FF1CE}
 Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-000​0000FF1CE}
 Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-000​0000FF1CE}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-00000​00FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8F​AA964C5}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-00000​00FF1CE} /uninstall {A0516415-ED61-419A-981D-93596​DA74165}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-00000​00FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B​7B5C045}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-00000​00FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76​BB86787}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-00000​00FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F​6B30EBB}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-00000​00FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D2903​83A10D9}
 Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-000​0000FF1CE}
 Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-000​0000FF1CE}
 Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6​B56DCB22E}
 Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-000​0000FF1CE}
 Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B​641C571E7}
 Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5​A4BB71E00}
 Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3​DD01FD0B8}
 Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA​42211AAA5}
 Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCD​DF05208AB}
 Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstall​Wudf01000$\spuninst\spuninst.e​xe"
 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C8​3EC895118}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-181​8da5d550d}
 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7​D6DBC735C}
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E​6EC160475}
 Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUn​installKB952069_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUn​installKB954155_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUn​installKB968816_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUn​installKB973540_WM9$\spuninst\​spuninst.exe"
 Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUn​installKB954154_WM11$\spuninst​\spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie​7updates\KB938127-v2-IE7\spuni​nst\spuninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7up​dates\KB976325-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7up​dates\KB978207-IE7\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUn​installKB923561$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$N​tUninstallKB938464-v2$\spunins​t\spuninst.exe"
 Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUn​installKB941569$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUn​installKB946648$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUn​installKB950760$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUn​installKB950762$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUn​installKB950974$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUn​installKB951066$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$N​tUninstallKB951376-v2$\spunins​t\spuninst.exe"
 Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUn​installKB951748$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUn​installKB952004$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUn​installKB952954$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUn​installKB954459$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUn​installKB954600$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUn​installKB955069$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUn​installKB956572$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUn​installKB956744$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUn​installKB956802$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUn​installKB956803$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUn​installKB956844$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUn​installKB957097$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUn​installKB958644$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUn​installKB958687$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUn​installKB958869$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUn​installKB959426$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUn​installKB960225$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUn​installKB960803$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUn​installKB960859$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUn​installKB961371$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUn​installKB961373$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUn​installKB961501$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUn​installKB968537$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUn​installKB969059$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUn​installKB969897$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUn​installKB969898$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUn​installKB969947$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUn​installKB970238$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUn​installKB970430$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUn​installKB971468$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUn​installKB971486$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUn​installKB971557$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUn​installKB971633$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUn​installKB971657$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUn​installKB971961$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUn​installKB972260$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUn​installKB972270$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUn​installKB973346$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUn​installKB973354$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUn​installKB973507$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUn​installKB973525$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUn​installKB973869$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUn​installKB973904$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUn​installKB974112$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUn​installKB974318$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUn​installKB974392$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUn​installKB974455$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUn​installKB974571$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUn​installKB975025$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUn​installKB975467$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUn​installKB975560$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUn​installKB975561$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUn​installKB975713$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUn​installKB976325$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUn​installKB977165$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUn​installKB977816$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUn​installKB977914$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUn​installKB978037$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUn​installKB978251$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUn​installKB978262$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUn​installKB978338$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUn​installKB978601$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUn​installKB978706$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUn​installKB979309$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUn​installKB979683$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUn​installKB980232$\spuninst\spun​inst.exe"
 Mise à jour de sécurité pour Windows XP (KB981349)-->"C:\WINDOWS\$NtUn​installKB981349$\spuninst\spun​inst.exe"
 Mise à jour pour Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7up​dates\KB980182-IE7\spuninst\sp​uninst.exe"
 Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUn​installKB898461$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUn​installKB951978$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUn​installKB955759$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUn​installKB955839$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUn​installKB961503$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUn​installKB967715$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUn​installKB968389$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUn​installKB971737$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUn​installKB973687$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUn​installKB973815$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUn​installKB976749$\spuninst\spun​inst.exe"
 Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUn​installKB978207$\spuninst\spun​inst.exe"
 Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A0​93F35A238}
 Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
 QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C1​15CAADDAD}
 REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-448​0-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly
 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4ED​E-8A7C-958108FE7DBC}\Setup.exe​" -l0x40c  -removeonly
 Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DE​AF3DD08}
 Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672​D68A9BF}
 Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D​1003E86}
 Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE4​5CB03C0}
 Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED​296CB4D}
 Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1​DE8AC1F}
 Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B7​03B84FF}
 Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB​6F0FB6C}
 Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F​21FEDDC}
 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8C​AC8224D}
 Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC565​2656050}
 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F​8D1E69FB7}
 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
 System Control Manager-->C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D​8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
 Ulead Burn.Now 4.5 SE-->C:\Program Files\InstallShield Installation Information\{A3BE3F1E-2472-421​1-8735-E8239BE49D9F}\setup.exe -runfromtemp -l0x040c
 Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAA​A68E92D}
 Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11​DCC0D79}
 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275​C4F3607} /qb+ REBOOTPROMPT=""
 Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219​365DFF7}
 Update for Outlook 2007 Junk Email Filter (kb981433)-->msiexec /package {91120000-0031-0000-0000-00000​00FF1CE} /uninstall {5A6859A6-042D-4DF7-84E2-79F8D​EFB5D48}
 USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{D10CB652-9332-424​2-B7A9-2D61570144F7}\setup.exe -runfromtemp -l0x0009 -removeonly
 Videora iPod Converter 5-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe
 VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.e​xe
 Windows Driver Package - Atheros (AR5416) Net  (04/08/2008 7.6.0.200)-->C:\PROGRA~1\DIFX\​D6ACC4BE676423A2B130B78A4B627F​C457D98997\DPInst32.EXE /u C:\WINDOWS\system32\DRVSTORE\n​etathw_8508BD3D9EB89B06D2861AE​76DC11BAE84C3E3C7\netathw.inf
 Windows Driver Package - Ralink Technology, Corp. (RT80x86) Net  (05/19/2008 1.01.03.0000)-->C:\PROGRA~1\DI​FX\D6ACC4BE676423A2B130B78A4B6​27FC457D98997\DPInst32.EXE /u C:\WINDOWS\system32\DRVSTORE\r​t2860_182C209AFE287E941D2F1DE5​B71B3589853F453B\rt2860.inf
 Windows Driver Package - Realtek (rtl8187Se) Net  (07/10/2008 5.9067.0710.2008)-->C:\PROGRA~​1\DIFX\D6ACC4BE676423A2B130B78​A4B627FC457D98997\DPInst32.EXE /u C:\WINDOWS\system32\DRVSTORE\n​et8187se_06BCAD86CB743343CBFF6​639914BD6E626DE4A59\net8187se.​inf
 Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\s​puninst.exe"
 Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD​3A3F9DF41}
 Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189​800823F52}
 Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-799​8F2B92CFC}
 Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-507​9296B43BA}
 Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E90​5E91AC818}
 Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8​525FFA3B1}
 Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A1​33C0CE353}
 Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8​168661FEA}
 Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
 Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUnins​tallWMFDist11$\spuninst\spunin​st.exe"
 Windows Media Player 11-->"C:\WINDOWS\$NtUninstallw​mp11$\spuninst\spuninst.exe"
 YouTube Downloader App 2.00-->C:\Program Files\Regensoft\Downloader App\uninstaller.exe

 ======Hosts File======

 127.0.0.1 www.007guard.com
 127.0.0.1 007guard.com
 127.0.0.1 008i.com
 127.0.0.1 www.008k.com
 127.0.0.1 008k.com
 127.0.0.1 www.00hq.com
 127.0.0.1 00hq.com
 127.0.0.1 010402.com
 127.0.0.1 www.032439.com
 127.0.0.1 032439.com

 ======Security center information======

 AV: AntiVir Desktop
 AV: My Security Engine
 FW: My Security Engine

 ======System event log======

 Computer Name: NOM-B6390CADFAE
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer.

 Record Number: 16151
 Source Name: Service Control Manager
 Time Written: 20100312072336.000000+060
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 Computer Name: NOM-B6390CADFAE
 Event Code: 18
 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le samedi 13 mars 2010 à 03:00 :
 - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB978382)
 - Mise à jour de sécurité pour Windows XP (KB975561)

 Record Number: 16150
 Source Name: Windows Update Agent
 Time Written: 20100312072113.000000+060
 Event Type: Informations
 User:

 Computer Name: NOM-B6390CADFAE
 Event Code: 18
 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le samedi 13 mars 2010 à 03:00 :
 - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB978382)
 - Mise à jour de sécurité pour Windows XP (KB975561)

 Record Number: 16149
 Source Name: Windows Update Agent
 Time Written: 20100312071358.000000+060
 Event Type: Informations
 User:

 Computer Name: NOM-B6390CADFAE
 Event Code: 18
 Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le samedi 13 mars 2010 à 03:00 :
 - Mise à jour de sécurité pour Microsoft Office Excel 2007 (KB978382)

 Record Number: 16148
 Source Name: Windows Update Agent
 Time Written: 20100312071358.000000+060
 Event Type: Informations
 User:

 Computer Name: NOM-B6390CADFAE
 Event Code: 7036
 Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

 Record Number: 16147
 Source Name: Service Control Manager
 Time Written: 20100312071204.000000+060
 Event Type: Informations
 User:

 =====Application event log=====

 Computer Name: NOM-B6390CADFAE
 Event Code: 4113
 Message: AntiVir a détecté dans le fichier
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 un code suspect avec la désignation 'ADSPY/FTat.A.1'!

 Record Number: 3593
 Source Name: Avira AntiVir
 Time Written: 20100102023624.000000+060
 Event Type: Avertissement
 User: AUTORITE NT\SYSTEM

 Computer Name: NOM-B6390CADFAE
 Event Code: 4113
 Message: AntiVir a détecté dans le fichier
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 un code suspect avec la désignation 'ADSPY/FTat.A.1'!

 Record Number: 3592
 Source Name: Avira AntiVir
 Time Written: 20100102023617.000000+060
 Event Type: Avertissement
 User: AUTORITE NT\SYSTEM

 Computer Name: NOM-B6390CADFAE
 Event Code: 4113
 Message: AntiVir a détecté dans le fichier
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 un code suspect avec la désignation 'ADSPY/FTat.A.1'!

 Record Number: 3591
 Source Name: Avira AntiVir
 Time Written: 20100102023610.000000+060
 Event Type: Avertissement
 User: AUTORITE NT\SYSTEM

 Computer Name: NOM-B6390CADFAE
 Event Code: 4113
 Message: AntiVir a détecté dans le fichier
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 un code suspect avec la désignation 'ADSPY/FTat.A.1'!

 Record Number: 3590
 Source Name: Avira AntiVir
 Time Written: 20100102023604.000000+060
 Event Type: Avertissement
 User: AUTORITE NT\SYSTEM

 Computer Name: NOM-B6390CADFAE
 Event Code: 4113
 Message: AntiVir a détecté dans le fichier
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 un code suspect avec la désignation 'ADSPY/FTat.A.1'!

 Record Number: 3589
 Source Name: Avira AntiVir
 Time Written: 20100102023557.000000+060
 Event Type: Avertissement
 User: AUTORITE NT\SYSTEM

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "Path"=%SystemRoot%\system32;%​SystemRoot%;%SystemRoot%\syste​m32\wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem
 "windir"=%SystemRoot%
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel
 "PROCESSOR_REVISION"=1c02
 "NUMBER_OF_PROCESSORS"=2
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava​.zip
 "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava​.zip

 -----------------EOF----------​-------
 Logfile of random's system information tool 1.06 (written by random/random)
 Run by Camille2 at 2010-04-26 22:26:22
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 714 MB (2%) free of 40 GB
 Total RAM: 1013 MB (48% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 22:26:59, on 26/04/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v7.00 (7.00.6000.17023)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\System Control Manager\MSIService.exe
 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\system32\igfxtray.e​xe
 C:\WINDOWS\system32\hkcmd.exe
 C:\WINDOWS\system32\igfxpers.e​xe
 C:\WINDOWS\RTHDCPL.EXE
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\WINDOWS\system32\igfxsrvc.e​xe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
 C:\Program Files\RegCleaner\RegCleanr.exe
 C:\Program Files\RegCleaner\RegCleanr.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Windows Live\Toolbar\wltuser.exe
 C:\Documents and Settings\All Users\Application Data\063f627\MS063f.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Documents and Settings\Camille2\Local Settings\Temporary Internet Files\Content.IE5\N711TGQI\RSI​T[1].exe
 C:\Program Files\trend micro\Camille2.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Intern​et Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
 O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
 O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.​com
 O1 - Hosts: 74.125.45.100 secure-plus-payments.com
 O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
 O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
 O1 - Hosts: 74.125.45.100 urs.microsoft.com
 O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
 O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
 O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
 O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - (no file)
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetoo​th Toshiba Stack\ItSecMng.exe /START
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [My Security Engine] "C:\Documents and Settings\All Users\Application Data\063f627\MS063f.exe" /s /d
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: Bluetooth Manager.lnk = ?
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O14 - IERESET.INF: START_PAGE_URL=http://www.msi.​com.tw
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD8​4642501} (Checkers Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.co [...] oscan8.cab
 O16 - DPF: {644E432F-49D3-41A1-8DD5-E0991​62EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/s [...] /cabsa.cab
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11​451AFC5} (OnlineScanner Control) - http://download.eset.com/speci [...] canner.cab
 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE​305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/con [...] ader55.cab
 O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3A​C1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/a [...] stubie.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6​B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe
 O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

 --
 End of file - 10413 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AppleSoftware​Update.job
 C:\WINDOWS\tasks\GlaryInitiali​ze.job
 C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll [2009-12-21 61888]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2009-12-21 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
 Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
 Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2009-11-18 1196936]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
 Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-03-09 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
 {D4027C7F-154A-4066-A1AD-4243D​8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2009-11-18 1196936]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "IgfxTray"=C:\WINDOWS\system32​\igfxtray.exe [2007-12-19 135168]
 "HotKeysCmds"=C:\WINDOWS\syste​m32\hkcmd.exe [2007-12-19 159744]
 "Persistence"=C:\WINDOWS\syste​m32\igfxpers.exe [2007-12-19 131072]
 "RTHDCPL"=C:\WINDOWS\RTHDCPL.E​XE [2008-05-08 16862208]
 "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
 "SunJavaUpdateSched"=C:\Progra​m Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "My Security Engine"=C:\Documents and Settings\All Users\Application Data\063f627\MS063f.exe [2010-04-26 2318848]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2010-03-24 952768]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MGSysCtrl]
 C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-07-29 684032]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\qttask.exe [2009-09-04 417792]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Spyb​otSD TeaTimer]
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2007-12-19 208896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=145

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "HonorAutoRunSetting"=
 "NoDriveAutoRun"=
 "NoDriveTypeAutoRun"=
 "NoDrives"=

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="​C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:​Enabled:Microsoft Office Outlook"
 "C:\Program Files\Messenger\msmsgs.exe"="C​:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger"
 "C:\Program Files\LimeWire\LimeWire.exe"="​C:\Program Files\LimeWire\LimeWire.exe:*:​Enabled:LimeWire"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"
 "C:\Program Files\Bonjour\mDNSResponder.ex​e"="C:\Program Files\Bonjour\mDNSResponder.ex​e:*:Enabled:Bonjour"
 "C:\Program Files\iTunes\iTunes.exe"="C:\P​rogram Files\iTunes\iTunes.exe:*:Enab​led:iTunes"
 "C:\Documents and Settings\All Users\Application Data\063f627\MS063f.exe"="C:\D​ocuments and Settings\All Users\Application Data\063f627\MS063f.exe:*:Enab​led:My Security Engine"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 ======List of files/folders created in the last 3 months======

 2010-04-26 22:26:22 ----D---- C:\rsit
 2010-04-26 22:21:08 ----SHD---- C:\Documents and Settings\Camille2\Application Data\My Security Engine
 2010-04-26 22:21:04 ----SHD---- C:\Documents and Settings\All Users\Application Data\MSLLE
 2010-04-26 22:17:53 ----SHD---- C:\Documents and Settings\All Users\Application Data\063f627
 2010-04-26 21:48:50 ----D---- C:\Documents and Settings\Camille2\Application Data\GlarySoft
 2010-04-26 21:46:32 ----D---- C:\Program Files\Ask.com
 2010-04-26 21:45:33 ----D---- C:\Program Files\Glary Utilities
 2010-04-24 18:02:48 ----D---- C:\Program Files\RegCleaner
 2010-04-24 09:36:46 ----A---- C:\WINDOWS\SchedLgU.Txt
 2010-04-21 18:25:50 ----D---- C:\WINDOWS\BDOSCAN8
 2010-04-21 07:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB97968​3$
 2010-04-21 07:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB98023​2$
 2010-04-21 07:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB98134​9$
 2010-04-21 07:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB97833​8$
 2010-04-21 07:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB97781​6$
 2010-04-20 12:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB97860​1$
 2010-04-20 12:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB97930​9$
 2010-04-11 22:10:06 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
 2010-04-11 22:10:03 ----D---- C:\Program Files\Fichiers communs\Java
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\javaws.exe
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\javaw.exe
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\java.exe
 2010-04-11 22:04:18 ----D---- C:\Documents and Settings\Camille2\Application Data\Sun
 2010-04-10 21:48:58 ----D---- C:\Program Files\Panda Security
 2010-04-10 21:45:27 ----D---- C:\Program Files\ESET
 2010-04-10 19:16:16 ----A---- C:\mbam-error.txt
 2010-04-10 19:14:20 ----D---- C:\Documents and Settings\Camille2\Application Data\Malwarebytes
 2010-04-08 18:02:41 ----D---- C:\Documents and Settings\Camille2\Application Data\Mozilla
 2010-04-08 18:02:38 ----D---- C:\Program Files\Mozilla Firefox
 2010-04-06 21:04:49 ----D---- C:\Documents and Settings\Camille2\Application Data\Macromedia
 2010-04-06 21:04:48 ----D---- C:\Documents and Settings\Camille2\Application Data\Adobe
 2010-03-30 11:11:12 ----ASH---- C:\Documents and Settings\Camille2\Application Data\desktop.ini
 2010-03-30 11:11:11 ----SD---- C:\Documents and Settings\Camille2\Application Data\Microsoft
 2010-03-30 11:11:11 ----D---- C:\Documents and Settings\Camille2\Application Data\InstallShield
 2010-03-30 11:11:11 ----D---- C:\Documents and Settings\Camille2\Application Data\Identities
 2010-03-15 19:31:11 ----D---- C:\WINDOWS\pss
 2010-03-12 12:04:39 ----N---- C:\WINDOWS\system32\browsercho​ice.exe
 2010-03-12 08:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB97556​1$
 2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\SETB.tmp
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\SETE.tmp
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\SETD.tmp
 2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\SET14.tmp
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\SET16.tmp
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\SET15.tmp
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\SET1A.tmp
 2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\SET1E.tmp
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\SET20.tmp
 2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\SET25.tmp
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\SET29.tmp
 2010-03-08 08:10:54 ----D---- C:\WINDOWS\ie7updates
 2010-03-08 08:09:48 ----D---- C:\WINDOWS\WBEM
 2010-03-08 08:07:55 ----HDC---- C:\WINDOWS\ie7
 2010-03-08 08:07:30 ----HDC---- C:\WINDOWS\$NtServicePackUnins​tallIDNMitigationAPIs$
 2010-03-08 08:06:48 ----HDC---- C:\WINDOWS\$NtServicePackUnins​tallNLSDownlevelMapping$
 2010-03-07 21:45:30 ----SD---- C:\ComboFix
 2010-03-07 21:45:09 ----D---- C:\Qoobox
 2010-03-07 02:13:59 ----SHD---- C:\RECYCLER
 2010-03-07 02:06:36 ----A---- C:\TCleaner.txt
 2010-03-04 21:15:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
 2010-03-03 21:23:34 ----A---- C:\Boot.bak
 2010-03-03 21:23:29 ----RASHD---- C:\cmdcons
 2010-03-02 23:53:28 ----A---- C:\WINDOWS\system32\MRT.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\zip.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWXCACLS.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWSC.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWREG.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\sed.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\PEV.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\NIRCMD.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\grep.exe
 2010-03-02 21:24:10 ----D---- C:\WINDOWS\ERDNT
 2010-03-02 00:41:48 ----D---- C:\WINDOWS\Minidump
 2010-03-01 21:55:28 ----D---- C:\Program Files\trend micro
 2010-02-28 22:42:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 2010-02-28 22:42:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-02-25 03:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB97930​6$
 2010-02-11 01:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB97826​2$
 2010-02-11 01:51:21 ----HDC---- C:\WINDOWS\$NtUninstallKB97146​8$
 2010-02-11 01:51:13 ----HDC---- C:\WINDOWS\$NtUninstallKB97803​7$
 2010-02-11 01:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB97571​3$
 2010-02-11 01:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB97825​1$
 2010-02-11 01:50:52 ----HDC---- C:\WINDOWS\$NtUninstallKB97556​0$
 2010-02-11 01:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB97791​4$
 2010-02-11 01:49:42 ----HDC---- C:\WINDOWS\$NtUninstallKB97870​6$
 2010-02-11 01:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB97716​5$
 2010-02-07 23:55:55 ----A---- C:\WINDOWS\wininit.ini
 2010-02-07 17:25:35 ----D---- C:\Program Files\Marco Polo Français Espagnol

 ======List of files/folders modified in the last 3 months======

 2010-04-26 22:26:23 ----D---- C:\WINDOWS\Prefetch
 2010-04-26 22:25:04 ----D---- C:\WINDOWS\Temp
 2010-04-26 21:53:02 ----D---- C:\WINDOWS\system32\CatRoot2
 2010-04-26 21:46:51 ----SHD---- C:\WINDOWS\Installer
 2010-04-26 21:46:46 ----SD---- C:\WINDOWS\Tasks
 2010-04-26 21:46:42 ----D---- C:\Config.Msi
 2010-04-26 21:46:32 ----RD---- C:\Program Files
 2010-04-26 21:21:23 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
 2010-04-24 09:58:26 ----D---- C:\WINDOWS\system32\drivers
 2010-04-24 09:36:51 ----D---- C:\WINDOWS
 2010-04-24 00:37:08 ----D---- C:\WINDOWS\Network Diagnostic
 2010-04-23 22:43:24 ----D---- C:\WINDOWS\Debug
 2010-04-22 23:32:15 ----SD---- C:\WINDOWS\Downloaded Program Files
 2010-04-22 23:32:03 ----HD---- C:\WINDOWS\inf
 2010-04-21 07:25:35 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
 2010-04-21 07:24:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2010-04-21 07:24:14 ----D---- C:\WINDOWS\system32
 2010-04-21 07:24:02 ----HD---- C:\WINDOWS\$hf_mig$
 2010-04-19 21:55:25 ----D---- C:\Documents and Settings
 2010-04-12 21:41:29 ----D---- C:\WINDOWS\system32\fr-fr
 2010-04-12 21:41:29 ----D---- C:\Program Files\Internet Explorer
 2010-04-11 22:10:03 ----D---- C:\Program Files\Fichiers communs
 2010-04-11 22:09:23 ----D---- C:\Program Files\Java
 2010-04-11 21:54:37 ----D---- C:\WINDOWS\system32\config
 2010-04-11 21:54:13 ----D---- C:\WINDOWS\system32\wbem
 2010-04-11 21:54:13 ----D---- C:\WINDOWS\Registration
 2010-04-09 12:58:58 ----D---- C:\WINDOWS\system32\CatRoot
 2010-03-30 11:07:04 ----A---- C:\WINDOWS\system32\PerfString​Backup.INI
 2010-03-15 19:33:06 ----RASH---- C:\boot.ini
 2010-03-15 19:33:06 ----A---- C:\WINDOWS\win.ini
 2010-03-15 19:33:06 ----A---- C:\WINDOWS\system.ini
 2010-03-12 08:24:33 ----D---- C:\Program Files\Movie Maker
 2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dl​l
 2010-03-11 14:34:40 ----N---- C:\WINDOWS\system32\pngfilt.dl​l
 2010-03-11 14:34:40 ----N---- C:\WINDOWS\system32\occache.dl​l
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.d​ll
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\mstime.dll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\msrating.d​ll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\mshtmled.d​ll
 2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.​dll
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dl​l
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dl​l
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.d​ll
 2010-03-11 14:34:35 ----N---- C:\WINDOWS\system32\iernonce.d​ll
 2010-03-11 14:34:35 ----N---- C:\WINDOWS\system32\iepeers.dl​l
 2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dl​l
 2010-03-11 14:34:32 ----N---- C:\WINDOWS\system32\iedkcs32.d​ll
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.d​ll
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.d​ll
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\ieaksie.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\ieakeng.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\extmgr.dll
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\dxtrans.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\dxtmsft.dl​l
 2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dl​l
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dl​l
 2010-03-10 15:19:17 ----N---- C:\WINDOWS\system32\ie4uinit.e​xe
 2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.e​xe
 2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.d​ll
 2010-03-09 04:28:20 ----A---- C:\WINDOWS\system32\deploytk.d​ll
 2010-03-08 08:15:02 ----D---- C:\WINDOWS\Help
 2010-03-08 08:09:27 ----D---- C:\WINDOWS\Media
 2010-03-08 07:53:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2010-03-07 22:11:16 ----D---- C:\Program Files\Yahoo!
 2010-03-06 13:51:23 ----SHD---- C:\System Volume Information
 2010-03-06 13:51:23 ----D---- C:\WINDOWS\system32\Restore
 2010-03-04 22:08:19 ----D---- C:\Program Files\Fichiers communs\Adobe
 2010-03-04 21:34:48 ----D---- C:\Program Files\Adobe
 2010-03-03 21:28:34 ----D---- C:\WINDOWS\AppPatch
 2010-03-02 22:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB96137​3$
 2010-03-01 00:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB97196​1$
 2010-02-28 20:47:18 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt
 2010-02-23 07:18:28 ----N---- C:\WINDOWS\system32\ieakui.dll
 2010-02-16 21:06:59 ----N---- C:\WINDOWS\system32\ntoskrnl.e​xe
 2010-02-16 21:06:56 ----N---- C:\WINDOWS\system32\ntkrnlpa.e​xe
 2010-02-12 06:34:07 ----A---- C:\WINDOWS\system32\6to4svc.dl​l
 2010-02-07 17:29:21 ----D---- C:\Program Files\Marco Polo Français-Anglais Thematic

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2009-03-30 96104]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2009-07-13 28520]
 R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\to​srfcom.sys [2007-10-02 64128]
 R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wm​iacpi.sys [2008-04-13 8832]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2009-12-10 56816]
 R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fs​sfltr_tdi.sys [2009-08-05 54752]
 R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\Cm​Batt.sys [2008-04-13 13952]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-14 144384]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ig​xpmp32.sys [2007-12-19 5854688]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2008-05-08 4739072]
 R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\Ro​otMdm.sys [2008-04-14 5888]
 R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RT​S5121.sys [2008-06-11 156160]
 R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT​2860.sys [2008-05-19 625792]
 R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​enicxp.sys [2008-06-11 106368]
 R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\to​sporte.sys [2006-10-10 41600]
 R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\to​srfbd.sys [2008-02-15 131712]
 R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\to​srfbnp.sys [2007-11-29 36608]
 R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\To​srfhid.sys [2008-01-31 74240]
 R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\to​srfnds.sys [2005-01-07 18612]
 R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\to​srfusb.sys [2007-10-18 41856]
 R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\us​behci.s

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 26/04/2010 à 21:02:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, oui en effet tu et infecter on a du travail :pt1cable:  ;-) ...

 Connais tu la provence de ceci :
 C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
 ???
 Il faudrait que tu le desinstale via le panneau de configuration Ajout de materiel--(Si tu peux)

 Telecharge >>> Malwarebytes <<<
 http://www.01net.com/telecharg [...] 44096.html
 --> Une fois installer double clic sur l'iconne pour lancer le logiciel.
 --> Clique sur l'onglet mise a jour, et mets le a jour (sinon ineficace),
 --> Retourne dans l'onglet recherche, et execute un examen complet,
 --> Tu pourra si infection trouver, cliquer sur effacer la selection.. et poste le rapport ici STP :...

(Publicité)
missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/04/2010 à 21:29:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Non, je ne vois pas d'où vient : C:\Program Files\Search Guard Plus\SearchGuardPlus.exe,
 Il n'est pas dans ajout de matériel mais je ne comprends pas pk il serait là puisque a priori c pour ajouter un nouveau matériel, et je ne le trouve pas non plus dans C: Program Files etc ....
 Je scan avec Malwe.
 Merci de ton aide
 Dom
 PS : je laisse scanner. Il trouve des choses.
 A demain

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 26/04/2010 à 21:35:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
sa marche  :super:

 normalement malwarebytes devrais s'en occuper (en partie)  :D

 A demain bonne nuiter  :sleep:   :fume:

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 04:55:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.45
 www.malwarebytes.org

 Version de la base de données: 4040

 Windows 5.1.2600 Service Pack 3 (Safe Mode)
 Internet Explorer 7.0.5730.13

 27/04/2010 06:53:54
 mbam-log-2010-04-27 (06-53-54).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 210495
 Temps écoulé: 30 minute(s), 40 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 759
 Valeur(s) du Registre infectée(s): 16
 Elément(s) de données du Registre infecté(s): 7
 Dossier(s) infecté(s): 1
 Fichier(s) infecté(s): 11

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe  (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\rwg (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aavgapi.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aawtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\about.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ad-aware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\adwareprj.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aluschedulersvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus_pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashavast.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashbug.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashchest.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashcnsnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashdisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashlogv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashmaisv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashpopwz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashquick.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimp2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimpl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpck.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashwebsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswchlic.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswregsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswrundll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.​exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avcare.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwebgrd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdinprocpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdmsnscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdsurvey.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blss.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bootconf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bootwarn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\borg2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bs120.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bspatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bundle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bvt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\c.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cavscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccpxysvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cdp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfiadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfiaudit.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfpconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfplogvw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\claw95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\claw95cf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\clean.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner3.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleanielow.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleanpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\click.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmesys.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmgrdian.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmon016.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\connectionmonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\control (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpf9x206.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpfnt206.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\crashrep.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\savedefense.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\history.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\identity.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ieshow.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jsrcgen.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alphaav (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alphaav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antispywarxp2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\anti-virus professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antiviruspro_2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\quickhealcleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\safetykeeper.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\savearmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\secure veteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\secureveteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\securityfighter.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\securitysoldier.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\softsafeness.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\trustwarrior.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\Windows police pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\xp_antispyware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.ex​e (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.e​xe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.e​xe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.ex​e (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\launcher.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\malwareremoval.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcsacore.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LO

(Publicité)
missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 04:55:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.45
 www.malwarebytes.org

 Version de la base de données: 4040

 Windows 5.1.2600 Service Pack 3 (Safe Mode)
 Internet Explorer 7.0.5730.13

 27/04/2010 06:53:54
 mbam-log-2010-04-27 (06-53-54).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 210495
 Temps écoulé: 30 minute(s), 40 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 759
 Valeur(s) du Registre infectée(s): 16
 Elément(s) de données du Registre infecté(s): 7
 Dossier(s) infecté(s): 1
 Fichier(s) infecté(s): 11

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brastk.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\init32.exe  (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsAuxs.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsGui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsSvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\pdfndr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\rwg (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\smart.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\_avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\~1.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\~2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aavgapi.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aawtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\about.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ad-aware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\adwareprj.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aluschedulersvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\amon9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\anti-trojan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus_pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusplus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antivirusxppro2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ants.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\apimonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aplica32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\arr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashavast.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashbug.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashchest.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashcnsnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashdisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashlogv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashmaisv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashpopwz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashquick.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimp2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashsimpl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashskpck.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ashwebsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswchlic.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswregsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswrundll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atro55en.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atupdater.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\atwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\au.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\aupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\auto-protect.nav80try.​exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autodown.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autotrace.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\av360.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avcare.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avciman.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ave32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgchk.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgserv9.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgsrmax.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkpop.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkservice.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avkwctl9.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avmcdlg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avnotify.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpcc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avptc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avpupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avsched32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwebgrd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwin95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwinnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avwupsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitornt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\avxquar.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\b.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\backweb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bargains.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bd_professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvcl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdfvwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdinprocpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdmcon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdmsnscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bdsurvey.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\beagle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bidserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bipcpevalsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blackd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blackice.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blink.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\blss.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bootconf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bootwarn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\borg2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\brw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bs120.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bspatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bundle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\bvt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\c.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cavscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ccpxysvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cdp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfiadmin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfiaudit.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfinet32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfpconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfplogvw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\claw95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\claw95cf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\clean.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleaner3.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleanielow.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cleanpc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\click.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmd32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmesys.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmgrdian.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cmon016.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\connectionmonitor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\control (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpd.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpf9x206.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cpfnt206.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\crashrep.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssconfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssupdat.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cssurf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cwnb181.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\cwntdwmo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\d.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\datemanager.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dcomx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defalert.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defscangui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\deloeminfs.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dllcache.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dllreg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\doors.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dop.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpfsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dpps2.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\driverctrl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drwatson.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drweb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dssagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95_0.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\efpeadm.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\esafe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\escanhnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\escanv95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ethereal.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\etrustcipe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\evpn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\exantivirus-cnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\expert.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\explore.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-agnt95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-prot95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\f-stopw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fact.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fameh32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fast.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fch32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fih32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\findviru.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\firewall.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fixfp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\savedefense.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fp-win_trial.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fprot.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\frmwrk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\frw.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsaa.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530stbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav530wtbyb.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsav95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsm32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsma32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\fsmb32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gator.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbmenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbpoll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\generics.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gmt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guarddog.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hacktracersetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hbsrv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\history.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\homeav2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hotactio.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hotpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\htlog.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\htpatch.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hwpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hxdl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\hxiul.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamapp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamserv.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iamstats.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ibmasn.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ibmavsp.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icloadnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icsupp95.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\icsuppnt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\identity.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\idle.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iedll.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iedriver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ieshow.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ifw2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\infus.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\intdel.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\intren.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\iomon98.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\istsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jammer.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jedi.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\jsrcgen.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavlite40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavpers40eng.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kavpf.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alphaav (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\alphaav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antispywarxp2009.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\anti-virus professional.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\antiviruspro_2010.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gbn976rl.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\personalguard.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\quickhealcleaner.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\safetykeeper.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\savearmor.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\secure veteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\secureveteran.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\securityfighter.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\securitysoldier.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\softsafeness.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\trustwarrior.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\Windows police pro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\xp_antispyware.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kazza.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\keenvalue.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-pf-213-en-win.ex​e (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrl-421-en-win.e​xe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\kerio-wrp-421-en-win.e​xe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\killprocesssetup161.ex​e (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\gav.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\launcher.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldnetmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldpro.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\ldscan.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\licmgr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\loader.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\localnet.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lockdown2000.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lookout.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lordpe.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lsetup.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luall.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luau.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\luspt.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\malwareremoval.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mapisvc32.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcmnhdlr.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcsacore.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mctool.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mcupdate.exe (Security.Hijack) -> Quarantined and deleted successfully.
 HKEY_LO

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/04/2010 à 10:29:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Double poste  :paf:
 Suprime la quarantaine de MBAM

 (Tu a des traces de plusieur Antivirus,,Est-ce Normal ??
 Un seul et necessaire...Tu encoure des risque de disfonctionnement si plusieur sont encore installer !)
:/  

 Télécharge USBFix ( El Desaparecido , C_XX & Chimay8 ) sur ton bureau.
 http://pagesperso-orange.fr/No [...] UsbFix.exe

 (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) sans les ouvrir
 1.
 --> Double clic (Clique droit executer en tant qu'administrateur"POUR VISTA/7) sur UsbFix.exe présent sur ton bureau .
 --> Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
 --> Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
 -> Laisse travailler l'outil.
 --> Ensuite post le rapport UsbFix.txt qui apparaitra.
 /!\ Le menu démarrer et les icônes vont disparaître.. c'est normal /!\

 Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

 De plus :
 --> Ouvrir le Gestionnaire de tâche : Ctrl-Alt-Suppr.
 --> Dans [Processus] ;
 --> Si tu voie une des ligne suivante :

 -> Clic-droit sur AntivirusXP.exe -> [Arrêter le processus]
 et/ou
 -> Clic-droit sur antivirusxppro2009.exe -> [Arrêter le processus]
 et/ou
 -> Clic-droit sur antivirusxppro2010.exe -> [Arrêter le processus]

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 20:39:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je reposte le log de malweb qui a priori n'était pas complet. Je ne sais pas pk j'ai plusieurs antivirus. normallement seulement antivir qui d'ailleurs s'est désactivé et que je n'arrive pas à remettre. Quel est l'autre antivirus que tu voies ? Je continue la procédure.
 Merci

(Publicité)
missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 20:46:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 ############################## | UsbFix V6.109 |

 User : Camille2 (Administrateurs) # NOM-B6390CADFAE
 Update on 26/04/2010 by El Desaparecido , C_XX & Chimay8
 Start at: 22:42:44 | 27/04/2010
 Website : http://pagesperso-orange.fr/NosTools/index.html
 Contact : FindyKill.Contact@gmail.com

Intel(R) Atom(TM) CPU N270   @ 1.60GHz
 Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
 Internet Explorer 7.0.5730.13
 Windows Firewall Status : Enabled
 AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

 C:\ -> Disque fixe local # 39,07 Go (653,53 Mo free) [OS_Install] # NTFS
 D:\ -> Disque fixe local # 106,07 Go (100,6 Go free) # NTFS

 ################## | Elements infectieux |


 ################## | Registre |

 [HKLM\SOFTWARE\Microsoft\Window​s NT\CurrentVersion\Image File Execution Options\taskmgr.exe]  
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Policies\Expl​orer] "NoDrives"  

 ################## | Mountpoints2 |


 ################## | Vaccin |

 (!) Cet ordinateur n'est pas vacciné !  

 ################## | ! Fin du rapport # UsbFix V6.109 ! |

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 20:51:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Dans le gestionnaire de périphérique, je n'ai pas vu les lignes citées.

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/04/2010 à 20:53:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 Je voie que tu a Avira/Antivir..

 Et il y a des traces de Panda antivirus..!! ;)

(Publicité)
  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/04/2010 à 20:59:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:sol:
 2.
 --> Double clic (clique "droit executer en tant qu'administrateur pour VISTA/7) Sur USBfix.exe présent sur ton bureau
 --> Au menu principale choisis l'option "F" pour français, et tape sur [entrée]
 --> Au second menu choisis l'option "2" (Supression) et tape sur [entrée]
 -> Laisse travailler l'outil
 --> Ensuite post le rapport qui apparaitra
 (!) Le menu démarrer et les icônes vont disparaître.. c'est normal (!)

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 21:05:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'avais chargé Panda pour un scan en ligne mais je ne sais pas si il est resté actif en protection.
 Sinon, je suis sous XP

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 21:20:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai supprimé Panda, mais antivir est toujours inactif et j'aimerai pouvoir le remettre mais ne sais pas comment. Voici l rapport demandé :

 ############################## | UsbFix V6.109 |

 User : Camille2 (Administrateurs) # NOM-B6390CADFAE
 Update on 26/04/2010 by El Desaparecido , C_XX & Chimay8
 Start at: 23:11:20 | 27/04/2010
 Website : http://pagesperso-orange.fr/NosTools/index.html
 Contact : FindyKill.Contact@gmail.com

Intel(R) Atom(TM) CPU N270   @ 1.60GHz
 Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
 Internet Explorer 7.0.5730.13
 Windows Firewall Status : Enabled
 AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

 C:\ -> Disque fixe local # 39,07 Go (602,5 Mo free) [OS_Install] # NTFS
 D:\ -> Disque fixe local # 106,07 Go (100,6 Go free) # NTFS

 ################## | Elements infectieux |

 Supprimé ! C:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-1005
 Supprimé ! C:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-1006
 Supprimé ! C:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-500
 Supprimé ! D:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-1005
 Supprimé ! D:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-1006
 Supprimé ! D:\Recycler\S-1-5-21-369317077​5-3793469153-1111983471-500

 ################## | Registre |

 Supprimé ! [HKLM\SOFTWARE\Microsoft\Window​s NT\CurrentVersion\Image File Execution Options\taskmgr.exe]  
 Supprimé ! [HKLM\Software\Microsoft\Window​s\CurrentVersion\Policies\Expl​orer] "NoDrives"  

 ################## | Mountpoints2 |


 ################## | Listing des fichiers présent |

 [01/03/2010 23:47|--a------|4542] C:\Ad-Report-CLEAN[1].log
 [08/03/2005 09:48|--a------|0] C:\AUTOEXEC.BAT
 [11/07/2009 20:42|--a------|216] C:\Boot.bak
 [15/03/2010 19:33|-rahs----|286] C:\boot.ini
 [14/04/2008 14:00|-rahs----|4952] C:\Bootfont.bin
 [04/08/2004 00:00|--a------|263488] C:\cmldr
 [08/03/2005 09:48|--a------|0] C:\CONFIG.SYS
 [?|?|?] C:\hiberfil.sys
 [08/03/2005 09:48|-rahs----|0] C:\IO.SYS
 [11/08/2009 08:54|--a------|496] C:\LOG5.log
 [10/04/2010 19:16|--a------|109] C:\mbam-error.txt
 [08/03/2005 09:48|-rahs----|0] C:\MSDOS.SYS
 [14/04/2008 14:00|-rahs----|47564] C:\NTDETECT.COM
 [14/04/2008 14:00|-rahs----|252240] C:\ntldr
 [29/02/2004 17:44|--a------|52576] C:\orange.bmp
 [?|?|?] C:\pagefile.sys
 [07/03/2010 02:06|--a------|1715] C:\TCleaner.txt
 [27/04/2010 23:15|--a------|2283] C:\UsbFix.txt
 [23/01/2010 20:41|--a------|36448663] D:\Cam 23 janvier_0001.wmv
 [15/12/2009 11:25|--a------|730447872] D:\LOL (laughing out loud) - TS FR - comedie - Sophie Marceau - 04 fevrier 2009.avi
 [20/04/2010 22:23|--ahs----|5120] D:\Thumbs.db
 [02/02/2010 00:06|--a------|733589504] D:\Titanic.French.Dvdrip.Divx.​avi

 ################## | Vaccination |

 # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
 # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

 ################## | Upload |

 Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_NOM-B6390C​ADFAE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
 Merci pour votre contribution .  

 ################## | ! Fin du rapport # UsbFix V6.109 ! |



  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/04/2010 à 21:28:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai vu que tu ete sous XP SP3 grace au rapport RSIT  ;)
 (Mercie quand meme pour l'intention  :super:  )

 A tu bien envoyer ce fichier :
 C:\UsbFix_Upload_Me_NOM-B6390C​ADFAE.zip
 A cette adresse :
 http://chiquitine.changelog.fr/Sample/Upload.php  ;)

 Pour reactiver ton antivirus..Clique droit de ta souris sur la petite iconne Antivir presente en bas a droite de ton ecrant et selectionne ..Activer la protection residente...;-)...

 1--> Télécharge Toolbar-S&D ( Merci à Eric_71, Angel Dark, Sham_Rock et XmichouX ) sur ton Bureau
 http://eric.71.mespages.google [...] lBarSD.exe

 --> Lance l'installation du programme en exécutant le fichier téléchargé.

 --> Une fois installer Double-clique sur le raccourci de Toolbar-S&D.(Executer en tant qu'administrateur pour VISTA/7)

 --> Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.

 --> Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

 --> Poste le rapport généré. (C:\TB.txt)

 Aide et tuto : http://www.malekal.com/tutorial_ToolBar_SD.php


missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 21:37:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai bien envoyé le fichier. Pour l'icône d'antivir, il a disparu et n'est plus en bas à droite !
 Dois je supprimer antivir et le ré-installer ?

 Voici le rapport :

-----------\\  ToolBar S&D 1.2.9   XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free :          Intel(R) Atom(TM) CPU N270   @ 1.60GHz )

BIOS : Default System BIOS

USER : Camille2 ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)

C:\ (Local Disk) - NTFS - Total:39 Go (Free:0 Go)

D:\ (Local Disk) - NTFS - Total:106 Go (Free:100 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( 27/04/2010|23:33 )

-----------\\  Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\Camille2\Cookies\c​amille2@7search[2].txt

-----------\\  Extensions

(Camille.NOM-B6390CADFAE) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(Camille.NOM-B6390CADFAE) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(HelpAssistant) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(HelpAssistant) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

-----------\\  [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Main]

"Start Page"="http://www.google.fr/"

"Local Page"="C:\\WINDOWS\\system32\\​blank.htm"

"Search Page"="http://www.microsoft.co​m/isapi/redir.dll?prd=ie&ar=ie​search"

[HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.​microsoft.com/fwlink/?LinkId=6​9157"

"Default_Search_URL"="http://g​o.microsoft.com/fwlink/?LinkId​=54896"

"Search Page"="http://go.microsoft.com​/fwlink/?LinkId=54896"

"Start Page"="http://fr.msn.com/"

"Search bar"="http://search.msn.com/sp​basic.htm"

--------------------\\  Recherche d'autres infections

Aucune autre infection trouvée  !

1 - "C:\ToolBar SD\TB_1.txt" - 27/04/2010|23:35 - Option : [1]

-----------\\  Fin du rapport a 23:35:11,46



  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 27/04/2010 à 22:15:54  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Quant tu double clic sur l'icone qui et normalement sur ton bureau!....Antivir ne se lance pas ??

 2--> Relance Toolbar-S&D present sur ton bureau
 --> Appuie sur "F" pour choisir la langue en français
 --> Ce cous si choisis l'option 2 (Suppression)

 ->> Poste le rapport generer a la fin ici STP..

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 15:07:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Non, quand je double clic, à côté antivir Guard, c'est marqué : service !?

-----------\\  ToolBar S&D 1.2.9   XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free :          Intel(R) Atom(TM) CPU N270   @ 1.60GHz )

BIOS : Default System BIOS

USER : Camille2 ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)

C:\ (Local Disk) - NTFS - Total:39 Go (Free:0 Go)

D:\ (Local Disk) - NTFS - Total:106 Go (Free:100 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 28/04/2010|17:04 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Camille2\Cookies\c​amille2@7search[2].txt

-----------\\  Recherche de Fichiers / Dossiers ...

-----------\\  Extensions

(Camille.NOM-B6390CADFAE) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(Camille.NOM-B6390CADFAE) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(HelpAssistant) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

(HelpAssistant) - {20a82645-c095-46ed-80e3-08825​760534b} => chrome_user

-----------\\  [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Mic​rosoft\Internet Explorer\Main]

"Start Page"="http://www.google.fr/"

"Local Page"="C:\\WINDOWS\\system32\\​blank.htm"

"Search Page"="http://www.microsoft.co​m/isapi/redir.dll?prd=ie&ar=ie​search"

[HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.​microsoft.com/fwlink/?LinkId=6​9157"

"Default_Search_URL"="http://g​o.microsoft.com/fwlink/?LinkId​=54896"

"Search Page"="http://go.microsoft.com​/fwlink/?LinkId=54896"

"Start Page"="http://www.msn.com/"

"Search bar"="http://search.msn.com/sp​basic.htm"

--------------------\\  Recherche d'autres infections

Aucune autre infection trouvée  !

1 - "C:\ToolBar SD\TB_1.txt" - 27/04/2010|23:35 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 28/04/2010|17:06 - Option : [2]

-----------\\  Fin du rapport a 17:06:36,82





  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 15:31:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Antivir, et t'il bien mis a jour (derniere version) ??

 ->> Mais a jour Malwarebytes et Relance un examen complet puis poste le rapport ici STP !  :fume:

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 16:22:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Il était à jour hier, mais aujourd'hui impossible de le faire. d'autre part n'ai plus d'antivirus actif., quand je clique sur un site via google, c'est svt un autre site qui appaarait et le centre de sécurité via AVG qui me dit que je suis infesté de virus et de trojan.
 Je scan en attendant.
 Ce ne serait pas mieux de réinstaller antivir ? Car je n'ai plus d'antivirus activé.

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 16:32:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:pt1cable: Dans ce cas alor desinstalle tous ce qui conserne les antivirus..Noublie pas de le desactiver avant de le desinstaller (quitte completement la protection residente)

 Une fois desinstaller je te sugere de faire ceci, pour enlever toute trace supplementaire :

 --> Telecharge >>> Ccleaner <<< (si tu la deja passe directement au chiffre 1) ..
 http://www.01net.com/telecharg [...] 32599.html
 --> Noublie pas de decocher installer yahou toolbar...
 1-> Une fois installer..Lance le et va dans l'onglet option...Qui se trouve a gauche..puis sur avancé et decoche la case effacer uniquement les fichiers temporaires de windows datant de plus de 24h
 --> Retourne dans l'onglet nettoyeur...
 --> commence par cliquer en bas sur analyse..une fois l'analise terminer..clique sur netoyer...

 --> une fois que tu a fini le netoyage.. va dans l'onglet registre...
 --> commence par cliquer sur chercher les erreur...
 --> une fois quil a terminer de rechercher les erreur..Clique sur corriger les erreur selectionnees..il te demandera si tu veux faire une sauvegarde..noublie surtout pas de confirmer sur oui..et d'installer la sauvegarde la ou tu t'en souviendra.
 Car il se peu que tu ai quelque probleme avec certain logiciel d'ou la sauvegarde pour restaurer ton registre..
 --> Recommence cette operation, jusqu'a qu'il ny aparraisse plus d'erreur,

 Puis reinstalle le ici :
 http://www.01net.com/outils/te [...] 13198.html

 une fois reinstaller .. Mais le a jour, lance un examen complet, et post le rapport STP ! :p

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 17:29:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.45
 www.malwarebytes.org

 Version de la base de données: 4046

 Windows 5.1.2600 Service Pack 3 (Safe Mode)
 Internet Explorer 7.0.5730.13

 28/04/2010 18:24:09
 mbam-log-2010-04-28 (18-24-09).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 164719
 Temps écoulé: 3 minute(s), 53 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 1
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 7

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe (Trojan.Agent) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 C:\Documents and Settings\Camille2\Local Settings\Temporary Internet Files\Content.IE5\US6XM1CQ\Run​AV_257[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\US6XM1CQ\Run​AV_257[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\termsrv.dl​l (Trojan.Patched) -> Quarantined and deleted succMalwarebytes' Anti-Malware 1.45
 www.malwarebytes.org

 Version de la base de données: 4046

 Windows 5.1.2600 Service Pack 3 (Safe Mode)
 Internet Explorer 7.0.5730.13

 28/04/2010 18:24:09
 mbam-log-2010-04-28 (18-24-09).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 164719
 Temps écoulé: 3 minute(s), 53 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 1
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 7

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe (Trojan.Agent) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 C:\Documents and Settings\Camille2\Local Settings\Temporary Internet Files\Content.IE5\US6XM1CQ\Run​AV_257[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\US6XM1CQ\Run​AV_257[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\termsrv.dl​l (Trojan.Patched) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\mspmsnsv.d​ll (Trojan.Jadtre) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\xmlprov.dl​l (Worm.Piloyd) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\lpk.dll (Trojan.Patched) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\midimap.dl​l (Trojan.Patched) -> Quarantined and deleted successfully.
 essfully.
 C:\WINDOWS\system32\mspmsnsv.d​ll (Trojan.Jadtre) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\xmlprov.dl​l (Worm.Piloyd) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\lpk.dll (Trojan.Patched) -> Quarantined and deleted successfully.
 C:\WINDOWS\system32\midimap.dl​l (Trojan.Patched) -> Quarantined and deleted successfully.

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 18:26:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OK.. :pt1cable:
 Rend toi sur ce lien,
 http://www.virustotal.com/fr/

 La ou il et marquer envoyer le fichier, Clic sur "parcourir"
 recherche les entrer suivante dans ton disque :

 C:\WINDOWS\system32\termsrv.dl​l

 C:\WINDOWS\system32\mspmsnsv.d​ll

 C:\WINDOWS\system32\xmlprov.dl​l

 C:\WINDOWS\system32\lpk.dll

 C:\WINDOWS\system32\midimap.dl​l


 Copie les resultat d'analyse et colle les ici STP ;-).
 P.S c'est analyse sont a faire une par une...
 Il se peut qu'il faut que tu affiche les fichier cacher, pour ce faire :
 --> Rentre dans ton paneau de configuration....
 --> Apparance et personalisation...
 --> Option des dossier...(double cliquer dessus)
 --> Dans l'onglet affichage un peu plus bas ou il et marquer afficher les dossier et fichier cacher..Active l'option afficher les dossier et fichier cacher....



missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 19:16:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
File size: 297984 bytes
 MD5   : 934e0add8e52906cb4e1a772b0e1ed​2a
 SHA1  : 1eab2f181cd8c4d75e21161f87896b​b5eb258a5a
 SHA256: 6840bb95154444e7b1042e2ce60331​9f012455cec035124a7a07ec36a759​96c7
 PEInfo: PE Structure information

 ( base data )
 entrypointaddress.: 0x219FD
 timedatestamp.....: 0x4802C254 (Mon Apr 14 04:32:52 2008)
 machinetype.......: 0x14C (Intel I386)

 ( 4 sections )
 name viradd virsiz rawdsiz ntrpy md5
 .text 0x1000 0x3F7CA 0x3F800 6.62 fec330f1a46dbfd3862aff282f3b86​26
 .data 0x41000 0x9838 0x1200 5.41 f2e922b9f68ef2eb2ffa6779f4d829​b0
 .rsrc 0x4B000 0x4880 0x4A00 3.41 5f2993c2ed585425386d3632ccaf3f​b1
 .reloc 0x50000 0x32EE 0x3400 6.19 c59c84e9cda7289330e30d991fa192​48

 ( 17 imports )

 > advapi32.dll: GetSidSubAuthorityCount, GetSidSubAuthority, AccessCheckAndAuditAlarmW, AllocateAndInitializeSid, SetEntriesInAclW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegEnumKeyW, DeregisterEventSource, CryptAcquireContextW, CryptCreateHash, CryptImportKey, CryptVerifySignatureW, CryptDestroyKey, CryptDestroyHash, CryptReleaseContext, AddAce, GetAce, GetAclInformation, GetUserNameA, CryptHashData, RegisterServiceCtrlHandlerW, GetSidIdentifierAuthority, IsValidSid, GetTokenInformation, EqualSid, LookupAccountSidW, RegSetValueExW, CryptGenRandom, RegisterEventSourceW, ReportEventW, SetServiceBits, RegOpenKeyW, GetUserNameW, SetServiceStatus, RegOpenKeyExW, GetSecurityDescriptorDacl, LsaDelete, LsaSetSecret, LsaClose, LsaOpenSecret, LsaCreateSecret, LsaOpenPolicy, LsaFreeMemory, LsaQuerySecret, GetEventLogInformation, LsaQueryInformationPolicy, RegQueryValueExW, RegCloseKey, LogonUserW, AddAccessAllowedAce, InitializeAcl, GetLengthSid, OpenThreadToken, CheckTokenMembership, MakeSelfRelativeSD, MakeAbsoluteSD, IsValidSecurityDescriptor, ElfReportEventW, ElfRegisterEventSourceW, I_ScSendTSMessage, RegNotifyChangeKeyValue, RegCreateKeyExW, RegQueryValueExA, RegOpenKeyExA, GetCurrentHwProfileA, RegEnumKeyExA, RegEnumKeyExW, LsaStorePrivateData, LsaNtStatusToWinError, LsaRetrievePrivateData, RegDeleteValueW, OpenProcessToken
 > authz.dll: AuthzFreeResourceManager, AuthziAllocateAuditParams, AuthziInitializeAuditParamsWit​hRM, AuthziInitializeAuditEvent, AuthziLogAuditEvent, AuthzFreeAuditEvent, AuthziFreeAuditParams, AuthzInitializeResourceManager​, AuthziInitializeAuditEventType​, AuthziFreeAuditEventType
 > crypt32.dll: CertCloseStore, CertCreateCertificateContext, CertOpenStore, CertDuplicateCertificateContex​t, CertFreeCertificateContext, CertGetIssuerCertificateFromSt​ore, CertVerifySubjectCertificateCo​ntext, CryptExportPublicKeyInfo, CertEnumCertificatesInStore, CertFindExtension, CertVerifyCertificateChainPoli​cy, CertComparePublicKeyInfo, CryptDecodeObject, CryptVerifyCertificateSignatur​e, CryptBinaryToStringW
 > icaapi.dll: IcaOpen, IcaStackCallback, IcaStackConnectionWait, IcaStackConnectionRequest, IcaStackConnectionAccept, _IcaStackIoControl, IcaStackUnlock, IcaStackReconnect, IcaStackTerminate, IcaChannelClose, IcaStackIoControl, IcaPushConsoleStack, IcaChannelOpen, IcaChannelIoControl, IcaStackConnectionClose, IcaStackClose, IcaClose, IcaIoControl, IcaStackOpen, IcaStackDisconnect
 > kernel32.dll: GetLocalTime, GetDiskFreeSpaceA, GetDateFormatW, FileTimeToSystemTime, InitializeCriticalSection, GetVersion, CreateMutexW, GetModuleHandleA, InterlockedExchange, OutputDebugStringA, GetProcessAffinityMask, SetThreadAffinityMask, ResumeThread, GetExitCodeThread, GetSystemInfo, GetLogicalDriveStringsA, GetDriveTypeA, GetVolumeInformationW, GetVolumeInformationA, GlobalMemoryStatus, lstrlenA, lstrcpyA, GetFileSize, WriteFile, SetFilePointer, ReadFile, CreateFileA, HeapAlloc, HeapFree, CompareFileTime, CreateWaitableTimerW, SetWaitableTimer, FormatMessageW, LeaveCriticalSection, GetSystemDefaultLCID, SystemTimeToFileTime, LoadLibraryExA, GetVersionExA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetCurrentThreadId, QueryPerformanceCounter, LoadLibraryA, InterlockedCompareExchange, DelayLoadFailureHook, lstrcpynW, GetACP, MultiByteToWideChar, SetLastError, lstrlenW, LocalFree, LocalAlloc, GetProcessHeap, DisableThreadLibraryCalls, DebugBreak, Sleep, CloseHandle, CreateProcessW, GetCurrentProcessId, IsDebuggerPresent, GetVersionExW, ResetEvent, SetEvent, VerifyVersionInfoW, CreateEventW, GetLastError, ReleaseMutex, UnmapViewOfFile, MapViewOfFile, OpenFileMappingW, WaitForMultipleObjects, OpenEventW, OpenMutexW, InterlockedDecrement, CreateThread, CreateFileW, GetSystemDirectoryW, GetSystemTime, GetComputerNameA, GetSystemTimeAsFileTime, UnregisterWait, WaitForSingleObject, InterlockedIncrement, lstrcpyW, ExitThread, QueryDosDeviceW, ProcessIdToSessionId, IsBadReadPtr, IsBadWritePtr, OpenProcess, GetComputerNameW, FreeLibrary, GetProcAddress, LoadLibraryW, GetProfileStringW, GetTickCount, RegisterWaitForSingleObject, lstrcatW, lstrcmpiW, GetProfileIntW, GetWindowsDirectoryW, SetThreadPriority, GetCurrentThread, LocalSize, GetCurrentProcess, PulseEvent, GetComputerNameExW, WideCharToMultiByte, InitializeCriticalSectionAndSp​inCount, EnterCriticalSection, DeleteCriticalSection
 > mstlsapi.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
 > msvcrt.dll: wcscpy, wcscmp, _except_handler3, _wcsnicmp, wcscat, swscanf, wcsncpy, wcslen, wcsncat, swprintf, wcsrchr, memmove, _snwprintf, wcschr, sprintf, qsort, strncpy, gmtime, time, mktime, _mbslen, mbstowcs, __3@YAXPAX@Z, __2@YAPAXI@Z, free, _initterm, malloc, _adjust_fdiv, _ftol, _snprintf, strncmp, iswdigit, _wcsupr, wcstok, _wtol, _stricmp, __CxxFrameHandler, _purecall, _wcsicmp
 > ntdll.dll: NtOpenProcessToken, NtQueryInformationToken, RtlLengthSid, RtlCopySid, NtAllocateVirtualMemory, NtFreeVirtualMemory, RtlAcquireResourceShared, NtDelayExecution, DbgBreakPoint, RtlPrefixUnicodeString, NtResetEvent, NtWaitForMultipleObjects, RtlInitializeGenericTable, RtlDeleteCriticalSection, NtOpenProcess, NtQueryVirtualMemory, RtlLookupElementGenericTable, RtlCompareMemory, RtlInsertElementGenericTable, RtlDeleteElementGenericTable, RtlInitializeResource, NtCreateEvent, NtDuplicateObject, NtQuerySystemTime, RtlEqualSid, RtlAdjustPrivilege, RtlInitializeCriticalSection, NtTerminateProcess, RtlLengthRequiredSid, NtReleaseMutant, NtWaitForSingleObject, NtCreateMutant, NtQueryInformationProcess, NtDuplicateToken, NtSetInformationThread, RtlpNtEnumerateSubKey, NtRequestPort, NtConnectPort, NtSetEvent, RtlEnterCriticalSection, RtlAllocateHeap, NtOpenThreadToken, NtReplyPort, NtCompleteConnectPort, NtAcceptConnectPort, NtCreateSection, NtReplyWaitReceivePort, RtlFreeUnicodeString, NtCreatePort, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlQueryRegistryValues, NtDeviceIoControlFile, RtlExtendedLargeIntegerDivide, RtlConvertExclusiveToShared, RtlConvertSharedToExclusive, RtlDeleteResource, NtRequestWaitReplyPort, RtlFreeHeap, RtlLeaveCriticalSection, RtlAcquireResourceExclusive, RtlReleaseResource, RtlInitUnicodeString, NtOpenKey, NtQueryValueKey, NtClose, VerSetConditionMask, RtlCreateEnvironment, RtlSetProcessIsCritical, DbgPrint, NtQuerySystemInformation, NtSetTimer, NtCreateTimer, RtlCopySecurityDescriptor, RtlNtStatusToDosError, RtlDeleteAce, RtlGetAce, RtlQueryInformationAcl, RtlGetDaclSecurityDescriptor, RtlMapGenericMask, RtlSubAuthoritySid, RtlInitializeSid, RtlCreateUserSecurityObject, RtlSetDaclSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlCreateSecurityDescriptor, RtlWriteRegistryValue, RtlCreateRegistryKey, RtlLengthSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, NtSetSecurityObject, NtQuerySecurityObject, NtOpenSymbolicLinkObject, NtQueryDirectoryObject, NtCreateDirectoryObject, RtlFreeSid, RtlAllocateAndInitializeSid, RtlIntegerToUnicodeString, RtlAppendUnicodeToString, NtQueryMutant
 > oleaut32.dll: -, -, -, -, -, -, -, -, -, -
 > rpcrt4.dll: RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcServerRegisterIfEx, RpcBindingToStringBindingW, RpcServerListen, RpcImpersonateClient, I_RpcBindingIsClientLocal, RpcRevertToSelf, RpcServerUseProtseqEpW, I_RpcBindingInqLocalClientPID, RpcStringFreeW, RpcRaiseException, RpcSsContextLockExclusive, NdrServerCall2, RpcServerRegisterIf, RpcStringBindingParseW
 > secur32.dll: GetUserNameExW
 > setupapi.dll: SetupDiGetDeviceRegistryProper​tyA, SetupDiGetClassDevsA, SetupDiEnumDeviceInfo, SetupDiDestroyDeviceInfoList
 > shell32.dll: SHGetFolderPathA
 > shlwapi.dll: PathAppendA
 > user32.dll: GetCursorPos, wvsprintfA, BroadcastSystemMessageA, wsprintfA, GetSystemMetrics, wsprintfW, ExitWindowsEx, LoadStringW, MessageBeep, GetMessageTime
 > wintrust.dll: CryptCATAdminCalcHashFromFileH​andle, CryptCATAdminEnumCatalogFromHa​sh, CryptCATCatalogInfoFromContext​, CryptCATAdminReleaseCatalogCon​text, CryptCATAdminReleaseContext, WTHelperProvDataFromStateData, WTHelperGetProvSignerFromChain​, CryptCATAdminAcquireContext, WinVerifyTrust
 > ws2_32.dll: -, -, -, getaddrinfo, -, -

 ( 1 exports )

 > ServiceMain
 TrID  : File type identification
 Win64 Executable Generic (80.9%)
 Win32 Executable Generic (8.0%)
 Win32 Dynamic Link Library (generic) (7.1%)
 Generic Win/DOS Executable (1.8%)
 DOS Executable Generic (1.8%)
 ssdeep: 6144:UGNmMMXiyyVt4eal37zXqKZ8k​Y0c6XI3SVnSrf+LbtmNSZ5AM:UOCyy​yYJXqKhXIiVnxtcq
 PEiD  : -
 RDS   : NSRL Reference Data Set
 -

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 19:20:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je n'est pas le rapport de detection..il me faut le rapport complet  :paf:

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 19:23:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
File size: 50176 bytes
 MD5   : 228b16c3b96bf328fb0e2b3cf8ba6e​1d
 SHA1  : 2cacac9cdd829c68b4471908014aad​72d0f41e22
 SHA256: 0d66979c53198a0014e1b26cd4ada1​ee36d47c8499c8cebab6f32c0b7867​a20e
 PEInfo: PE Structure information

 ( base data )
 entrypointaddress.: 0x8E8B
 timedatestamp.....: 0x4802C25F (Mon Apr 14 04:33:03 2008)
 machinetype.......: 0x14C (Intel I386)

 ( 5 sections )
 name viradd virsiz rawdsiz ntrpy md5
 .text 0x1000 0xA5D5 0xA600 6.30 f2938980e968827b4df1e211a84dfd​a3
 .orpc 0xC000 0x33 0x200 0.84 d1dd4043987a59d3fb83ce4d11249b​c3
 .data 0xD000 0x260 0x200 3.41 4c80137b9503b1e85c33da0e6ae7ef​f6
 .rsrc 0xE000 0x830 0xA00 3.78 f241e571e458cc95f48834be04b4da​bc
 .reloc 0xF000 0xB60 0xC00 5.65 0d66cbca3162266abd76b62169ef4b​e5

 ( 13 imports )

 > advapi32.dll: RegQueryValueExW, RegOpenKeyExW, RegCloseKey, RegEnumKeyExW
 > atl.dll: -, -, -, -, -, -, -, -
 > kernel32.dll: FreeLibrary, GetStringTypeExW, OutputDebugStringW, GetProcAddress, GetUserDefaultUILanguage, GetUserDefaultLCID, lstrcmpW, GetFileTime, LoadLibraryW, WideCharToMultiByte, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, GetCurrentProcess, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, DebugBreak, GetThreadLocale, InitializeCriticalSection, DeleteCriticalSection, InterlockedIncrement, InterlockedDecrement, InitializeCriticalSectionAndSp​inCount, DisableThreadLibraryCalls, MultiByteToWideChar, lstrlenW, EnterCriticalSection, LeaveCriticalSection, GetLastError, CreateDirectoryW, lstrlenA, CloseHandle, LocalFree, FormatMessageW, CreateFileW
 > msvcp60.dll: __0bad_alloc@std@@QAE@PBD@Z, __1bad_alloc@std@@UAE@XZ, __0bad_alloc@std@@QAE@ABV01@@Z
 > msvcrt.dll: _terminate@@YAXXZ, __0exception@@QAE@ABV0@@Z, _CxxThrowException, __CxxFrameHandler, __2@YAPAXI@Z, _vsnprintf, wcslen, _wtoi, __1type_info@@UAE@XZ, _except_handler3, __3@YAXPAX@Z, _adjust_fdiv, malloc, _initterm, free
 > ole32.dll: CoInitialize, CoUninitialize, CoCreateInstance
 > oleaut32.dll: -, -, -, -, -
 > rpcrt4.dll: CStdStubBuffer_IsIIDSupported, CStdStubBuffer_CountRefs, CStdStubBuffer_DebugServerQuer​yInterface, CStdStubBuffer_DebugServerRele​ase, NdrDllUnregisterProxy, CStdStubBuffer_AddRef, CStdStubBuffer_QueryInterface, IUnknown_Release_Proxy, NdrDllRegisterProxy, CStdStubBuffer_Invoke, CStdStubBuffer_Disconnect, NdrOleAllocate, NdrOleFree, IUnknown_QueryInterface_Proxy, IUnknown_AddRef_Proxy, NdrCStdStubBuffer_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, CStdStubBuffer_Connect
 > rtutils.dll: TraceRegisterExW, TracePrintfA, TraceDeregisterW
 > shell32.dll: SHGetFolderPathW
 > shlwapi.dll: PathFileExistsW
 > user32.dll: CharLowerW, LoadStringW, wvsprintfW, CharNextW
 > wzcsapi.dll: WZCProviderCreateWirelessProfi​le, WZCProviderDeleteWirelessProfi​le

 ( 1 exports )

 > DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
 TrID  : File type identification
 DirectShow filter (46.7%)
 Windows OCX File (28.6%)
 Win64 Executable Generic (19.8%)
 Win32 Executable Generic (1.9%)
 Win32 Dynamic Link Library (generic) (1.7%)
 ssdeep: 768:VhpCmaVd6hu4hXHBEO4cjcE7P4​xTjNtwo9W8Sg//vo:wmasugzjjDGPN​Go9W8SgHQ
 sigcheck: publisher....: Microsoft Corporation
 copyright....: (c) Microsoft Corporation. All rights reserved.
 product......: Microsoft_ Windows_ Operating System
 description..: Network Provisioning Service Client API
 original name: xmlprovi.dll
 internal name: xmlprovi.dll
 file version.: 5.1.2600.5512 (xpsp.080413-0852)
 comments.....: n/a
 signers......: -
 signing date.: -
 verified.....: Unsigned
 
 PEiD  : -
 RDS   : NSRL Reference Data Set
 -

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 19:30:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C'est le rapport qu'il me propose. Je ne vois pas ce qu'il faut d'autre. Je n'ai trouvé que 2 fichiers à analyser dans ceux que tu m'as donnés

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 19:32:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
regarde dans la liste de tous les antivirus qu'il analyse..
 C'est ces rapport qu'il me faut..
 :mdr:  :paf:

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 19:45:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Désolé je ne vois pas d'autre liste. Il me dit qu'il y a 41 antivirus et me propose le rapport global et rien d'autre !

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 19:55:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C tout ce que j'ai, mais cela ne doit pas t'avancer plus :
 Fichier termsrv32.dll reçu le 2010.04.28 19:52:49 (UTC)
 Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


 Résultat: 0/41 (0%)
 en train de charger les informations du serveur...
 Votre fichier est dans la file d'attente, en position: ___.
 L'heure estimée de démarrage est entre ___ et ___ .
 Ne fermez pas la fenêtre avant la fin de l'analyse.
 L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
 Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
 Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
 les résultats seront affichés au fur et à mesure de leur génération.
 Formaté Impression des résultats  
 Votre fichier a expiré ou n'existe pas.
 Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

 Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
 Email:  
 

 Antivirus Version Dernière mise à jour Résultat
 a-squared 4.5.0.50 2010.04.28 -
 AhnLab-V3 5.0.0.2 2010.04.28 -
 AntiVir 8.2.1.224 2010.04.28 -
 Antiy-AVL 2.0.3.7 2010.04.28 -
 Authentium 5.2.0.5 2010.04.28 -
 Avast 4.8.1351.0 2010.04.28 -
 Avast5 5.0.332.0 2010.04.28 -
 AVG 9.0.0.787 2010.04.28 -
 BitDefender 7.2 2010.04.28 -
 CAT-QuickHeal 10.00 2010.04.28 -
 ClamAV 0.96.0.3-git 2010.04.28 -
 Comodo 4702 2010.04.28 -
 DrWeb 5.0.2.03300 2010.04.28 -
 eSafe 7.0.17.0 2010.04.28 -
 eTrust-Vet 35.2.7456 2010.04.28 -
 F-Prot 4.5.1.85 2010.04.28 -
 F-Secure 9.0.15370.0 2010.04.28 -
 Fortinet 4.0.14.0 2010.04.27 -
 GData 21 2010.04.28 -
 Ikarus T3.1.1.80.0 2010.04.28 -
 Jiangmin 13.0.900 2010.04.28 -
 Kaspersky 7.0.0.125 2010.04.28 -
 McAfee 5.400.0.1158 2010.04.28 -
 McAfee-GW-Edition 6.8.5 2010.04.28 -
 Microsoft 1.5703 2010.04.28 -
 NOD32 5069 2010.04.28 -
 Norman 6.04.11 2010.04.28 -
 nProtect 2010-04-28.02 2010.04.28 -
 Panda 10.0.2.7 2010.04.28 -
 PCTools 7.0.3.5 2010.04.28 -
 Prevx 3.0 2010.04.28 -
 Rising 22.45.02.04 2010.04.28 -
 Sophos 4.53.0 2010.04.28 -
 Sunbelt 6233 2010.04.28 -
 Symantec 20091.2.0.41 2010.04.28 -
 TheHacker 6.5.2.0.272 2010.04.28 -
 TrendMicro 9.120.0.1004 2010.04.28 -
 TrendMicro-HouseCall 9.120.0.1004 2010.04.28 -
 VBA32 3.12.12.4 2010.04.28 -
 ViRobot 2010.4.27.2295 2010.04.27 -
 VirusBuster 5.0.27.0 2010.04.28 -
 Information additionnelle
 File size: 297984 bytes
 MD5...: 934e0add8e52906cb4e1a772b0e1ed​2a
 SHA1..: 1eab2f181cd8c4d75e21161f87896b​b5eb258a5a
 SHA256: 6840bb95154444e7b1042e2ce60331​9f012455cec035124a7a07ec36a759​96c7
 ssdeep: 6144:UGNmMMXiyyVt4eal37zXqKZ8k​Y0c6XI3SVnSrf+LbtmNSZ5AM:UOCyy​yYJX
 qKhXIiVnxtcq
 
 PEiD..: -
 PEInfo: PE Structure information

 ( base data )
 entrypointaddress.: 0x219fd
 timedatestamp.....: 0x4802c254 (Mon Apr 14 02:32:52 2008)
 machinetype.......: 0x14c (I386)

 ( 4 sections )
 name viradd virsiz rawdsiz ntrpy md5
 .text 0x1000 0x3f7ca 0x3f800 6.62 fec330f1a46dbfd3862aff282f3b86​26
 .data 0x41000 0x9838 0x1200 5.41 f2e922b9f68ef2eb2ffa6779f4d829​b0
 .rsrc 0x4b000 0x4880 0x4a00 3.41 5f2993c2ed585425386d3632ccaf3f​b1
 .reloc 0x50000 0x32ee 0x3400 6.19 c59c84e9cda7289330e30d991fa192​48

 ( 17 imports )
 > msvcrt.dll: wcscpy, wcscmp, _except_handler3, _wcsnicmp, wcscat, swscanf, wcsncpy, wcslen, wcsncat, swprintf, wcsrchr, memmove, _snwprintf, wcschr, sprintf, qsort, strncpy, gmtime, time, mktime, _mbslen, mbstowcs, __3@YAXPAX@Z, __2@YAPAXI@Z, free, _initterm, malloc, _adjust_fdiv, _ftol, _snprintf, strncmp, iswdigit, _wcsupr, wcstok, _wtol, _stricmp, __CxxFrameHandler, _purecall, _wcsicmp
 > ntdll.dll: NtOpenProcessToken, NtQueryInformationToken, RtlLengthSid, RtlCopySid, NtAllocateVirtualMemory, NtFreeVirtualMemory, RtlAcquireResourceShared, NtDelayExecution, DbgBreakPoint, RtlPrefixUnicodeString, NtResetEvent, NtWaitForMultipleObjects, RtlInitializeGenericTable, RtlDeleteCriticalSection, NtOpenProcess, NtQueryVirtualMemory, RtlLookupElementGenericTable, RtlCompareMemory, RtlInsertElementGenericTable, RtlDeleteElementGenericTable, RtlInitializeResource, NtCreateEvent, NtDuplicateObject, NtQuerySystemTime, RtlEqualSid, RtlAdjustPrivilege, RtlInitializeCriticalSection, NtTerminateProcess, RtlLengthRequiredSid, NtReleaseMutant, NtWaitForSingleObject, NtCreateMutant, NtQueryInformationProcess, NtDuplicateToken, NtSetInformationThread, RtlpNtEnumerateSubKey, NtRequestPort, NtConnectPort, NtSetEvent, RtlEnterCriticalSection, RtlAllocateHeap, NtOpenThreadToken, NtReplyPort, NtCompleteConnectPort, NtAcceptConnectPort, NtCreateSection, NtReplyWaitReceivePort, RtlFreeUnicodeString, NtCreatePort, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlQueryRegistryValues, NtDeviceIoControlFile, RtlExtendedLargeIntegerDivide, RtlConvertExclusiveToShared, RtlConvertSharedToExclusive, RtlDeleteResource, NtRequestWaitReplyPort, RtlFreeHeap, RtlLeaveCriticalSection, RtlAcquireResourceExclusive, RtlReleaseResource, RtlInitUnicodeString, NtOpenKey, NtQueryValueKey, NtClose, VerSetConditionMask, RtlCreateEnvironment, RtlSetProcessIsCritical, DbgPrint, NtQuerySystemInformation, NtSetTimer, NtCreateTimer, RtlCopySecurityDescriptor, RtlNtStatusToDosError, RtlDeleteAce, RtlGetAce, RtlQueryInformationAcl, RtlGetDaclSecurityDescriptor, RtlMapGenericMask, RtlSubAuthoritySid, RtlInitializeSid, RtlCreateUserSecurityObject, RtlSetDaclSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlCreateSecurityDescriptor, RtlWriteRegistryValue, RtlCreateRegistryKey, RtlLengthSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, NtSetSecurityObject, NtQuerySecurityObject, NtOpenSymbolicLinkObject, NtQueryDirectoryObject, NtCreateDirectoryObject, RtlFreeSid, RtlAllocateAndInitializeSid, RtlIntegerToUnicodeString, RtlAppendUnicodeToString, NtQueryMutant
 > ICAAPI.dll: IcaOpen, IcaStackCallback, IcaStackConnectionWait, IcaStackConnectionRequest, IcaStackConnectionAccept, _IcaStackIoControl, IcaStackUnlock, IcaStackReconnect, IcaStackTerminate, IcaChannelClose, IcaStackIoControl, IcaPushConsoleStack, IcaChannelOpen, IcaChannelIoControl, IcaStackConnectionClose, IcaStackClose, IcaClose, IcaIoControl, IcaStackOpen, IcaStackDisconnect
 > SHELL32.dll: SHGetFolderPathA
 > SETUPAPI.dll: SetupDiGetDeviceRegistryProper​tyA, SetupDiGetClassDevsA, SetupDiEnumDeviceInfo, SetupDiDestroyDeviceInfoList
 > SHLWAPI.dll: PathAppendA
 > WINTRUST.dll: CryptCATAdminCalcHashFromFileH​andle, CryptCATAdminEnumCatalogFromHa​sh, CryptCATCatalogInfoFromContext​, CryptCATAdminReleaseCatalogCon​text, CryptCATAdminReleaseContext, WTHelperProvDataFromStateData, WTHelperGetProvSignerFromChain​, CryptCATAdminAcquireContext, WinVerifyTrust
 > RPCRT4.dll: RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcServerRegisterIfEx, RpcBindingToStringBindingW, RpcServerListen, RpcImpersonateClient, I_RpcBindingIsClientLocal, RpcRevertToSelf, RpcServerUseProtseqEpW, I_RpcBindingInqLocalClientPID, RpcStringFreeW, RpcRaiseException, RpcSsContextLockExclusive, NdrServerCall2, RpcServerRegisterIf, RpcStringBindingParseW
 > KERNEL32.dll: GetLocalTime, GetDiskFreeSpaceA, GetDateFormatW, FileTimeToSystemTime, InitializeCriticalSection, GetVersion, CreateMutexW, GetModuleHandleA, InterlockedExchange, OutputDebugStringA, GetProcessAffinityMask, SetThreadAffinityMask, ResumeThread, GetExitCodeThread, GetSystemInfo, GetLogicalDriveStringsA, GetDriveTypeA, GetVolumeInformationW, GetVolumeInformationA, GlobalMemoryStatus, lstrlenA, lstrcpyA, GetFileSize, WriteFile, SetFilePointer, ReadFile, CreateFileA, HeapAlloc, HeapFree, CompareFileTime, CreateWaitableTimerW, SetWaitableTimer, FormatMessageW, LeaveCriticalSection, GetSystemDefaultLCID, SystemTimeToFileTime, LoadLibraryExA, GetVersionExA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetCurrentThreadId, QueryPerformanceCounter, LoadLibraryA, InterlockedCompareExchange, DelayLoadFailureHook, lstrcpynW, GetACP, MultiByteToWideChar, SetLastError, lstrlenW, LocalFree, LocalAlloc, GetProcessHeap, DisableThreadLibraryCalls, DebugBreak, Sleep, CloseHandle, CreateProcessW, GetCurrentProcessId, IsDebuggerPresent, GetVersionExW, ResetEvent, SetEvent, VerifyVersionInfoW, CreateEventW, GetLastError, ReleaseMutex, UnmapViewOfFile, MapViewOfFile, OpenFileMappingW, WaitForMultipleObjects, OpenEventW, OpenMutexW, InterlockedDecrement, CreateThread, CreateFileW, GetSystemDirectoryW, GetSystemTime, GetComputerNameA, GetSystemTimeAsFileTime, UnregisterWait, WaitForSingleObject, InterlockedIncrement, lstrcpyW, ExitThread, QueryDosDeviceW, ProcessIdToSessionId, IsBadReadPtr, IsBadWritePtr, OpenProcess, GetComputerNameW, FreeLibrary, GetProcAddress, LoadLibraryW, GetProfileStringW, GetTickCount, RegisterWaitForSingleObject, lstrcatW, lstrcmpiW, GetProfileIntW, GetWindowsDirectoryW, SetThreadPriority, GetCurrentThread, LocalSize, GetCurrentProcess, PulseEvent, GetComputerNameExW, WideCharToMultiByte, InitializeCriticalSectionAndSp​inCount, EnterCriticalSection, DeleteCriticalSection
 > USER32.dll: GetCursorPos, wvsprintfA, BroadcastSystemMessageA, wsprintfA, GetSystemMetrics, wsprintfW, ExitWindowsEx, LoadStringW, MessageBeep, GetMessageTime
 > Secur32.dll: GetUserNameExW
 > WS2_32.dll: -, -, -, getaddrinfo, -, -
 > ADVAPI32.dll: GetSidSubAuthorityCount, GetSidSubAuthority, AccessCheckAndAuditAlarmW, AllocateAndInitializeSid, SetEntriesInAclW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, RegEnumKeyW, DeregisterEventSource, CryptAcquireContextW, CryptCreateHash, CryptImportKey, CryptVerifySignatureW, CryptDestroyKey, CryptDestroyHash, CryptReleaseContext, AddAce, GetAce, GetAclInformation, GetUserNameA, CryptHashData, RegisterServiceCtrlHandlerW, GetSidIdentifierAuthority, IsValidSid, GetTokenInformation, EqualSid, LookupAccountSidW, RegSetValueExW, CryptGenRandom, RegisterEventSourceW, ReportEventW, SetServiceBits, RegOpenKeyW, GetUserNameW, SetServiceStatus, RegOpenKeyExW, GetSecurityDescriptorDacl, LsaDelete, LsaSetSecret, LsaClose, LsaOpenSecret, LsaCreateSecret, LsaOpenPolicy, LsaFreeMemory, LsaQuerySecret, GetEventLogInformation, LsaQueryInformationPolicy, RegQueryValueExW, RegCloseKey, LogonUserW, AddAccessAllowedAce, InitializeAcl, GetLengthSid, OpenThreadToken, CheckTokenMembership, MakeSelfRelativeSD, MakeAbsoluteSD, IsValidSecurityDescriptor, ElfReportEventW, ElfRegisterEventSourceW, I_ScSendTSMessage, RegNotifyChangeKeyValue, RegCreateKeyExW, RegQueryValueExA, RegOpenKeyExA, GetCurrentHwProfileA, RegEnumKeyExA, RegEnumKeyExW, LsaStorePrivateData, LsaNtStatusToWinError, LsaRetrievePrivateData, RegDeleteValueW, OpenProcessToken
 > CRYPT32.dll: CertCloseStore, CertCreateCertificateContext, CertOpenStore, CertDuplicateCertificateContex​t, CertFreeCertificateContext, CertGetIssuerCertificateFromSt​ore, CertVerifySubjectCertificateCo​ntext, CryptExportPublicKeyInfo, CertEnumCertificatesInStore, CertFindExtension, CertVerifyCertificateChainPoli​cy, CertComparePublicKeyInfo, CryptDecodeObject, CryptVerifyCertificateSignatur​e, CryptBinaryToStringW
 > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -
 > AUTHZ.dll: AuthzFreeResourceManager, AuthziAllocateAuditParams, AuthziInitializeAuditParamsWit​hRM, AuthziInitializeAuditEvent, AuthziLogAuditEvent, AuthzFreeAuditEvent, AuthziFreeAuditParams, AuthzInitializeResourceManager​, AuthziInitializeAuditEventType​, AuthziFreeAuditEventType
 > mstlsapi.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

 ( 1 exports )
 ServiceMain
 
 RDS...: NSRL Reference Data Set
 -
 pdfid.: -
 trid..: Win64 Executable Generic (80.9%)
 Win32 Executable Generic (8.0%)
 Win32 Dynamic Link Library (generic) (7.1%)
 Generic Win/DOS Executable (1.8%)
 DOS Executable Generic (1.8%)
 sigcheck:
 publisher....: Microsoft Corporation
 copyright....: (c) Microsoft Corporation. Tous droits r_serv_s.
 product......: Syst_me d_exploitation Microsoft_ Windows_
 description..: Service Terminal Server
 original name: termsrv.exe
 internal name: termsrv.exe
 file version.: 5.1.2600.5512 (xpsp.080413-2111)
 comments.....: n/a
 signers......: -
 signing date.: -
 verified.....: Unsigned

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 28/04/2010 à 20:35:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voila  :super:

 Et pour le deuxieme post moi le rapport comme celui la .. :D

 Pour les autre fichier a tu fait ceci :

 --> paneau de configuration....
 --> Apparance et personalisation...
 --> Option des dossier...(double cliquer dessus)
 --> Dans l'onglet affichage un peu plus bas ou il et marquer afficher les dossier et fichier cacher..Active l'option afficher les dossier et fichier cacher....

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 29/04/2010 à 20:19:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je ne sais plus comment j'ai fait !
 ouFichier xmlprovi.dll reçu le 2010.04.28 18:56:18 (UTC)
 Situation actuelle: terminé

 Résultat: 0/38 (0.00%)
 Formaté Impression des résultats  
 Antivirus Version Dernière mise à jour Résultat
 a-squared 4.5.0.50 2010.04.28 -
 AhnLab-V3 5.0.0.2 2010.04.28 -
 AntiVir 8.2.1.224 2010.04.28 -
 Antiy-AVL 2.0.3.7 2010.04.28 -
 Authentium 5.2.0.5 2010.04.28 -
 Avast 4.8.1351.0 2010.04.28 -
 AVG 9.0.0.787 2010.04.28 -
 BitDefender 7.2 2010.04.28 -
 CAT-QuickHeal 10.00 2010.04.28 -
 ClamAV 0.96.0.3-git 2010.04.28 -
 Comodo 4702 2010.04.28 -
 DrWeb 5.0.2.03300 2010.04.28 -
 eSafe 7.0.17.0 2010.04.28 -
 eTrust-Vet 35.2.7456 2010.04.28 -
 F-Prot 4.5.1.85 2010.04.28 -
 F-Secure 9.0.15370.0 2010.04.28 -
 Fortinet 4.0.14.0 2010.04.27 -
 GData 21 2010.04.28 -
 Ikarus T3.1.1.80.0 2010.04.28 -
 Jiangmin 13.0.900 2010.04.28 -
 Kaspersky 7.0.0.125 2010.04.28 -
 McAfee 5.400.0.1158 2010.04.28 -
 McAfee-GW-Edition 6.8.5 2010.04.28 -
 Microsoft 1.5703 2010.04.28 -
 NOD32 5069 2010.04.28 -
 Norman 6.04.11 2010.04.28 -
 nProtect 2010-04-28.02 2010.04.28 -
 Panda 10.0.2.7 2010.04.28 -
 PCTools 7.0.3.5 2010.04.28 -
 Rising 22.45.02.04 2010.04.28 -
 Sophos 4.53.0 2010.04.28 -
 Sunbelt 6231 2010.04.28 -
 Symantec 20091.2.0.41 2010.04.28 -
 TheHacker 6.5.2.0.272 2010.04.28 -
 TrendMicro 9.120.0.1004 2010.04.28 -
 VBA32 3.12.12.4 2010.04.28 -
 ViRobot 2010.4.27.2295 2010.04.27 -
 VirusBuster 5.0.27.0 2010.04.28 -
 Information additionnelle
 File size: 50176 bytes
 MD5   : 228b16c3b96bf328fb0e2b3cf8ba6e​1d
 SHA1  : 2cacac9cdd829c68b4471908014aad​72d0f41e22
 SHA256: 0d66979c53198a0014e1b26cd4ada1​ee36d47c8499c8cebab6f32c0b7867​a20e
 PEInfo: PE Structure information

 ( base data )
 entrypointaddress.: 0x8E8B
 timedatestamp.....: 0x4802C25F (Mon Apr 14 04:33:03 2008)
 machinetype.......: 0x14C (Intel I386)

 ( 5 sections )
 name viradd virsiz rawdsiz ntrpy md5
 .text 0x1000 0xA5D5 0xA600 6.30 f2938980e968827b4df1e211a84dfd​a3
 .orpc 0xC000 0x33 0x200 0.84 d1dd4043987a59d3fb83ce4d11249b​c3
 .data 0xD000 0x260 0x200 3.41 4c80137b9503b1e85c33da0e6ae7ef​f6
 .rsrc 0xE000 0x830 0xA00 3.78 f241e571e458cc95f48834be04b4da​bc
 .reloc 0xF000 0xB60 0xC00 5.65 0d66cbca3162266abd76b62169ef4b​e5

 ( 13 imports )

 > advapi32.dll: RegQueryValueExW, RegOpenKeyExW, RegCloseKey, RegEnumKeyExW
 > atl.dll: -, -, -, -, -, -, -, -
 > kernel32.dll: FreeLibrary, GetStringTypeExW, OutputDebugStringW, GetProcAddress, GetUserDefaultUILanguage, GetUserDefaultLCID, lstrcmpW, GetFileTime, LoadLibraryW, WideCharToMultiByte, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, GetCurrentProcess, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, DebugBreak, GetThreadLocale, InitializeCriticalSection, DeleteCriticalSection, InterlockedIncrement, InterlockedDecrement, InitializeCriticalSectionAndSp​inCount, DisableThreadLibraryCalls, MultiByteToWideChar, lstrlenW, EnterCriticalSection, LeaveCriticalSection, GetLastError, CreateDirectoryW, lstrlenA, CloseHandle, LocalFree, FormatMessageW, CreateFileW
 > msvcp60.dll: __0bad_alloc@std@@QAE@PBD@Z, __1bad_alloc@std@@UAE@XZ, __0bad_alloc@std@@QAE@ABV01@@Z
 > msvcrt.dll: _terminate@@YAXXZ, __0exception@@QAE@ABV0@@Z, _CxxThrowException, __CxxFrameHandler, __2@YAPAXI@Z, _vsnprintf, wcslen, _wtoi, __1type_info@@UAE@XZ, _except_handler3, __3@YAXPAX@Z, _adjust_fdiv, malloc, _initterm, free
 > ole32.dll: CoInitialize, CoUninitialize, CoCreateInstance
 > oleaut32.dll: -, -, -, -, -
 > rpcrt4.dll: CStdStubBuffer_IsIIDSupported, CStdStubBuffer_CountRefs, CStdStubBuffer_DebugServerQuer​yInterface, CStdStubBuffer_DebugServerRele​ase, NdrDllUnregisterProxy, CStdStubBuffer_AddRef, CStdStubBuffer_QueryInterface, IUnknown_Release_Proxy, NdrDllRegisterProxy, CStdStubBuffer_Invoke, CStdStubBuffer_Disconnect, NdrOleAllocate, NdrOleFree, IUnknown_QueryInterface_Proxy, IUnknown_AddRef_Proxy, NdrCStdStubBuffer_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, CStdStubBuffer_Connect
 > rtutils.dll: TraceRegisterExW, TracePrintfA, TraceDeregisterW
 > shell32.dll: SHGetFolderPathW
 > shlwapi.dll: PathFileExistsW
 > user32.dll: CharLowerW, LoadStringW, wvsprintfW, CharNextW
 > wzcsapi.dll: WZCProviderCreateWirelessProfi​le, WZCProviderDeleteWirelessProfi​le

 ( 1 exports )

 > DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
 TrID  : File type identification
 DirectShow filter (46.7%)
 Windows OCX File (28.6%)
 Win64 Executable Generic (19.8%)
 Win32 Executable Generic (1.9%)
 Win32 Dynamic Link Library (generic) (1.7%)
 ssdeep: 768:VhpCmaVd6hu4hXHBEO4cjcE7P4​xTjNtwo9W8Sg//vo:wmasugzjjDGPN​Go9W8SgHQ
 sigcheck: publisher....: Microsoft Corporation
 copyright....: (c) Microsoft Corporation. All rights reserved.
 product......: Microsoft_ Windows_ Operating System
 description..: Network Provisioning Service Client API
 original name: xmlprovi.dll
 internal name: xmlprovi.dll
 file version.: 5.1.2600.5512 (xpsp.080413-0852)
 comments.....: n/a
 signers......: -
 signing date.: -
 verified.....: Unsigned
 
 PEiD  : -
 RDS   : NSRL Reference Data Set
 i, j'ai mis dossiers cachés

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 29/04/2010 à 20:35:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok,

 si tu ne trouve pas les autres, alors passe a ceci :


 Télécharge AD-Remover (de C_XX) sur ton Bureau.
 http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

 Déconnecte-toi de internet et ferme toutes applications en cours(Le meilleur moyen et de debrancher le cable Ethernet)

 --> Lance le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
 --> Clique droit sur l'icône AD-Remover située sur ton Bureau et choisir exécuter en tant qu'administrateur.(Pour VISTA/7)
 --> Au menu principal, choisis l'option L ou Nettoyer.
 --> Poste le rapport qui apparaît à la fin. STP

 (Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
 

 P.S : "Process.exe", une composante de l'outil, est détecté A tore par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

 Aide : http://kerio.probb.fr/logiciel [...] -t3786.htm

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 30/04/2010 à 05:19:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
.
 ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
 .
 Mis à jour par C_XX le 29/04/10 à 18:00
 Contact: AdRemover.contact@gmail.com
 Site web: http://pagesperso-orange.fr/No [...] mover.html
 .
 Lancé à: 23:56:03 le 29/04/2010 | Mode normal | Option: CLEAN
 Exécuté de: C:\Ad-Remover\ADR.exe
 SE: Microsoft® Windows XP™  Service Pack 3 - X86
 Nom du PC: NOM-B6390CADFAE
 Utilisateur actuel: Camille2
 .
 ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
 .
 .
 C:\Documents and Settings\Camille2\Application Data\Mozilla\FireFox\Profiles\​ocevqfk7.default\extensions\to​olbar@ask.com
 C:\Documents and Settings\Camille2\Application Data\Mozilla\FireFox\Profiles\​ocevqfk7.default\searchplugins​\askcom.xml
 C:\Documents and Settings\Camille2\Local Settings\Application Data\AskToolbar
 C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\AskToolbar
 C:\Documents and Settings\HelpAssistant\Local Settings\Temp\AskSearch
 C:\Program Files\Ask.com
 C:\WINDOWS\Installer\{86D4B82A​-ABED-442A-BE86-96357B70F4FE}
 C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

 (!) -- Fichiers temporaires supprimés.
 .
 HKCU\Software\AppDataLow\AskTo​olbarInfo
 HKCU\Software\Ask.com
 HKCU\Software\AskToolbar
 HKCU\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{171DEBE​B-C3D4-40b7-AC73-056A5EBA4A7E}
 HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}
 HKLM\Software\Classes\AppID\{9​B0CB95C-933A-4B8C-B6D4-EDCD19A​43874}
 HKLM\Software\Classes\AppID\Ge​nericAskToolbar.DLL
 HKLM\Software\Classes\CLSID\{0​0000000-6E41-4FD3-8538-502F549​5E5FC}
 HKLM\Software\Classes\CLSID\{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 HKLM\Software\Classes\GenericA​skToolbar.ToolbarWnd
 HKLM\Software\Classes\GenericA​skToolbar.ToolbarWnd.1
 HKLM\Software\Classes\Installe​r\Products\A28B4D68DEBAA244EB6​86953B7074FEF
 HKLM\Software\Classes\Interfac​e\{6C434537-053E-486D-B62A-160​059D9D456}
 HKLM\Software\Classes\Interfac​e\{91CF619A-4686-4CA4-9232-3B2​E6B63AA92}
 HKLM\Software\Classes\Interfac​e\{AC71B60E-94C9-4EDE-BA46-E14​6747BB67E}
 HKLM\Software\Classes\TypeLib\​{2996F0E7-292B-4CAE-893F-47B8B​1C05B56}
 HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}
 HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rdata\S-1-5-18\Products\A28B4D​68DEBAA244EB686953B7074FEF
 HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{86​D4B82A-ABED-442A-BE86-96357B70​F4FE}
 HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser|{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 HKCU\Software\Microsoft\Intern​et Explorer\URLSearchHooks|{00000​000-6E41-4FD3-8538-502F5495E5F​C}
 HKLM\Software\Microsoft\Intern​et Explorer\Toolbar|{D4027C7F-154​A-4066-A1AD-4243D8127440}
 .
 (Orpheline) BHO: {02478D38-C3F9-4efb-9B51-7695E​CA05670} (CLSID manquant)
 .
 ============== SCAN ADDITIONNEL ==============
 .
 * Mozilla FireFox Version 3.6 (fr) *
 .
 C:\Documents and Settings\Camille2\..\ocevqfk7.​default\prefs.js - browser.search.selectedEngine: search
 C:\Documents and Settings\Camille.NOM-B6390CADF​AE\..\bcmffn1m.default\prefs.j​s - browser.startup.homepage_overr​ide.mstone: rv:1.9.2
 C:\Documents and Settings\Camille.NOM-B6390CADF​AE\..\evy6l5am.default\prefs.j​s - browser.startup.homepage_overr​ide.mstone: rv:1.9.2
 C:\Documents and Settings\HelpAssistant\..\bcmf​fn1m.default\prefs.js - browser.startup.homepage_overr​ide.mstone: rv:1.9.2
 C:\Documents and Settings\HelpAssistant\..\evy6​l5am.default\prefs.js - browser.startup.homepage_overr​ide.mstone: rv:1.9.2
 C:\Documents and Settings\HelpAssistant\..\ocev​qfk7.default\prefs.js - browser.search.selectedEngine: search
 .
 .
 * Internet Explorer Version 7.0.5730.13 *
 .
 [HKCU\Software\Microsoft\Intern​et Explorer\Main]
 .
 Default_Page_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Do404Search: 0x01000000
 Enable Browser Extensions: yes
 Local Page: C:\WINDOWS\system32\blank.htm
 Search bar: hxxp://go.microsoft.com/fwlink​/?linkid=54896
 Show_ToolBar: yes
 Start Page: hxxp://fr.msn.com/
 .
 [HKLM\Software\Microsoft\Intern​et Explorer\Main]
 .
 Default_Page_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Delete_Temp_Files_On_Exit: yes
 Local Page: %SystemRoot%\system32\blank.ht​m
 Search bar: hxxp://search.msn.com/spbasic.​htm
 Search Page: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Start Page: hxxp://fr.msn.com/
 .
 [HKLM\Software\Microsoft\Intern​et Explorer\ABOUTURLS]
 .
 Tabs: res://ieframe.dll/tabswelcome.​htm
 Blank: res://mshtml.dll/blank.htm
 .
 ==============================​==========
 .
 C:\Ad-Remover\Quarantine: 2 Fichier(s)
 C:\Ad-Remover\Backup: 25 Fichier(s)
 .
 C:\Ad-Report-CLEAN[1].txt - 495 Octet(s)
 C:\Ad-Report-CLEAN[2].txt - 5140 Octet(s)
 .
 Fin à: 00:51:26, 30/04/2010
 .
 ============== E.O.F - CLEAN[2] ==============

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 30/04/2010 à 09:02:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Impec  :super:

 Relance un scan RSIT...
 Seul le (log.txt) aparait en fin de scan..Poste le dans ta prochaine reponse STP ;-)

missloveuse
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 30/04/2010 à 11:14:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Logfile of random's system information tool 1.06 (written by random/random)
 Run by Camille2 at 2010-04-30 13:13:10
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 509 MB (1%) free of 40 GB
 Total RAM: 1013 MB (55% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 13:13:32, on 30/04/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v7.00 (7.00.6000.17023)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 C:\Program Files\Bonjour\mDNSResponder.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\Program Files\System Control Manager\MSIService.exe
 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\system32\igfxtray.e​xe
 C:\WINDOWS\system32\hkcmd.exe
 C:\WINDOWS\system32\igfxpers.e​xe
 C:\WINDOWS\RTHDCPL.EXE
 C:\WINDOWS\system32\igfxsrvc.e​xe
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
 C:\Program Files\iPod\bin\iPodService.exe
 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Windows Live\Toolbar\wltuser.exe
 C:\Documents and Settings\Camille2\Local Settings\Temporary Internet Files\Content.IE5\H2VOMO5D\RSI​T[1].exe
 C:\Program Files\trend micro\Camille2.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - Default URLSearchHook is missing
 O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
 O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
 O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.​com
 O1 - Hosts: 74.125.45.100 secure-plus-payments.com
 O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
 O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
 O1 - Hosts: 74.125.45.100 urs.microsoft.com
 O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
 O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
 O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
 O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - (no file)
 O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetoo​th Toshiba Stack\ItSecMng.exe /START
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: Bluetooth Manager.lnk = ?
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\WINDOWS\bdoscandel.exe
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\Office12\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
 O14 - IERESET.INF: START_PAGE_URL=http://www.msi.​com.tw
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD8​4642501} (Checkers Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O16 - DPF: {5D6F45B3-9043-443D-A792-11544​7494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ [...] E_UNO1.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.co [...] oscan8.cab
 O16 - DPF: {644E432F-49D3-41A1-8DD5-E0991​62EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/s [...] /cabsa.cab
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11​451AFC5} (OnlineScanner Control) - http://download.eset.com/speci [...] canner.cab
 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE​305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/con [...] ader55.cab
 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46​475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b56907.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6​B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/ [...] b56986.cab
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe
 O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

 --
 End of file - 9807 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AppleSoftware​Update.job
 C:\WINDOWS\tasks\GlaryInitiali​ze.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll [2009-12-21 61888]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2009-12-21 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
 Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
 Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-03-09 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "IgfxTray"=C:\WINDOWS\system32​\igfxtray.exe [2007-12-19 135168]
 "HotKeysCmds"=C:\WINDOWS\syste​m32\hkcmd.exe [2007-12-19 159744]
 "Persistence"=C:\WINDOWS\syste​m32\igfxpers.exe [2007-12-19 131072]
 "RTHDCPL"=C:\WINDOWS\RTHDCPL.E​XE [2008-05-08 16862208]
 "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
 "SunJavaUpdateSched"=C:\Progra​m Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
 "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-04 417792]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2010-03-24 952768]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\MGSysCtrl]
 C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-07-29 684032]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\qttask.exe [2009-09-04 417792]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Spyb​otSD TeaTimer]
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2007-12-19 208896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\PEVSystemStart]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\procexp90.Sys]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=255
 "NoDriveAutoRun"=255
 "HonorAutoRunSetting"=0

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "HonorAutoRunSetting"=
 "NoDriveAutoRun"=
 "NoDriveTypeAutoRun"=

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="​C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:​Enabled:Microsoft Office Outlook"
 "C:\Program Files\Messenger\msmsgs.exe"="C​:\Program Files\Messenger\msmsgs.exe:*:E​nabled:Windows Messenger"
 "C:\Program Files\LimeWire\LimeWire.exe"="​C:\Program Files\LimeWire\LimeWire.exe:*:​Enabled:LimeWire"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"
 "C:\Program Files\Bonjour\mDNSResponder.ex​e"="C:\Program Files\Bonjour\mDNSResponder.ex​e:*:Enabled:Bonjour"
 "C:\Program Files\iTunes\iTunes.exe"="C:\P​rogram Files\iTunes\iTunes.exe:*:Enab​led:iTunes"
 "C:\Documents and Settings\All Users\Application Data\063f627\MS063f.exe"="C:\D​ocuments and Settings\All Users\Application Data\063f627\MS063f.exe:*:Enab​led:My Security Engine"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 ======List of files/folders created in the last 3 months======

 2010-04-30 00:39:03 ----A---- C:\Ad-Report-CLEAN[2].txt
 2010-04-29 23:55:38 ----A---- C:\Program Files\AD-R.exe
 2010-04-29 23:27:10 ----A---- C:\Ad-Report-CLEAN[1].txt
 2010-04-29 23:23:57 ----D---- C:\Ad-Remover
 2010-04-28 22:42:43 ----D---- C:\Program Files\Avira
 2010-04-28 22:42:43 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
 2010-04-27 23:33:36 ----A---- C:\TB.txt
 2010-04-27 23:32:45 ----D---- C:\ToolBar SD
 2010-04-27 23:15:11 ----RASHD---- C:\autorun.inf
 2010-04-27 23:11:17 ----A---- C:\easy jet.txt
 2010-04-27 22:41:39 ----D---- C:\UsbFix
 2010-04-26 23:13:40 ----A---- C:\WINDOWS\ntbtlog.txt
 2010-04-26 22:26:22 ----D---- C:\rsit
 2010-04-26 22:21:04 ----SHD---- C:\Documents and Settings\All Users\Application Data\MSLLE
 2010-04-26 22:17:53 ----SHD---- C:\Documents and Settings\All Users\Application Data\063f627
 2010-04-26 21:48:50 ----D---- C:\Documents and Settings\Camille2\Application Data\GlarySoft
 2010-04-26 21:45:33 ----D---- C:\Program Files\Glary Utilities
 2010-04-24 18:02:48 ----D---- C:\Program Files\RegCleaner
 2010-04-24 09:36:46 ----A---- C:\WINDOWS\SchedLgU.Txt
 2010-04-21 18:25:50 ----D---- C:\WINDOWS\BDOSCAN8
 2010-04-21 07:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB97968​3$
 2010-04-21 07:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB98023​2$
 2010-04-21 07:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB98134​9$
 2010-04-21 07:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB97833​8$
 2010-04-21 07:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB97781​6$
 2010-04-20 12:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB97860​1$
 2010-04-20 12:49:45 ----HDC---- C:\WINDOWS\$NtUninstallKB97930​9$
 2010-04-11 22:10:06 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
 2010-04-11 22:10:03 ----D---- C:\Program Files\Fichiers communs\Java
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\javaws.exe
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\javaw.exe
 2010-04-11 22:09:34 ----A---- C:\WINDOWS\system32\java.exe
 2010-04-11 22:04:18 ----D---- C:\Documents and Settings\Camille2\Application Data\Sun
 2010-04-10 21:48:58 ----D---- C:\Program Files\Panda Security
 2010-04-10 21:45:27 ----D---- C:\Program Files\ESET
 2010-04-10 19:16:16 ----A---- C:\mbam-error.txt
 2010-04-10 19:14:20 ----D---- C:\Documents and Settings\Camille2\Application Data\Malwarebytes
 2010-04-08 18:02:41 ----D---- C:\Documents and Settings\Camille2\Application Data\Mozilla
 2010-04-08 18:02:38 ----D---- C:\Program Files\Mozilla Firefox
 2010-04-06 21:04:49 ----D---- C:\Documents and Settings\Camille2\Application Data\Macromedia
 2010-04-06 21:04:48 ----D---- C:\Documents and Settings\Camille2\Application Data\Adobe
 2010-03-30 11:11:12 ----ASH---- C:\Documents and Settings\Camille2\Application Data\desktop.ini
 2010-03-30 11:11:11 ----SD---- C:\Documents and Settings\Camille2\Application Data\Microsoft
 2010-03-30 11:11:11 ----D---- C:\Documents and Settings\Camille2\Application Data\InstallShield
 2010-03-30 11:11:11 ----D---- C:\Documents and Settings\Camille2\Application Data\Identities
 2010-03-15 19:31:11 ----D---- C:\WINDOWS\pss
 2010-03-12 12:04:39 ----N---- C:\WINDOWS\system32\browsercho​ice.exe
 2010-03-12 08:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB97556​1$
 2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\SETB.tmp
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\SETE.tmp
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\SETD.tmp
 2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\SET14.tmp
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\SET16.tmp
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\SET15.tmp
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\SET1A.tmp
 2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\SET1E.tmp
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\SET20.tmp
 2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\SET25.tmp
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\SET29.tmp
 2010-03-08 08:10:54 ----D---- C:\WINDOWS\ie7updates
 2010-03-08 08:09:48 ----D---- C:\WINDOWS\WBEM
 2010-03-08 08:07:55 ----HDC---- C:\WINDOWS\ie7
 2010-03-08 08:07:30 ----HDC---- C:\WINDOWS\$NtServicePackUnins​tallIDNMitigationAPIs$
 2010-03-08 08:06:48 ----HDC---- C:\WINDOWS\$NtServicePackUnins​tallNLSDownlevelMapping$
 2010-03-07 21:45:30 ----SD---- C:\ComboFix
 2010-03-07 21:45:09 ----D---- C:\Qoobox
 2010-03-07 02:13:59 ----SHD---- C:\RECYCLER
 2010-03-07 02:06:36 ----A---- C:\TCleaner.txt
 2010-03-04 21:15:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
 2010-03-03 21:23:34 ----A---- C:\Boot.bak
 2010-03-03 21:23:29 ----RASHD---- C:\cmdcons
 2010-03-02 23:53:28 ----A---- C:\WINDOWS\system32\MRT.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\zip.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWXCACLS.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWSC.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\SWREG.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\sed.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\PEV.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\NIRCMD.exe
 2010-03-02 21:24:23 ----A---- C:\WINDOWS\grep.exe
 2010-03-02 21:24:10 ----D---- C:\WINDOWS\ERDNT
 2010-03-02 00:41:48 ----D---- C:\WINDOWS\Minidump
 2010-03-01 21:55:28 ----D---- C:\Program Files\trend micro
 2010-02-28 22:42:18 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 2010-02-28 22:42:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-02-25 03:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB97930​6$
 2010-02-11 01:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB97826​2$
 2010-02-11 01:51:21 ----HDC---- C:\WINDOWS\$NtUninstallKB97146​8$
 2010-02-11 01:51:13 ----HDC---- C:\WINDOWS\$NtUninstallKB97803​7$
 2010-02-11 01:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB97571​3$
 2010-02-11 01:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB97825​1$
 2010-02-11 01:50:52 ----HDC---- C:\WINDOWS\$NtUninstallKB97556​0$
 2010-02-11 01:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB97791​4$
 2010-02-11 01:49:42 ----HDC---- C:\WINDOWS\$NtUninstallKB97870​6$
 2010-02-11 01:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB97716​5$
 2010-02-07 23:55:55 ----A---- C:\WINDOWS\wininit.ini
 2010-02-07 17:25:35 ----D---- C:\Program Files\Marco Polo Français Espagnol

 ======List of files/folders modified in the last 3 months======

 2010-04-30 13:13:14 ----D---- C:\WINDOWS\Prefetch
 2010-04-30 13:01:13 ----D---- C:\WINDOWS\Temp
 2010-04-30 12:53:42 ----D---- C:\WINDOWS\system32\CatRoot2
 2010-04-30 00:50:55 ----SHD---- C:\WINDOWS\Installer
 2010-04-30 00:50:55 ----SD---- C:\WINDOWS\Tasks
 2010-04-30 00:50:55 ----RD---- C:\Program Files
 2010-04-29 21:37:45 ----D---- C:\WINDOWS
 2010-04-28 22:43:05 ----D---- C:\WINDOWS\system32\drivers
 2010-04-28 22:42:52 ----HD---- C:\WINDOWS\inf
 2010-04-28 22:41:34 ----D---- C:\Config.Msi
 2010-04-28 22:41:33 ----D---- C:\WINDOWS\WinSxS
 2010-04-28 20:46:25 ----D---- C:\WINDOWS\java
 2010-04-28 18:24:09 ----D---- C:\WINDOWS\system32
 2010-04-26 21:21:23 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
 2010-04-24 00:37:08 ----D---- C:\WINDOWS\Network Diagnostic
 2010-04-23 22:43:24 ----D---- C:\WINDOWS\Debug
 2010-04-22 23:32:15 ----SD---- C:\WINDOWS\Downloaded Program Files
 2010-04-21 07:25:35 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
 2010-04-21 07:24:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2010-04-21 07:24:02 ----HD---- C:\WINDOWS\$hf_mig$
 2010-04-19 21:55:25 ----D---- C:\Documents and Settings
 2010-04-12 21:41:29 ----D---- C:\WINDOWS\system32\fr-fr
 2010-04-12 21:41:29 ----D---- C:\Program Files\Internet Explorer
 2010-04-11 22:10:03 ----D---- C:\Program Files\Fichiers communs
 2010-04-11 22:09:23 ----D---- C:\Program Files\Java
 2010-04-11 21:54:37 ----D---- C:\WINDOWS\system32\config
 2010-04-11 21:54:13 ----D---- C:\WINDOWS\system32\wbem
 2010-04-11 21:54:13 ----D---- C:\WINDOWS\Registration
 2010-04-09 12:58:58 ----D---- C:\WINDOWS\system32\CatRoot
 2010-03-30 11:07:04 ----A---- C:\WINDOWS\system32\PerfString​Backup.INI
 2010-03-15 19:33:06 ----RASH---- C:\boot.ini
 2010-03-15 19:33:06 ----A---- C:\WINDOWS\win.ini
 2010-03-15 19:33:06 ----A---- C:\WINDOWS\system.ini
 2010-03-12 08:24:33 ----D---- C:\Program Files\Movie Maker
 2010-03-11 14:34:41 ----A---- C:\WINDOWS\system32\wininet.dl​l
 2010-03-11 14:34:40 ----N---- C:\WINDOWS\system32\pngfilt.dl​l
 2010-03-11 14:34:40 ----N---- C:\WINDOWS\system32\occache.dl​l
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\webcheck.d​ll
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\urlmon.dll
 2010-03-11 14:34:40 ----A---- C:\WINDOWS\system32\url.dll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\mstime.dll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\msrating.d​ll
 2010-03-11 14:34:39 ----N---- C:\WINDOWS\system32\mshtmled.d​ll
 2010-03-11 14:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeedsbs.​dll
 2010-03-11 14:34:37 ----A---- C:\WINDOWS\system32\msfeeds.dl​l
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\jsproxy.dl​l
 2010-03-11 14:34:36 ----A---- C:\WINDOWS\system32\iertutil.d​ll
 2010-03-11 14:34:35 ----N---- C:\WINDOWS\system32\iernonce.d​ll
 2010-03-11 14:34:35 ----N---- C:\WINDOWS\system32\iepeers.dl​l
 2010-03-11 14:34:35 ----A---- C:\WINDOWS\system32\ieframe.dl​l
 2010-03-11 14:34:32 ----N---- C:\WINDOWS\system32\iedkcs32.d​ll
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieencode.d​ll
 2010-03-11 14:34:32 ----A---- C:\WINDOWS\system32\ieapfltr.d​ll
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\ieaksie.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\ieakeng.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\extmgr.dll
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\dxtrans.dl​l
 2010-03-11 14:34:31 ----N---- C:\WINDOWS\system32\dxtmsft.dl​l
 2010-03-11 14:34:31 ----A---- C:\WINDOWS\system32\icardie.dl​l
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\corpol.dll
 2010-03-11 14:34:30 ----A---- C:\WINDOWS\system32\advpack.dl​l
 2010-03-10 15:19:17 ----N---- C:\WINDOWS\system32\ie4uinit.e​xe
 2010-03-10 15:19:17 ----A---- C:\WINDOWS\system32\ieudinit.e​xe
 2010-03-09 13:10:23 ----A---- C:\WINDOWS\system32\vbscript.d​ll
 2010-03-09 04:28:20 ----A---- C:\WINDOWS\system32\deploytk.d​ll
 2010-03-08 08:15:02 ----D---- C:\WINDOWS\Help
 2010-03-08 08:09:27 ----D---- C:\WINDOWS\Media
 2010-03-08 07:53:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2010-03-07 22:11:16 ----D---- C:\Program Files\Yahoo!
 2010-03-06 13:51:23 ----SHD---- C:\System Volume Information
 2010-03-06 13:51:23 ----D---- C:\WINDOWS\system32\Restore
 2010-03-04 22:08:19 ----D---- C:\Program Files\Fichiers communs\Adobe
 2010-03-04 21:34:48 ----D---- C:\Program Files\Adobe
 2010-03-03 21:28:34 ----D---- C:\WINDOWS\AppPatch
 2010-03-02 22:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB96137​3$
 2010-03-01 00:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB97196​1$
 2010-02-28 20:47:18 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt
 2010-02-23 07:18:28 ----N---- C:\WINDOWS\system32\ieakui.dll
 2010-02-16 21:06:59 ----N---- C:\WINDOWS\system32\ntoskrnl.e​xe
 2010-02-16 21:06:56 ----N---- C:\WINDOWS\system32\ntkrnlpa.e​xe
 2010-02-12 06:34:07 ----A---- C:\WINDOWS\system32\6to4svc.dl​l
 2010-02-07 17:29:21 ----D---- C:\Program Files\Marco Polo Français-Anglais Thematic

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2009-03-30 96104]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2010-04-29 28520]
 R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\to​srfcom.sys [2007-10-02 64128]
 R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wm​iacpi.sys [2008-04-13 8832]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2010-04-29 56816]
 R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fs​sfltr_tdi.sys [2009-08-05 54752]
 R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\Cm​Batt.sys [2008-04-13 13952]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-14 144384]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ig​xpmp32.sys [2007-12-19 5854688]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2008-05-08 4739072]
 R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\Ro​otMdm.sys [2008-04-14 5888]
 R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RT​S5121.sys [2008-06-11 156160]
 R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT​2860.sys [2008-05-19 625792]
 R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​enicxp.sys [2008-06-11 106368]
 R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\to​sporte.sys [2006-10-10 41600]
 R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\to​srfbd.sys [2008-02-15 131712]
 R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\to​srfbnp.sys [2007-11-29 36608]
 R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\To​srfhid.sys [2008-01-31 74240]
 R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\to​srfnds.sys [2005-01-07 18612]
 R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\to​srfusb.sys [2007-10-18 41856]
 R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\us​behci.sys [2008-04-13 30208]
 R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\us​bhub.sys [2008-04-13 59520]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 S3 catchme;catchme; \??\C:\DOCUME~1\CAMILL~1.NOM\L​OCALS~1\Temp\catchme.sys []
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GE​ARAspiWDM.sys [2009-05-18 26600]
 S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\driver​s\mbamswissarmy.sys []
 S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-23 12288]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 rtl8187Se;Realtek RTL8187SE Wireless LAN PCIE Network Adapter; C:\WINDOWS\system32\DRIVERS\rt​l8187Se.sys [2008-07-10 306176]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\to​srfsnd.sys [2008-01-22 54144]
 S3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\UL​CDRHlp.sys [2004-12-23 27392]
 S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\us​baapl.sys [2009-08-28 40448]
 S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-14 26368]
 S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\us​bvideo.sys [2008-04-13 121984]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\Wu​dfPf.sys [2006-09-28 77568]
 S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wu​dfrd.sys [2006-09-28 82944]
 S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\In​telIde.sys []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-04-29 108289]
 R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-29 185089]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2009-08-28 144672]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-12-12 238888]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
 R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [2008-06-09 159744]
 R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
 R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
 S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]
 S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
 S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
 S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------

  1. homepage
hacker-tool
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 30/04/2010 à 11:30:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 - Télécharge LopSD et enregistres le sur ton bureau:
 http://eric.71.mespages.googlepages.com/LopSD.exe

 - Désactives la garde de ton antivirus, antispyware, Parfeux etc...etc...

 - Double clique sur l'icône de ton bureau pour lancer l'install

 - Une fois installé, fermes toutes les applications en cours

 - Double-clique sur lopsd.exe et choisis la langue puis valides par "Entrée "

 - Au menu, choisis l'option (1)Recherche, et patientes jusqu'à la fin du scan

 - Un rapport sera généré, postes son contenu

 Note : le rapport est stoquer ici : c:\lopR.txt

 Page :
1  2  3  4
Dernière Page
Page Suivante
Page Précédente
Première Page

Aller à :
 

Sujets relatifs
W32/Patched.UA impossible a supprimer avec Antivir :-( ( résolu) Déclenchement intempestif de ma webcam
[RESOLU] Comment se débarrasser d'un cheval de troie ? déclenchement alerte antivir qu m'oblige à l'acheter[RESOLU]
infection Trojan TR\FakeAV.bak.2 Antivir version free v/s payante
antivir et sa mise à jour  
Plus de sujets relatifs à : Déclenchement antivir pour 'JS/FakeAV.62361' (Résolu)

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Zone Alarm ou Pare Feu Windows 7 ? 1
Question Piratage d'un PC via IP 2
fenêtres intempestives 46
Soucis messagerie instantanée msn, probleme javascript 1
Souris plante sur ma session et pas en administrateur 33